| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Anitvirus Programm findet Virus aber keine Probleme ?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
29.11.2015, 12:20
| #1 |
 |  Anitvirus Programm findet Virus aber keine Probleme ? Hallo an alle in diesem Forum und an das Team was alle HIlfeanfragen bearbeitet. Ersteinmal dankeschön für die prompte und schnelle HIlfe bei Fragen und Problemen. Aber zu meiner Sache ich habe nen Virus FUnd beim Suchlauf des Antivirusprogramm gefunden. Alles unverhofft, weil eigentlich keine Probleme bestanden von Seiten meines Computers. Im Oktober hatte den letzten Suchlauf gemacht da waren noch keine Fehler. Jetzt waren im Suchlauf 4 Funde und das kuriose für mich in Dateien die auch schon auf dem Computer waren die im Suchlauf im Oktober geprüft werden mussten. Die Funde waren 2 Viren. Hiermit stelle ich euch zur Ansicht ein Teil der Auswertung des Berichts rein damit ihr sehen könnt um was es sich handelt und wie es beseitigt wurde vom Programm. Der Suchlauf über die ausgewählten Dateien wird begonnen: Beginne mit der Suche in 'C:\' [0] Archivtyp: RSRC --> C:\Users\Martin_2\Downloads\FRAPS - CHIP-Installer.exe [1] Archivtyp: Runtime Packed --> C:\Users\Martin_2\Downloads\FreeAudioCDBurner_2.0.33.525.exe [2] Archivtyp: Inno Setup --> {tmp}\OCSetupHlp.dll [FUND] Enthält Muster der Software PUA/OpenCandy.Gen [WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden C:\Users\Martin_2\Downloads\FreeAudioCDBurner_2.0.33.525.exe [FUND] Enthält Muster der Software PUA/OpenCandy.Gen --> C:\Users\Martin_2\Downloads\FreeYouTubeToMP3Converter_3.12.59.525.exe [2] Archivtyp: Inno Setup --> {tmp}\OCSetupHlp.dll [FUND] Enthält Muster der Software PUA/OpenCandy.Gen [WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden C:\Users\Martin_2\Downloads\FreeYouTubeToMP3Converter_3.12.59.525.exe [FUND] Enthält Muster der Software PUA/OpenCandy.Gen Beginne mit der Suche in 'E:\' <Volume> Beginne mit der Desinfektion: C:\Users\Martin_2\Downloads\FreeYouTubeToMP3Converter_3.12.59.525.exe [FUND] Enthält Muster der Software PUA/OpenCandy.Gen [HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50d448cc.qua' verschoben! C:\Users\Martin_2\Downloads\FreeAudioCDBurner_2.0.33.525.exe [FUND] Enthält Muster der Software PUA/OpenCandy.Gen [HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4843677b.qua' verschoben! Ich hoffe ihr könnt mir weiterhelfen was ich machen müsste und ob Probleme entstehen könnten. Einen schönen 1. Advent wünsche ich euch allen. MFG Ossel |
|
29.11.2015, 12:54
| #2 |
| /// TB-Ausbilder   | Anitvirus Programm findet Virus aber keine Probleme ? Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen. Bitte beachte folgende Hinweise:
Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
Danke für deine Mitarbeit! Zur ersten Analyse bitte FRST und TDSS-Killer ausführen: Schritt 1 Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
Schritt 2 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
Bitte poste mit deiner nächsten Antwort
|
|
02.12.2015, 01:25
| #3 |
| | Anitvirus Programm findet Virus aber keine Probleme ? FRST:
__________________Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von Martin (Administrator) auf HORTKIND (02-12-2015 01:22:27)
Gestartet von C:\Users\Martin\Downloads
Geladene Profile: Martin & Martin_2 & postgres (Verfügbare Profile: Martin & Franzi & Martin_2 & UpdatusUser & postgres)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Valve Corporation) E:\Steam\Steam.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1946159566-2597201721-649942275-1005\...\Run: [Steam] => E:\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-1946159566-2597201721-649942275-1005\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1946159566-2597201721-649942275-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{47F4B598-D74D-4473-AB02-AF9C25D58E8C}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{70398351-FC00-42EC-A769-D01F7A60262C}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1946159566-2597201721-649942275-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1946159566-2597201721-649942275-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1005 -> {39B95236-B403-4FFC-865F-632D50ED950A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=301e5fc1-5779-49b6-ae6c-294ef966bda2&apn_sauid=B4FF7A36-FCAF-43A1-9A41-C9AC28FE6075
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1005 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={AE22BF52-6799-4A0B-A9F8-19CF6F86893C}&mid=ff31abb759e247d0a2f8d16f5effffac-3d5a0b6b088d02546a84e551975de48d0a65403a&lang=de&ds=nr011&pr=sa&d=2013-01-26 18:42:11&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
Toolbar: HKU\S-1-5-21-1946159566-2597201721-649942275-1005 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll [2013-02-28] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2014-04-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-10-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default\searchplugins\google-images.xml [2014-12-17]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default\searchplugins\google-maps.xml [2014-12-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [ist nicht signiert]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-21] ()
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-17] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-12] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-02 01:22 - 2015-12-02 01:22 - 00013076 _____ C:\Users\Martin\Downloads\FRST.txt
2015-12-02 01:22 - 2015-12-02 01:22 - 00000000 ____D C:\FRST
2015-12-02 01:21 - 2015-12-02 01:21 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Martin\Downloads\tdsskiller.exe
2015-12-02 01:21 - 2015-12-02 01:21 - 02350080 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2015-12-01 23:01 - 2015-12-01 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-27 21:09 - 2015-11-28 00:00 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\25Assist
2015-11-27 21:08 - 2015-11-27 21:08 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\WinRAR
2015-11-27 21:07 - 2015-11-27 21:07 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-27 21:07 - 2015-11-27 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-27 21:07 - 2015-11-27 21:07 - 00000000 ____D C:\Program Files\WinRAR
2015-11-12 22:06 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 02:33 - 2015-11-11 02:33 - 05286088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-11-10 23:11 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-10 23:11 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-10 23:11 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-10 23:11 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-10 23:11 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-10 23:11 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-10 23:11 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-10 23:11 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-10 23:11 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-10 23:11 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-10 23:11 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-10 23:11 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-10 23:11 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-10 23:11 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-10 23:11 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-10 23:11 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-10 23:11 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-10 23:11 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-10 23:11 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-10 23:11 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-10 23:11 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-10 23:11 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-10 23:11 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-10 23:11 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-10 23:11 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-10 23:11 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-10 23:11 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-10 23:11 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-10 23:11 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-10 23:11 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-10 23:11 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-10 23:11 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-10 23:11 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-10 23:11 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-10 23:11 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-10 23:11 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-10 23:11 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-10 23:11 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-10 23:11 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-10 23:11 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-10 23:11 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-10 23:11 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-10 23:11 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-10 23:11 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-10 23:11 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-10 23:11 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-10 23:11 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-10 23:11 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-10 23:11 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-10 23:11 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-10 23:10 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-10 23:10 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-10 23:10 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-10 23:10 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-10 23:10 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-10 23:10 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-10 23:10 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-10 23:10 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-10 23:10 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-10 23:10 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-10 23:10 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-10 23:10 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-10 23:10 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-10 23:10 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-10 23:10 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-10 23:10 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-10 23:10 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-10 23:10 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-10 23:10 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-10 23:10 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-10 23:10 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-10 23:10 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-10 23:10 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-10 23:10 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-10 23:10 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-10 23:10 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-10 23:10 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-10 23:10 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-10 23:10 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-10 23:10 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-10 23:10 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-10 23:10 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-10 23:10 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-10 23:10 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-10 23:10 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-10 23:10 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-10 23:10 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-10 23:10 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-10 23:10 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-10 23:10 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-10 23:10 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-10 23:10 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-10 23:10 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-10 23:10 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-10 23:10 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-10 23:10 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-10 23:10 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-10 23:10 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-10 23:10 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-10 23:10 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 23:10 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-10 23:10 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-10 23:10 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 21:18 - 2015-12-02 00:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-09 21:18 - 2015-11-09 21:18 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-09 21:18 - 2015-11-09 21:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-06 23:05 - 2015-11-09 20:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-02 01:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-02 01:21 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-02 01:21 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-02 00:33 - 2012-04-18 10:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-01 23:01 - 2015-09-27 23:02 - 00001952 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk
2015-12-01 23:00 - 2015-09-27 23:01 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-01 23:00 - 2015-09-27 23:01 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-01 23:00 - 2015-09-27 23:01 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-12-01 22:49 - 2011-12-21 23:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-01 22:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-01 02:32 - 2012-01-02 21:03 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\TS3Client
2015-11-27 23:26 - 2011-12-26 22:41 - 00233920 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-11-27 23:26 - 2011-12-23 02:37 - 00233920 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-27 23:26 - 2011-12-23 02:37 - 00233920 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-27 22:48 - 2011-12-26 22:41 - 00000000 ____D C:\Users\Martin_2\AppData\Local\PunkBuster
2015-11-27 22:47 - 2012-02-05 18:50 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-11-16 00:10 - 2012-01-02 21:02 - 00000000 ____D C:\Users\Martin_2\AppData\Local\TeamSpeak 3 Client
2015-11-13 03:26 - 2011-04-12 08:43 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-11-13 03:26 - 2011-04-12 08:43 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-11-13 03:26 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-13 03:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-11-13 03:20 - 2009-07-14 05:45 - 00366736 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 22:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 03:20 - 2013-08-15 02:02 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 03:14 - 2011-12-21 22:47 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 03:13 - 2012-04-12 17:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 03:06 - 2014-02-28 02:30 - 01594028 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 03:01 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 02:33 - 2012-04-18 10:47 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 02:33 - 2012-04-18 10:47 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-11 02:33 - 2011-12-23 21:35 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-09 21:34 - 2012-01-03 21:29 - 00000000 ____D C:\Users\Martin_2\AppData\Local\Adobe
2015-11-09 21:34 - 2011-12-23 21:35 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\Adobe
2015-11-09 21:18 - 2014-12-23 22:17 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-09 21:18 - 2012-01-03 21:28 - 00000000 ____D C:\ProgramData\Adobe
2015-11-09 20:12 - 2012-12-02 18:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-12-12 23:49 - 2014-12-12 23:49 - 0007605 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Franzi\AppData\Local\temp\avgnt.exe
C:\Users\Martin\AppData\Local\temp\avgnt.exe
C:\Users\Martin_2\AppData\Local\temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-11-26 09:20
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Martin (2015-12-02 01:23:19)
Gestartet von C:\Users\Martin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-21 20:59:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1946159566-2597201721-649942275-500 - Administrator - Disabled)
Franzi (S-1-5-21-1946159566-2597201721-649942275-1004 - Limited - Enabled) => C:\Users\Franzi
Gast (S-1-5-21-1946159566-2597201721-649942275-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1946159566-2597201721-649942275-1002 - Limited - Enabled)
Martin (S-1-5-21-1946159566-2597201721-649942275-1000 - Administrator - Enabled) => C:\Users\Martin
Martin_2 (S-1-5-21-1946159566-2597201721-649942275-1005 - Limited - Enabled) => C:\Users\Martin_2
postgres (S-1-5-21-1946159566-2597201721-649942275-1008 - Limited - Enabled) => C:\Users\postgres
UpdatusUser (S-1-5-21-1946159566-2597201721-649942275-1006 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
America's Army: Proving Grounds Beta (HKLM-x32\...\Steam App 203290) (Version: - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.125 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Siedler - Aufbruch der Kulturen (HKLM-x32\...\SADK) (Version: - )
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - )
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
Free Audio CD Burner version 2.0.33.525 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.33.525 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.525 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.525 - DVDVideoSoft Ltd.)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{54B0845F-5540-4492-9939-CD8880ABABF0}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1946159566-2597201721-649942275-1005\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-1946159566-2597201721-649942275-1000\...\Warcraft III) (Version: - )
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
CustomCLSID: HKU\S-1-5-21-1946159566-2597201721-649942275-1005_Classes\CLSID\{c31ca596-532d-a36f-e223-ce16b9ac70a56}\InprocServer32 -> 0xC99207A61842D00126CFC833E94ED001060000000900000000000000 => Keine Datei
==================== Wiederherstellungspunkte =========================
30-10-2015 10:13:50 Geplanter Prüfpunkt
09-11-2015 20:49:33 Geplanter Prüfpunkt
11-11-2015 02:58:37 Windows Update
13-11-2015 03:00:19 Windows Update
27-11-2015 20:55:29 Geplanter Prüfpunkt
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2014-12-16 00:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {40A1B172-BFC3-447A-A94B-6BE59EF6D54C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {5F988119-92A6-4FE0-AC1D-59F8B228526B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {6E54DBE4-2439-456B-A0D5-C6DC8B2DD6A1} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HpWebReg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {AFC2E1DD-36A9-4AA5-8DF2-6BF723AA7FE4} - System32\Tasks\{3AAF5C2C-095A-4AF7-8577-6B2E77592076} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {BB1B2AB9-47E5-4641-AE8F-BA210B6BA02C} - System32\Tasks\HP Deskjet 2050 J510 series.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {D77A1060-02D8-41C4-8CF2-7080D4D161CD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-12-26 23:41 - 2013-01-18 16:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-12-23 02:37 - 2014-06-21 02:14 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-06 15:15 - 2014-02-18 09:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2015-02-06 15:16 - 2012-08-14 14:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll
2013-03-12 17:10 - 2015-10-05 17:18 - 00778752 _____ () E:\Steam\SDL2.dll
2015-01-21 19:03 - 2015-07-03 17:12 - 04962816 _____ () E:\Steam\v8.dll
2015-01-21 19:03 - 2015-07-03 17:12 - 01556992 _____ () E:\Steam\icui18n.dll
2015-01-21 19:03 - 2015-07-03 17:12 - 01187840 _____ () E:\Steam\icuuc.dll
2014-05-21 21:38 - 2015-11-10 03:44 - 02541648 _____ () E:\Steam\video.dll
2014-09-02 21:15 - 2015-09-24 01:33 - 02549248 _____ () E:\Steam\libavcodec-56.dll
2014-09-02 21:15 - 2015-09-24 01:33 - 00442880 _____ () E:\Steam\libavutil-54.dll
2014-09-02 21:15 - 2015-09-24 01:33 - 00491008 _____ () E:\Steam\libavformat-56.dll
2014-09-02 21:15 - 2015-09-24 01:33 - 00332800 _____ () E:\Steam\libavresample-2.dll
2014-09-02 21:15 - 2015-09-24 01:33 - 00485888 _____ () E:\Steam\libswscale-3.dll
2012-03-01 23:38 - 2015-11-10 03:44 - 00806992 _____ () E:\Steam\bin\chromehtml.DLL
2015-07-23 23:14 - 2015-11-03 23:00 - 00201728 _____ () E:\Steam\bin\openvr_api.dll
2012-03-01 23:38 - 2015-10-08 23:20 - 45010208 _____ () E:\Steam\bin\libcef.dll
2015-01-21 19:03 - 2015-09-25 00:56 - 00119208 _____ () E:\Steam\winh264.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1946159566-2597201721-649942275-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1946159566-2597201721-649942275-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{4D4DAEB3-50B6-4AFB-9089-49E140718FFC}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{6A87580C-6250-4A10-A786-386801CCD9F0}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{D32DF0ED-DABF-49FC-8CE8-153A5DE53E8F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2B1AB722-4096-496E-8F7B-5A5763151F1C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BA924145-3367-433F-B9B1-E5538F994E65}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{71384331-E5FF-4A44-9473-A040ADB041AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{AC60C9F0-5C7F-4C60-80AF-A823F70D063C}E:\warcraft iii\war3.exe] => (Allow) E:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{5FD8D355-CC2C-426E-BD8C-F8E8E50DFC95}E:\warcraft iii\war3.exe] => (Allow) E:\warcraft iii\war3.exe
FirewallRules: [{B9437D32-A009-494B-8CB2-9B15648DC51A}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{FEB4C588-588E-4DC1-9561-FBD1D2DDEB7B}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{1E0EB67B-7F4A-4BF9-BA34-2248B5B5D934}] => (Allow) E:\Diablo III\Diablo III.exe
FirewallRules: [{BAC7A7FF-EC53-4D74-976C-DDF004FD770D}] => (Allow) E:\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{0DFF146F-3969-40B8-8D8A-AF215E9DD3AF}E:\world_of_tanks\worldoftanks.exe] => (Allow) E:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{D818B4D1-4447-4386-9EF2-04E6B2F54040}E:\world_of_tanks\worldoftanks.exe] => (Allow) E:\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{BD2F3E3A-6202-4065-8010-90C20D862ECB}E:\world_of_tanks\wotlauncher.exe] => (Allow) E:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{8353764E-2D3B-42C2-93DC-D8A9E0570A2B}E:\world_of_tanks\wotlauncher.exe] => (Allow) E:\world_of_tanks\wotlauncher.exe
FirewallRules: [{1BD99672-03CD-476F-AF3F-DFC66BAC234E}] => (Allow) E:\StarCraft II\StarCraft II.exe
FirewallRules: [{661FC810-267C-4C3E-BBAE-0FE0BDC1C3AA}] => (Allow) E:\StarCraft II\StarCraft II.exe
FirewallRules: [{E37A7749-137E-4FD3-9971-3289C284650B}] => (Allow) E:\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{71ABFE45-F5EC-44CB-B038-181866A891BE}] => (Allow) E:\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{77A39096-3684-4E52-BD38-FF925CB275D8}E:\starcraft ii\versions\base24944\sc2.exe] => (Allow) E:\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{6B97C22F-3F5B-4578-BB70-7162E48030C1}E:\starcraft ii\versions\base24944\sc2.exe] => (Allow) E:\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [{52360F0A-803F-43A0-A997-37A29A94CAC3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{354F0C22-5D91-4858-9AD2-1F8137AAB27E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{9BB0F549-145F-493B-A9DB-9ACD8B246876}E:\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) E:\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [UDP Query User{BF2FFAE4-5400-4947-9DEA-8C3F824A0F64}E:\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) E:\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [{765600F6-7F53-4262-8842-3E3AC844B5BB}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{3B840478-C2A0-4507-ACF7-38DA949BB274}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{EB44CFA7-CC1E-431B-A107-819428E7DE8B}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D877DCEB-3CD5-409E-972F-5AB9266E8BB6}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7EACA803-C806-493E-ADBD-62881207F774}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{D26484FA-D4A8-4E30-8F09-CFAA653A6376}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{171CC73E-4337-445F-B758-F148D8357B7C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8848C9DC-8840-4D48-84B8-6E078A1217EC}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{2D9E1F6D-B1AE-480C-B54D-8165990D5FB0}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [UDP Query User{7772A721-EB86-419B-A833-FE9DA6CC2ABF}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [TCP Query User{0DD20770-675C-4B22-8FD5-E33F897B09D8}E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [UDP Query User{176B0B1A-DFEC-4C20-A604-2598FA4A55DF}E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [{3BC3A213-D2E6-42CC-B4F3-1DD4086386A0}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8306151D-1726-4126-98E1-D269460F4207}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C94727CC-BA27-45FD-8D9C-18C32B4CF201}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{1D98E21C-C1D3-4745-9C8A-CA7AEB893677}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{DBE9B1F7-8340-4BD1-A89E-A3BE6DB1D9CF}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{127EC0A1-2047-4213-8801-4539AA529213}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{0D099624-D553-435C-AEC6-D5B30CF9C3B0}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{80B4ACDC-4381-4828-A3D7-AC3447DD7CDD}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{4E5BF445-DFAA-4D71-9C72-4F8221C1EA2A}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{CED86F52-4553-4674-B73E-6166342DFAC5}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{C61F78F6-F8DB-48CD-8772-41CD6EF7D049}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C00F5169-10C9-42B0-AC09-9960712384FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2A479E5E-D00A-45DF-A305-BD0B8A363611}] => (Allow) LPort=5432
FirewallRules: [{9192585E-D207-4C1B-9953-5D09A54893E5}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{87A0EC8A-3BDE-4421-B4DE-54C172CD0D68}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{09F078DF-C6F8-4E16-800B-79F9ABD72FB8}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{7660A974-1AC3-456D-9765-48747D39000A}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{00CA72EE-76E2-440A-AAFF-08F1F3FE3EED}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{765E56CB-6FAA-45E6-A8A8-E540472428A2}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0514B855-93F0-4123-86E9-4FEB713C61F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D8FF3575-D4A0-42EE-8C40-FBD6166A5CB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A29973C5-59F7-4916-A428-59AD081E0525}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{1DA23919-688F-411A-88E5-BDE68E00D391}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [TCP Query User{B0F9CDD7-628C-4AC0-89E8-04D8BFE3CD2A}C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe] => (Allow) C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe
FirewallRules: [UDP Query User{11AB80CB-6110-46AE-8271-637CE3E35A52}C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe] => (Allow) C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/01/2015 11:20:46 PM) (Source: MsiInstaller) (EventID: 1024) (User: Hortkind)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6F00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (12/01/2015 10:49:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/01/2015 10:49:33 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-12-01 22:49:33 CETFATAL: the database system is starting up
Error: (11/30/2015 11:56:52 PM) (Source: MsiInstaller) (EventID: 1024) (User: Hortkind)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6F00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (11/30/2015 08:27:16 PM) (Source: MsiInstaller) (EventID: 1024) (User: Hortkind)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6F00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (11/30/2015 08:15:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/30/2015 08:14:42 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-11-30 20:14:42 CETFATAL: the database system is starting up
Error: (11/29/2015 00:13:28 PM) (Source: MsiInstaller) (EventID: 1024) (User: Hortkind)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6F00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127
Error: (11/29/2015 00:01:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (11/29/2015 00:01:06 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-11-29 12:01:06 CETFATAL: the database system is starting up
Systemfehler:
=============
Error: (12/01/2015 10:51:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (12/01/2015 10:51:53 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/30/2015 08:17:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/30/2015 08:17:17 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/29/2015 00:03:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/29/2015 00:03:36 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/27/2015 08:07:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/27/2015 08:07:38 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (11/26/2015 08:42:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (11/26/2015 08:42:53 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
CodeIntegrity:
===================================
Date: 2014-12-16 00:10:42.684
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-16 00:10:42.637
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 4094.85 MB
Verfügbarer physikalischer RAM: 2345.03 MB
Summe virtueller Speicher: 8187.91 MB
Verfügbarer virtueller Speicher: 5945.46 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:270.35 GB) (Free:180.03 GB) NTFS
Drive d: (CIVILIZATION5) (CDROM) (Total:3.02 GB) (Free:0 GB) CDFS
Drive e: (Volume) (Fixed) (Total:195.31 GB) (Free:90.73 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 194F194F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=270.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
02.12.2015, 01:41
| #4 |
| | Anitvirus Programm findet Virus aber keine Probleme ? TDSSkiller: Code:
ATTFilter 01:29:35.0507 0x0c88 TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
01:30:55.0138 0x0c88 ============================================================
01:30:55.0138 0x0c88 Current date / time: 2015/12/02 01:30:55.0138
01:30:55.0138 0x0c88 SystemInfo:
01:30:55.0138 0x0c88
01:30:55.0138 0x0c88 OS Version: 6.1.7601 ServicePack: 1.0
01:30:55.0138 0x0c88 Product type: Workstation
01:30:55.0138 0x0c88 ComputerName: HORTKIND
01:30:55.0138 0x0c88 UserName: Martin
01:30:55.0138 0x0c88 Windows directory: C:\Windows
01:30:55.0138 0x0c88 System windows directory: C:\Windows
01:30:55.0138 0x0c88 Running under WOW64
01:30:55.0138 0x0c88 Processor architecture: Intel x64
01:30:55.0138 0x0c88 Number of processors: 4
01:30:55.0138 0x0c88 Page size: 0x1000
01:30:55.0138 0x0c88 Boot type: Normal boot
01:30:55.0138 0x0c88 ============================================================
01:30:56.0464 0x0c88 KLMD registered as C:\Windows\system32\drivers\99339242.sys
01:30:56.0838 0x0c88 System UUID: {FF7FFEF3-A591-D896-1733-90FA5C9BDA85}
01:30:57.0400 0x0c88 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
01:30:57.0400 0x0c88 ============================================================
01:30:57.0400 0x0c88 \Device\Harddisk0\DR0:
01:30:57.0400 0x0c88 MBR partitions:
01:30:57.0400 0x0c88 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:30:57.0400 0x0c88 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x21CB3000
01:30:57.0400 0x0c88 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x21CE5800, BlocksNum 0x1869F800
01:30:57.0400 0x0c88 ============================================================
01:30:57.0431 0x0c88 C: <-> \Device\Harddisk0\DR0\Partition2
01:30:57.0462 0x0c88 E: <-> \Device\Harddisk0\DR0\Partition3
01:30:57.0462 0x0c88 ============================================================
01:30:57.0462 0x0c88 Initialize success
01:30:57.0462 0x0c88 ============================================================
01:31:32.0702 0x0144 ============================================================
01:31:32.0702 0x0144 Scan started
01:31:32.0702 0x0144 Mode: Manual; SigCheck; TDLFS;
01:31:32.0702 0x0144 ============================================================
01:31:32.0702 0x0144 KSN ping started
01:31:35.0105 0x0144 KSN ping finished: true
01:31:36.0602 0x0144 ================ Scan system memory ========================
01:31:36.0602 0x0144 System memory - ok
01:31:36.0602 0x0144 ================ Scan services =============================
01:31:36.0696 0x0144 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
01:31:36.0743 0x0144 1394ohci - ok
01:31:36.0774 0x0144 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:31:36.0790 0x0144 ACPI - ok
01:31:36.0805 0x0144 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:31:36.0836 0x0144 AcpiPmi - ok
01:31:36.0930 0x0144 [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:31:36.0946 0x0144 AdobeARMservice - ok
01:31:37.0039 0x0144 [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:31:37.0055 0x0144 AdobeFlashPlayerUpdateSvc - ok
01:31:37.0086 0x0144 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
01:31:37.0117 0x0144 adp94xx - ok
01:31:37.0148 0x0144 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
01:31:37.0164 0x0144 adpahci - ok
01:31:37.0211 0x0144 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
01:31:37.0226 0x0144 adpu320 - ok
01:31:37.0258 0x0144 [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:31:37.0273 0x0144 AeLookupSvc - ok
01:31:37.0336 0x0144 [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
01:31:37.0367 0x0144 AFD - ok
01:31:37.0398 0x0144 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
01:31:37.0414 0x0144 agp440 - ok
01:31:37.0429 0x0144 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
01:31:37.0445 0x0144 ALG - ok
01:31:37.0476 0x0144 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
01:31:37.0492 0x0144 aliide - ok
01:31:37.0507 0x0144 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
01:31:37.0507 0x0144 amdide - ok
01:31:37.0538 0x0144 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
01:31:37.0554 0x0144 AmdK8 - ok
01:31:37.0554 0x0144 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
01:31:37.0570 0x0144 AmdPPM - ok
01:31:37.0585 0x0144 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:31:37.0601 0x0144 amdsata - ok
01:31:37.0632 0x0144 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
01:31:37.0648 0x0144 amdsbs - ok
01:31:37.0663 0x0144 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:31:37.0679 0x0144 amdxata - ok
01:31:37.0772 0x0144 [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
01:31:37.0804 0x0144 AntiVirMailService - ok
01:31:37.0866 0x0144 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
01:31:37.0897 0x0144 AntiVirSchedulerService - ok
01:31:37.0944 0x0144 [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
01:31:37.0960 0x0144 AntiVirService - ok
01:31:38.0022 0x0144 [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
01:31:38.0053 0x0144 AntiVirWebService - ok
01:31:38.0100 0x0144 [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
01:31:38.0116 0x0144 AppID - ok
01:31:38.0131 0x0144 [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:31:38.0147 0x0144 AppIDSvc - ok
01:31:38.0178 0x0144 [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
01:31:38.0194 0x0144 Appinfo - ok
01:31:38.0240 0x0144 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
01:31:38.0240 0x0144 arc - ok
01:31:38.0256 0x0144 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
01:31:38.0272 0x0144 arcsas - ok
01:31:38.0365 0x0144 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:31:38.0428 0x0144 aspnet_state - ok
01:31:38.0459 0x0144 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:31:38.0490 0x0144 AsyncMac - ok
01:31:38.0521 0x0144 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
01:31:38.0521 0x0144 atapi - ok
01:31:38.0584 0x0144 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:31:38.0599 0x0144 AudioEndpointBuilder - ok
01:31:38.0630 0x0144 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:31:38.0662 0x0144 AudioSrv - ok
01:31:38.0693 0x0144 [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
01:31:38.0708 0x0144 avgntflt - ok
01:31:38.0740 0x0144 [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
01:31:38.0755 0x0144 avgtp - ok
01:31:38.0786 0x0144 [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
01:31:38.0802 0x0144 avipbb - ok
01:31:38.0818 0x0144 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
01:31:38.0833 0x0144 avkmgr - ok
01:31:38.0849 0x0144 [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
01:31:38.0864 0x0144 avnetflt - ok
01:31:38.0911 0x0144 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:31:38.0942 0x0144 AxInstSV - ok
01:31:38.0974 0x0144 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
01:31:39.0005 0x0144 b06bdrv - ok
01:31:39.0036 0x0144 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:31:39.0067 0x0144 b57nd60a - ok
01:31:39.0083 0x0144 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
01:31:39.0098 0x0144 BDESVC - ok
01:31:39.0114 0x0144 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
01:31:39.0161 0x0144 Beep - ok
01:31:39.0192 0x0144 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
01:31:39.0223 0x0144 BFE - ok
01:31:39.0270 0x0144 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
01:31:39.0348 0x0144 BITS - ok
01:31:39.0395 0x0144 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:31:39.0410 0x0144 blbdrive - ok
01:31:39.0426 0x0144 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:31:39.0442 0x0144 bowser - ok
01:31:39.0457 0x0144 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
01:31:39.0473 0x0144 BrFiltLo - ok
01:31:39.0473 0x0144 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
01:31:39.0488 0x0144 BrFiltUp - ok
01:31:39.0535 0x0144 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
01:31:39.0566 0x0144 BridgeMP - ok
01:31:39.0598 0x0144 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
01:31:39.0613 0x0144 Browser - ok
01:31:39.0629 0x0144 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:31:39.0644 0x0144 Brserid - ok
01:31:39.0660 0x0144 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:31:39.0676 0x0144 BrSerWdm - ok
01:31:39.0691 0x0144 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:31:39.0707 0x0144 BrUsbMdm - ok
01:31:39.0722 0x0144 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:31:39.0722 0x0144 BrUsbSer - ok
01:31:39.0738 0x0144 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
01:31:39.0754 0x0144 BTHMODEM - ok
01:31:39.0800 0x0144 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
01:31:39.0832 0x0144 bthserv - ok
01:31:39.0847 0x0144 catchme - ok
01:31:39.0863 0x0144 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:31:39.0910 0x0144 cdfs - ok
01:31:39.0925 0x0144 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:31:39.0941 0x0144 cdrom - ok
01:31:39.0956 0x0144 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
01:31:40.0003 0x0144 CertPropSvc - ok
01:31:40.0003 0x0144 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
01:31:40.0019 0x0144 circlass - ok
01:31:40.0066 0x0144 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
01:31:40.0081 0x0144 CLFS - ok
01:31:40.0128 0x0144 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:31:40.0144 0x0144 clr_optimization_v2.0.50727_32 - ok
01:31:40.0175 0x0144 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:31:40.0190 0x0144 clr_optimization_v2.0.50727_64 - ok
01:31:40.0237 0x0144 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:31:40.0300 0x0144 clr_optimization_v4.0.30319_32 - ok
01:31:40.0331 0x0144 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:31:40.0346 0x0144 clr_optimization_v4.0.30319_64 - ok
01:31:40.0393 0x0144 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
01:31:40.0409 0x0144 CmBatt - ok
01:31:40.0440 0x0144 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:31:40.0456 0x0144 cmdide - ok
01:31:40.0487 0x0144 [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
01:31:40.0518 0x0144 CNG - ok
01:31:40.0518 0x0144 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
01:31:40.0534 0x0144 Compbatt - ok
01:31:40.0549 0x0144 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
01:31:40.0565 0x0144 CompositeBus - ok
01:31:40.0565 0x0144 COMSysApp - ok
01:31:40.0580 0x0144 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
01:31:40.0596 0x0144 crcdisk - ok
01:31:40.0627 0x0144 [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:31:40.0643 0x0144 CryptSvc - ok
01:31:40.0674 0x0144 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:31:40.0721 0x0144 DcomLaunch - ok
01:31:40.0752 0x0144 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
01:31:40.0783 0x0144 defragsvc - ok
01:31:40.0799 0x0144 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:31:40.0830 0x0144 DfsC - ok
01:31:40.0861 0x0144 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
01:31:40.0892 0x0144 Dhcp - ok
01:31:40.0955 0x0144 [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
01:31:41.0017 0x0144 DiagTrack - ok
01:31:41.0033 0x0144 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
01:31:41.0080 0x0144 discache - ok
01:31:41.0080 0x1250 Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
01:31:41.0095 0x0144 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
01:31:41.0111 0x0144 Disk - ok
01:31:41.0142 0x0144 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:31:41.0158 0x0144 Dnscache - ok
01:31:41.0189 0x0144 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
01:31:41.0236 0x0144 dot3svc - ok
01:31:41.0236 0x0144 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
01:31:41.0282 0x0144 DPS - ok
01:31:41.0298 0x0144 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:31:41.0314 0x0144 drmkaud - ok
01:31:41.0345 0x0144 [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
01:31:41.0376 0x0144 dtsoftbus01 - ok
01:31:41.0423 0x0144 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:31:41.0454 0x0144 DXGKrnl - ok
01:31:41.0470 0x0144 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
01:31:41.0501 0x0144 EapHost - ok
01:31:41.0610 0x0144 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
01:31:41.0735 0x0144 ebdrv - ok
01:31:41.0766 0x0144 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
01:31:41.0797 0x0144 EFS - ok
01:31:41.0860 0x0144 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:31:41.0891 0x0144 ehRecvr - ok
01:31:41.0906 0x0144 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
01:31:41.0922 0x0144 ehSched - ok
01:31:41.0969 0x0144 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
01:31:41.0984 0x0144 elxstor - ok
01:31:42.0000 0x0144 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:31:42.0016 0x0144 ErrDev - ok
01:31:42.0047 0x0144 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
01:31:42.0094 0x0144 EventSystem - ok
01:31:42.0109 0x0144 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
01:31:42.0156 0x0144 exfat - ok
01:31:42.0172 0x0144 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:31:42.0218 0x0144 fastfat - ok
01:31:42.0250 0x0144 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
01:31:42.0281 0x0144 Fax - ok
01:31:42.0296 0x0144 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:31:42.0312 0x0144 fdc - ok
01:31:42.0328 0x0144 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
01:31:42.0359 0x0144 fdPHost - ok
01:31:42.0374 0x0144 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
01:31:42.0406 0x0144 FDResPub - ok
01:31:42.0406 0x0144 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:31:42.0421 0x0144 FileInfo - ok
01:31:42.0437 0x0144 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:31:42.0468 0x0144 Filetrace - ok
01:31:42.0468 0x0144 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:31:42.0484 0x0144 flpydisk - ok
01:31:42.0499 0x0144 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:31:42.0530 0x0144 FltMgr - ok
01:31:42.0577 0x0144 [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
01:31:42.0640 0x0144 FontCache - ok
01:31:42.0686 0x0144 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:31:42.0686 0x0144 FontCache3.0.0.0 - ok
01:31:42.0702 0x0144 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:31:42.0718 0x0144 FsDepends - ok
01:31:42.0764 0x0144 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:31:42.0764 0x0144 Fs_Rec - ok
01:31:42.0811 0x0144 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:31:42.0842 0x0144 fvevol - ok
01:31:42.0874 0x0144 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
01:31:42.0889 0x0144 gagp30kx - ok
01:31:42.0920 0x0144 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
01:31:42.0967 0x0144 gpsvc - ok
01:31:42.0983 0x0144 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:31:42.0998 0x0144 hcw85cir - ok
01:31:43.0030 0x0144 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:31:43.0061 0x0144 HdAudAddService - ok
01:31:43.0076 0x0144 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
01:31:43.0092 0x0144 HDAudBus - ok
01:31:43.0108 0x0144 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
01:31:43.0123 0x0144 HidBatt - ok
01:31:43.0139 0x0144 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
01:31:43.0154 0x0144 HidBth - ok
01:31:43.0170 0x0144 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
01:31:43.0186 0x0144 HidIr - ok
01:31:43.0217 0x0144 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
01:31:43.0248 0x0144 hidserv - ok
01:31:43.0295 0x0144 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
01:31:43.0310 0x0144 HidUsb - ok
01:31:43.0326 0x0144 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:31:43.0357 0x0144 hkmsvc - ok
01:31:43.0373 0x0144 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:31:43.0404 0x0144 HomeGroupListener - ok
01:31:43.0420 0x0144 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:31:43.0435 0x0144 HomeGroupProvider - ok
01:31:43.0466 0x0144 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:31:43.0482 0x0144 HpSAMD - ok
01:31:43.0529 0x0144 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:31:43.0576 0x0144 HTTP - ok
01:31:43.0591 0x0144 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:31:43.0591 0x1250 Object send P2P result: true
01:31:43.0591 0x1250 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
01:31:43.0591 0x0144 hwpolicy - ok
01:31:43.0607 0x0144 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
01:31:43.0622 0x0144 i8042prt - ok
01:31:43.0654 0x0144 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:31:43.0685 0x0144 iaStorV - ok
01:31:43.0732 0x0144 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:31:43.0763 0x0144 idsvc - ok
01:31:43.0825 0x0144 IEEtwCollectorService - ok
01:31:43.0841 0x0144 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
01:31:43.0856 0x0144 iirsp - ok
01:31:43.0903 0x0144 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
01:31:43.0934 0x0144 IKEEXT - ok
01:31:43.0981 0x0144 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
01:31:43.0997 0x0144 intelide - ok
01:31:44.0012 0x0144 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:31:44.0028 0x0144 intelppm - ok
01:31:44.0044 0x0144 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:31:44.0090 0x0144 IPBusEnum - ok
01:31:44.0106 0x0144 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:31:44.0137 0x0144 IpFilterDriver - ok
01:31:44.0184 0x0144 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:31:44.0215 0x0144 iphlpsvc - ok
01:31:44.0215 0x0144 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:31:44.0231 0x0144 IPMIDRV - ok
01:31:44.0246 0x0144 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:31:44.0278 0x0144 IPNAT - ok
01:31:44.0293 0x0144 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:31:44.0309 0x0144 IRENUM - ok
01:31:44.0324 0x0144 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:31:44.0340 0x0144 isapnp - ok
01:31:44.0356 0x0144 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:31:44.0387 0x0144 iScsiPrt - ok
01:31:44.0402 0x0144 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:31:44.0418 0x0144 kbdclass - ok
01:31:44.0418 0x0144 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:31:44.0434 0x0144 kbdhid - ok
01:31:44.0449 0x0144 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
01:31:44.0465 0x0144 KeyIso - ok
01:31:44.0496 0x0144 [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:31:44.0512 0x0144 KSecDD - ok
01:31:44.0527 0x0144 [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:31:44.0543 0x0144 KSecPkg - ok
01:31:44.0558 0x0144 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:31:44.0590 0x0144 ksthunk - ok
01:31:44.0621 0x0144 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
01:31:44.0652 0x0144 KtmRm - ok
01:31:44.0683 0x0144 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
01:31:44.0730 0x0144 LanmanServer - ok
01:31:44.0746 0x0144 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:31:44.0777 0x0144 LanmanWorkstation - ok
01:31:44.0855 0x0144 [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
01:31:44.0870 0x0144 LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
01:31:46.0072 0x1250 Object send P2P result: true
01:31:46.0072 0x1250 Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
01:31:47.0226 0x0144 Detect skipped due to KSN trusted
01:31:47.0226 0x0144 LightScribeService - ok
01:31:47.0242 0x0144 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:31:47.0273 0x0144 lltdio - ok
01:31:47.0304 0x0144 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:31:47.0351 0x0144 lltdsvc - ok
01:31:47.0351 0x0144 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:31:47.0382 0x0144 lmhosts - ok
01:31:47.0413 0x0144 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
01:31:47.0429 0x0144 LSI_FC - ok
01:31:47.0444 0x0144 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
01:31:47.0460 0x0144 LSI_SAS - ok
01:31:47.0460 0x0144 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
01:31:47.0476 0x0144 LSI_SAS2 - ok
01:31:47.0491 0x0144 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
01:31:47.0507 0x0144 LSI_SCSI - ok
01:31:47.0522 0x0144 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
01:31:47.0569 0x0144 luafv - ok
01:31:47.0585 0x0144 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:31:47.0600 0x0144 Mcx2Svc - ok
01:31:47.0616 0x0144 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
01:31:47.0632 0x0144 megasas - ok
01:31:47.0647 0x0144 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
01:31:47.0663 0x0144 MegaSR - ok
01:31:47.0725 0x0144 Microsoft SharePoint Workspace Audit Service - ok
01:31:47.0741 0x0144 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
01:31:47.0788 0x0144 MMCSS - ok
01:31:47.0803 0x0144 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
01:31:47.0834 0x0144 Modem - ok
01:31:47.0850 0x0144 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:31:47.0866 0x0144 monitor - ok
01:31:47.0881 0x0144 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:31:47.0897 0x0144 mouclass - ok
01:31:47.0944 0x0144 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:31:47.0944 0x0144 mouhid - ok
01:31:47.0975 0x0144 [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:31:47.0990 0x0144 mountmgr - ok
01:31:48.0037 0x0144 [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:31:48.0053 0x0144 MozillaMaintenance - ok
01:31:48.0084 0x0144 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
01:31:48.0100 0x0144 mpio - ok
01:31:48.0115 0x0144 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:31:48.0146 0x0144 mpsdrv - ok
01:31:48.0193 0x0144 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
01:31:48.0256 0x0144 MpsSvc - ok
01:31:48.0287 0x0144 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:31:48.0302 0x0144 MRxDAV - ok
01:31:48.0334 0x0144 [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:31:48.0349 0x0144 mrxsmb - ok
01:31:48.0365 0x0144 [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:31:48.0396 0x0144 mrxsmb10 - ok
01:31:48.0396 0x0144 [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:31:48.0412 0x0144 mrxsmb20 - ok
01:31:48.0443 0x0144 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
01:31:48.0458 0x0144 msahci - ok
01:31:48.0474 0x0144 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:31:48.0490 0x0144 msdsm - ok
01:31:48.0505 0x0144 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
01:31:48.0521 0x0144 MSDTC - ok
01:31:48.0536 0x1250 Object send P2P result: true
01:31:48.0536 0x1250 Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
01:31:48.0552 0x0144 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:31:48.0583 0x0144 Msfs - ok
01:31:48.0599 0x0144 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:31:48.0630 0x0144 mshidkmdf - ok
01:31:48.0630 0x0144 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:31:48.0646 0x0144 msisadrv - ok
01:31:48.0677 0x0144 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:31:48.0708 0x0144 MSiSCSI - ok
01:31:48.0708 0x0144 msiserver - ok
01:31:48.0724 0x0144 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:31:48.0770 0x0144 MSKSSRV - ok
01:31:48.0770 0x0144 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:31:48.0802 0x0144 MSPCLOCK - ok
01:31:48.0817 0x0144 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:31:48.0848 0x0144 MSPQM - ok
01:31:48.0864 0x0144 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:31:48.0895 0x0144 MsRPC - ok
01:31:48.0895 0x0144 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
01:31:48.0911 0x0144 mssmbios - ok
01:31:48.0926 0x0144 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:31:48.0958 0x0144 MSTEE - ok
01:31:48.0973 0x0144 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
01:31:48.0989 0x0144 MTConfig - ok
01:31:49.0004 0x0144 [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
01:31:49.0020 0x0144 MTsensor - ok
01:31:49.0036 0x0144 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
01:31:49.0051 0x0144 Mup - ok
01:31:49.0067 0x0144 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
01:31:49.0114 0x0144 napagent - ok
01:31:49.0145 0x0144 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:31:49.0176 0x0144 NativeWifiP - ok
01:31:49.0223 0x0144 [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:31:49.0254 0x0144 NDIS - ok
01:31:49.0270 0x0144 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:31:49.0316 0x0144 NdisCap - ok
01:31:49.0332 0x0144 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:31:49.0363 0x0144 NdisTapi - ok
01:31:49.0363 0x0144 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:31:49.0410 0x0144 Ndisuio - ok
01:31:49.0426 0x0144 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:31:49.0457 0x0144 NdisWan - ok
01:31:49.0472 0x0144 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:31:49.0504 0x0144 NDProxy - ok
01:31:49.0519 0x0144 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:31:49.0550 0x0144 NetBIOS - ok
01:31:49.0582 0x0144 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:31:49.0613 0x0144 NetBT - ok
01:31:49.0628 0x0144 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
01:31:49.0644 0x0144 Netlogon - ok
01:31:49.0675 0x0144 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
01:31:49.0722 0x0144 Netman - ok
01:31:49.0753 0x0144 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:31:49.0784 0x0144 NetMsmqActivator - ok
01:31:49.0784 0x0144 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:31:49.0800 0x0144 NetPipeActivator - ok
01:31:49.0831 0x0144 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
01:31:49.0878 0x0144 netprofm - ok
01:31:49.0894 0x0144 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:31:49.0909 0x0144 NetTcpActivator - ok
01:31:49.0909 0x0144 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:31:49.0925 0x0144 NetTcpPortSharing - ok
01:31:49.0956 0x0144 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
01:31:49.0972 0x0144 nfrd960 - ok
01:31:50.0003 0x0144 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
01:31:50.0034 0x0144 NlaSvc - ok
01:31:50.0050 0x0144 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:31:50.0081 0x0144 Npfs - ok
01:31:50.0096 0x0144 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
01:31:50.0128 0x0144 nsi - ok
01:31:50.0128 0x0144 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:31:50.0159 0x0144 nsiproxy - ok
01:31:50.0237 0x0144 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:31:50.0299 0x0144 Ntfs - ok
01:31:50.0315 0x0144 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
01:31:50.0346 0x0144 Null - ok
01:31:50.0658 0x0144 [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:31:51.0001 0x0144 nvlddmkm - ok
01:31:51.0032 0x1250 Object send P2P result: true
01:31:51.0048 0x0144 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:31:51.0064 0x0144 nvraid - ok
01:31:51.0079 0x0144 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:31:51.0095 0x0144 nvstor - ok
01:31:51.0126 0x0144 [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc C:\Windows\system32\nvvsvc.exe
01:31:51.0173 0x0144 nvsvc - ok
01:31:51.0251 0x0144 [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:31:51.0298 0x0144 nvUpdatusService - ok
01:31:51.0329 0x0144 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:31:51.0344 0x0144 nv_agp - ok
01:31:51.0360 0x0144 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:31:51.0376 0x0144 ohci1394 - ok
01:31:51.0407 0x0144 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:31:51.0422 0x0144 ose - ok
01:31:51.0610 0x0144 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:31:51.0766 0x0144 osppsvc - ok
01:31:51.0812 0x0144 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:31:51.0844 0x0144 p2pimsvc - ok
01:31:51.0875 0x0144 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
01:31:51.0906 0x0144 p2psvc - ok
01:31:51.0922 0x0144 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
01:31:51.0937 0x0144 Parport - ok
01:31:51.0968 0x0144 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:31:51.0968 0x0144 partmgr - ok
01:31:52.0015 0x0144 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:31:52.0031 0x0144 PcaSvc - ok
01:31:52.0046 0x0144 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
01:31:52.0078 0x0144 pci - ok
01:31:52.0109 0x0144 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
01:31:52.0109 0x0144 pciide - ok
01:31:52.0140 0x0144 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
01:31:52.0156 0x0144 pcmcia - ok
01:31:52.0156 0x0144 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
01:31:52.0171 0x0144 pcw - ok
01:31:52.0202 0x0144 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:31:52.0234 0x0144 PEAUTH - ok
01:31:52.0280 0x0144 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:31:52.0296 0x0144 PerfHost - ok
01:31:52.0343 0x0144 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
01:31:52.0421 0x0144 pla - ok
01:31:52.0452 0x0144 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:31:52.0483 0x0144 PlugPlay - ok
01:31:52.0499 0x0144 PnkBstrA - ok
01:31:52.0499 0x0144 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:31:52.0514 0x0144 PNRPAutoReg - ok
01:31:52.0546 0x0144 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:31:52.0561 0x0144 PNRPsvc - ok
01:31:52.0592 0x0144 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:31:52.0639 0x0144 PolicyAgent - ok
01:31:52.0717 0x0144 [ 4671F353D0DF74C3B0D2D00DE676F56C, 0F75009DD36B2E18212CE855FB7CA7D273E5749D8F2F451655ED81AA5E86BA9F ] postgresql-8.4 c:\postgreSQL\bin\pg_ctl.exe
01:31:52.0717 0x0144 postgresql-8.4 - detected UnsignedFile.Multi.Generic ( 1 )
01:31:55.0088 0x0144 Detect skipped due to KSN trusted
01:31:55.0088 0x0144 postgresql-8.4 - ok
01:31:55.0120 0x0144 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
01:31:55.0166 0x0144 Power - ok
01:31:55.0198 0x0144 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:31:55.0229 0x0144 PptpMiniport - ok
01:31:55.0244 0x0144 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
01:31:55.0260 0x0144 Processor - ok
01:31:55.0307 0x0144 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
01:31:55.0322 0x0144 ProfSvc - ok
01:31:55.0338 0x0144 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:31:55.0354 0x0144 ProtectedStorage - ok
01:31:55.0369 0x0144 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:31:55.0416 0x0144 Psched - ok
01:31:55.0463 0x0144 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
01:31:55.0525 0x0144 ql2300 - ok
01:31:55.0541 0x0144 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
01:31:55.0557 0x0144 ql40xx - ok
01:31:55.0572 0x0144 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
01:31:55.0603 0x0144 QWAVE - ok
01:31:55.0619 0x0144 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:31:55.0635 0x0144 QWAVEdrv - ok
01:31:55.0635 0x0144 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:31:55.0666 0x0144 RasAcd - ok
01:31:55.0681 0x0144 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:31:55.0728 0x0144 RasAgileVpn - ok
01:31:55.0728 0x0144 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
01:31:55.0775 0x0144 RasAuto - ok
01:31:55.0775 0x0144 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:31:55.0822 0x0144 Rasl2tp - ok
01:31:55.0837 0x0144 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
01:31:55.0884 0x0144 RasMan - ok
01:31:55.0884 0x0144 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:31:55.0931 0x0144 RasPppoe - ok
01:31:55.0931 0x0144 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:31:55.0978 0x0144 RasSstp - ok
01:31:55.0993 0x0144 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:31:56.0025 0x0144 rdbss - ok
01:31:56.0040 0x0144 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
01:31:56.0056 0x0144 rdpbus - ok
01:31:56.0071 0x0144 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:31:56.0103 0x0144 RDPCDD - ok
01:31:56.0134 0x0144 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:31:56.0165 0x0144 RDPENCDD - ok
01:31:56.0165 0x0144 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:31:56.0212 0x0144 RDPREFMP - ok
01:31:56.0227 0x0144 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:31:56.0259 0x0144 RDPWD - ok
01:31:56.0274 0x0144 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:31:56.0290 0x0144 rdyboost - ok
01:31:56.0321 0x0144 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:31:56.0352 0x0144 RemoteAccess - ok
01:31:56.0368 0x0144 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:31:56.0415 0x0144 RemoteRegistry - ok
01:31:56.0430 0x0144 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:31:56.0477 0x0144 RpcEptMapper - ok
01:31:56.0477 0x0144 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
01:31:56.0493 0x0144 RpcLocator - ok
01:31:56.0524 0x0144 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
01:31:56.0555 0x0144 RpcSs - ok
01:31:56.0586 0x0144 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:31:56.0633 0x0144 rspndr - ok
01:31:56.0633 0x0144 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
01:31:56.0649 0x0144 SamSs - ok
01:31:56.0664 0x0144 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:31:56.0680 0x0144 sbp2port - ok
01:31:56.0695 0x0144 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:31:56.0727 0x0144 SCardSvr - ok
01:31:56.0742 0x0144 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:31:56.0773 0x0144 scfilter - ok
01:31:56.0836 0x0144 [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
01:31:56.0883 0x0144 Schedule - ok
01:31:56.0914 0x0144 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
01:31:56.0945 0x0144 SCPolicySvc - ok
01:31:56.0961 0x0144 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:31:56.0976 0x0144 SDRSVC - ok
01:31:57.0007 0x0144 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:31:57.0039 0x0144 secdrv - ok
01:31:57.0039 0x0144 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
01:31:57.0070 0x0144 seclogon - ok
01:31:57.0085 0x0144 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
01:31:57.0117 0x0144 SENS - ok
01:31:57.0148 0x0144 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:31:57.0163 0x0144 SensrSvc - ok
01:31:57.0163 0x0144 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:31:57.0179 0x0144 Serenum - ok
01:31:57.0195 0x0144 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:31:57.0210 0x0144 Serial - ok
01:31:57.0226 0x0144 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
01:31:57.0241 0x0144 sermouse - ok
01:31:57.0273 0x0144 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
01:31:57.0304 0x0144 SessionEnv - ok
01:31:57.0319 0x0144 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:31:57.0335 0x0144 sffdisk - ok
01:31:57.0351 0x0144 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:31:57.0366 0x0144 sffp_mmc - ok
01:31:57.0382 0x0144 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:31:57.0397 0x0144 sffp_sd - ok
01:31:57.0397 0x0144 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
01:31:57.0413 0x0144 sfloppy - ok
01:31:57.0444 0x0144 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:31:57.0491 0x0144 SharedAccess - ok
01:31:57.0507 0x0144 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:31:57.0553 0x0144 ShellHWDetection - ok
01:31:57.0569 0x0144 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
01:31:57.0585 0x0144 SiSRaid2 - ok
01:31:57.0585 0x0144 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
01:31:57.0600 0x0144 SiSRaid4 - ok
01:31:57.0631 0x0144 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:31:57.0663 0x0144 Smb - ok
01:31:57.0694 0x0144 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:31:57.0709 0x0144 SNMPTRAP - ok
01:31:57.0725 0x0144 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
01:31:57.0725 0x0144 spldr - ok
01:31:57.0772 0x0144 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
01:31:57.0787 0x0144 Spooler - ok
01:31:57.0912 0x0144 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
01:31:58.0053 0x0144 sppsvc - ok
01:31:58.0068 0x0144 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:31:58.0099 0x0144 sppuinotify - ok
01:31:58.0162 0x0144 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
01:31:58.0193 0x0144 srv - ok
01:31:58.0209 0x0144 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:31:58.0240 0x0144 srv2 - ok
01:31:58.0271 0x0144 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:31:58.0287 0x0144 srvnet - ok
01:31:58.0318 0x0144 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:31:58.0349 0x0144 SSDPSRV - ok
01:31:58.0349 0x0144 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:31:58.0396 0x0144 SstpSvc - ok
01:31:58.0458 0x0144 [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
01:31:58.0474 0x0144 Steam Client Service - ok
01:31:58.0536 0x0144 [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
01:31:58.0567 0x0144 Stereo Service - ok
01:31:58.0583 0x0144 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
01:31:58.0599 0x0144 stexstor - ok
01:31:58.0630 0x0144 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
01:31:58.0661 0x0144 stisvc - ok
01:31:58.0661 0x0144 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
01:31:58.0677 0x0144 swenum - ok
01:31:58.0723 0x0144 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
01:31:58.0770 0x0144 swprv - ok
01:31:58.0833 0x0144 [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
01:31:58.0911 0x0144 SysMain - ok
01:31:58.0926 0x0144 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:31:58.0942 0x0144 TabletInputService - ok
01:31:58.0973 0x0144 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
01:31:59.0004 0x0144 TapiSrv - ok
01:31:59.0020 0x0144 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
01:31:59.0051 0x0144 TBS - ok
01:31:59.0129 0x0144 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:31:59.0191 0x0144 Tcpip - ok
01:31:59.0254 0x0144 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:31:59.0316 0x0144 TCPIP6 - ok
01:31:59.0347 0x0144 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:31:59.0363 0x0144 tcpipreg - ok
01:31:59.0379 0x0144 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:31:59.0394 0x0144 TDPIPE - ok
01:31:59.0441 0x0144 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:31:59.0441 0x0144 TDTCP - ok
01:31:59.0488 0x0144 [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:31:59.0503 0x0144 tdx - ok
01:31:59.0519 0x0144 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
01:31:59.0535 0x0144 TermDD - ok
01:31:59.0566 0x0144 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
01:31:59.0597 0x0144 TermService - ok
01:31:59.0628 0x0144 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
01:31:59.0644 0x0144 Themes - ok
01:31:59.0659 0x0144 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
01:31:59.0706 0x0144 THREADORDER - ok
01:31:59.0706 0x0144 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
01:31:59.0753 0x0144 TrkWks - ok
01:31:59.0784 0x0144 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:31:59.0815 0x0144 TrustedInstaller - ok
01:31:59.0847 0x0144 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:31:59.0862 0x0144 tssecsrv - ok
01:31:59.0893 0x0144 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:31:59.0925 0x0144 TsUsbFlt - ok
01:31:59.0940 0x0144 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
01:31:59.0940 0x0144 TsUsbGD - ok
01:31:59.0971 0x0144 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:32:00.0003 0x0144 tunnel - ok
01:32:00.0018 0x0144 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
01:32:00.0034 0x0144 uagp35 - ok
01:32:00.0049 0x0144 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:32:00.0081 0x0144 udfs - ok
01:32:00.0112 0x0144 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:32:00.0127 0x0144 UI0Detect - ok
01:32:00.0143 0x0144 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:32:00.0159 0x0144 uliagpkx - ok
01:32:00.0174 0x0144 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:32:00.0190 0x0144 umbus - ok
01:32:00.0205 0x0144 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
01:32:00.0221 0x0144 UmPass - ok
01:32:00.0237 0x0144 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
01:32:00.0283 0x0144 upnphost - ok
01:32:00.0315 0x0144 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:32:00.0330 0x0144 usbccgp - ok
01:32:00.0361 0x0144 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:32:00.0377 0x0144 usbcir - ok
01:32:00.0408 0x0144 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:32:00.0424 0x0144 usbehci - ok
01:32:00.0455 0x0144 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:32:00.0486 0x0144 usbhub - ok
01:32:00.0486 0x0144 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:32:00.0502 0x0144 usbohci - ok
01:32:00.0533 0x0144 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:32:00.0549 0x0144 usbprint - ok
01:32:00.0549 0x0144 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
01:32:00.0580 0x0144 usbscan - ok
01:32:00.0595 0x0144 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:32:00.0611 0x0144 USBSTOR - ok
01:32:00.0627 0x0144 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
01:32:00.0627 0x0144 usbuhci - ok
01:32:00.0642 0x0144 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
01:32:00.0689 0x0144 UxSms - ok
01:32:00.0705 0x0144 [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
01:32:00.0705 0x0144 VaultSvc - ok
01:32:00.0720 0x0144 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:32:00.0736 0x0144 vdrvroot - ok
01:32:00.0751 0x0144 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
01:32:00.0798 0x0144 vds - ok
01:32:00.0814 0x0144 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:32:00.0829 0x0144 vga - ok
01:32:00.0829 0x0144 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
01:32:00.0876 0x0144 VgaSave - ok
01:32:00.0892 0x0144 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:32:00.0907 0x0144 vhdmp - ok
01:32:00.0923 0x0144 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
01:32:00.0939 0x0144 viaide - ok
01:32:00.0954 0x0144 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:32:00.0970 0x0144 volmgr - ok
01:32:00.0985 0x0144 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:32:01.0001 0x0144 volmgrx - ok
01:32:01.0017 0x0144 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:32:01.0032 0x0144 volsnap - ok
01:32:01.0063 0x0144 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
01:32:01.0079 0x0144 vsmraid - ok
01:32:01.0126 0x0144 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
01:32:01.0204 0x0144 VSS - ok
01:32:01.0219 0x0144 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
01:32:01.0235 0x0144 vwifibus - ok
01:32:01.0266 0x0144 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
01:32:01.0313 0x0144 W32Time - ok
01:32:01.0329 0x0144 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
01:32:01.0344 0x0144 WacomPen - ok
01:32:01.0360 0x0144 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:32:01.0407 0x0144 WANARP - ok
01:32:01.0407 0x0144 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:32:01.0438 0x0144 Wanarpv6 - ok
01:32:01.0516 0x0144 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
01:32:01.0563 0x0144 WatAdminSvc - ok
01:32:01.0625 0x0144 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
01:32:01.0687 0x0144 wbengine - ok
01:32:01.0703 0x0144 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:32:01.0719 0x0144 WbioSrvc - ok
01:32:01.0734 0x0144 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:32:01.0765 0x0144 wcncsvc - ok
01:32:01.0765 0x0144 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:32:01.0797 0x0144 WcsPlugInService - ok
01:32:01.0812 0x0144 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
01:32:01.0828 0x0144 Wd - ok
01:32:01.0875 0x0144 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:32:01.0906 0x0144 Wdf01000 - ok
01:32:01.0953 0x0144 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:32:01.0968 0x0144 WdiServiceHost - ok
01:32:01.0984 0x0144 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:32:01.0999 0x0144 WdiSystemHost - ok
01:32:02.0015 0x0144 [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
01:32:02.0046 0x0144 WebClient - ok
01:32:02.0077 0x0144 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:32:02.0124 0x0144 Wecsvc - ok
01:32:02.0140 0x0144 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:32:02.0171 0x0144 wercplsupport - ok
01:32:02.0187 0x0144 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
01:32:02.0218 0x0144 WerSvc - ok
01:32:02.0249 0x0144 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:32:02.0280 0x0144 WfpLwf - ok
01:32:02.0296 0x0144 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:32:02.0311 0x0144 WIMMount - ok
01:32:02.0327 0x0144 WinDefend - ok
01:32:02.0343 0x0144 WinHttpAutoProxySvc - ok
01:32:02.0374 0x0144 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:32:02.0421 0x0144 Winmgmt - ok
01:32:02.0483 0x0144 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
01:32:02.0577 0x0144 WinRM - ok
01:32:02.0608 0x0144 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
01:32:02.0623 0x0144 WinUsb - ok
01:32:02.0670 0x0144 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
01:32:02.0717 0x0144 Wlansvc - ok
01:32:02.0733 0x0144 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:32:02.0748 0x0144 WmiAcpi - ok
01:32:02.0779 0x0144 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:32:02.0795 0x0144 wmiApSrv - ok
01:32:02.0826 0x0144 WMPNetworkSvc - ok
01:32:02.0826 0x0144 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:32:02.0857 0x0144 WPCSvc - ok
01:32:02.0873 0x0144 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:32:02.0889 0x0144 WPDBusEnum - ok
01:32:02.0904 0x0144 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:32:02.0935 0x0144 ws2ifsl - ok
01:32:02.0951 0x0144 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
01:32:02.0967 0x0144 wscsvc - ok
01:32:02.0982 0x0144 WSearch - ok
01:32:03.0076 0x0144 [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
01:32:03.0185 0x0144 wuauserv - ok
01:32:03.0216 0x0144 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:32:03.0232 0x0144 WudfPf - ok
01:32:03.0279 0x0144 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:32:03.0294 0x0144 WUDFRd - ok
01:32:03.0325 0x0144 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:32:03.0341 0x0144 wudfsvc - ok
01:32:03.0372 0x0144 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
01:32:03.0403 0x0144 WwanSvc - ok
01:32:03.0435 0x0144 [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
01:32:03.0466 0x0144 yukonw7 - ok
01:32:03.0466 0x0144 ================ Scan global ===============================
01:32:03.0497 0x0144 [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
01:32:03.0513 0x0144 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
01:32:03.0528 0x0144 [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
01:32:03.0559 0x0144 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
01:32:03.0591 0x0144 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
01:32:03.0606 0x0144 [ Global ] - ok
01:32:03.0606 0x0144 ================ Scan MBR ==================================
01:32:03.0606 0x0144 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:32:03.0809 0x0144 \Device\Harddisk0\DR0 - ok
01:32:03.0809 0x0144 ================ Scan VBR ==================================
01:32:03.0809 0x0144 [ 1CB388BC93E57F76D2F36B933DDE7907 ] \Device\Harddisk0\DR0\Partition1
01:32:03.0809 0x0144 \Device\Harddisk0\DR0\Partition1 - ok
01:32:03.0809 0x0144 [ 5DAD4841F9A15EF124BF6DB3BB281701 ] \Device\Harddisk0\DR0\Partition2
01:32:03.0825 0x0144 \Device\Harddisk0\DR0\Partition2 - ok
01:32:03.0825 0x0144 [ A3D6D4A58824A1288984E69394CBFC4A ] \Device\Harddisk0\DR0\Partition3
01:32:03.0825 0x0144 \Device\Harddisk0\DR0\Partition3 - ok
01:32:03.0825 0x0144 ================ Scan generic autorun ======================
01:32:03.0903 0x0144 [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
01:32:03.0934 0x0144 avgnt - ok
01:32:03.0996 0x0144 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:32:04.0059 0x0144 Sidebar - ok
01:32:04.0059 0x0144 AVG-Secure-Search-Update_JUNE2013_TB - ok
01:32:04.0090 0x0144 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:32:04.0105 0x0144 mctadmin - ok
01:32:04.0230 0x0144 [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
01:32:04.0339 0x0144 LightScribe Control Panel - ok
01:32:04.0480 0x0144 [ 5353A34090BABE3CD48B70569AF0DD12, A211D0B06DC05BFCBD13EBC71275C644B7616E95485ED8336DEFF257B7AE7E80 ] E:\Steam\steam.exe
01:32:04.0542 0x0144 Steam - ok
01:32:04.0651 0x0144 [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
01:32:04.0714 0x0144 LightScribe Control Panel - ok
01:32:04.0979 0x0144 [ 15914F30482983E349FF9544B2DCAF11, 457833C665AB340D6DEE6B489947EE2D5202D4C93097C194A9DF196AFE4E4898 ] C:\Program Files\CCleaner\CCleaner64.exe
01:32:05.0229 0x0144 CCleaner Monitoring - ok
01:32:05.0275 0x0144 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:32:05.0322 0x0144 Sidebar - ok
01:32:05.0322 0x0144 AVG-Secure-Search-Update_JUNE2013_TB - ok
01:32:05.0338 0x0144 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:32:05.0353 0x0144 mctadmin - ok
01:32:05.0385 0x0144 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:32:05.0431 0x0144 Sidebar - ok
01:32:05.0431 0x0144 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:32:05.0447 0x0144 mctadmin - ok
01:32:05.0447 0x0144 Waiting for KSN requests completion. In queue: 160
01:32:06.0461 0x0144 Waiting for KSN requests completion. In queue: 160
01:32:07.0475 0x0144 Waiting for KSN requests completion. In queue: 160
01:32:07.0865 0x1084 Object required for P2P: [ 5353A34090BABE3CD48B70569AF0DD12 ] E:\Steam\steam.exe
01:32:08.0489 0x0144 Waiting for KSN requests completion. In queue: 2
01:32:09.0503 0x0144 Waiting for KSN requests completion. In queue: 2
01:32:10.0361 0x1084 Object send P2P result: true
01:32:10.0361 0x1084 Object required for P2P: [ 15914F30482983E349FF9544B2DCAF11 ] C:\Program Files\CCleaner\CCleaner64.exe
01:32:10.0517 0x0144 Waiting for KSN requests completion. In queue: 1
01:32:11.0531 0x0144 Waiting for KSN requests completion. In queue: 1
01:32:12.0545 0x0144 Waiting for KSN requests completion. In queue: 1
01:32:12.0888 0x1084 Object send P2P result: true
01:32:13.0559 0x0144 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
01:32:13.0575 0x0144 Win FW state via NFP2: enabled ( trusted )
01:32:16.0008 0x0144 ============================================================
01:32:16.0008 0x0144 Scan finished
01:32:16.0008 0x0144 ============================================================
01:32:16.0008 0x0294 Detected object count: 0
01:32:16.0008 0x0294 Actual detected object count: 0
01:33:57.0658 0x033c ============================================================
01:33:57.0658 0x033c Scan started
01:33:57.0658 0x033c Mode: Manual; SigCheck; TDLFS;
01:33:57.0658 0x033c ============================================================
01:33:57.0658 0x033c KSN ping started
01:34:00.0014 0x033c KSN ping finished: true
01:34:00.0575 0x033c ================ Scan system memory ========================
01:34:00.0575 0x033c System memory - ok
01:34:00.0575 0x033c ================ Scan services =============================
01:34:00.0669 0x033c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
01:34:00.0700 0x033c 1394ohci - ok
01:34:00.0716 0x033c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
01:34:00.0731 0x033c ACPI - ok
01:34:00.0747 0x033c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
01:34:00.0762 0x033c AcpiPmi - ok
01:34:00.0825 0x033c [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:34:00.0840 0x033c AdobeARMservice - ok
01:34:00.0918 0x033c [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:34:00.0934 0x033c AdobeFlashPlayerUpdateSvc - ok
01:34:00.0950 0x033c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
01:34:00.0981 0x033c adp94xx - ok
01:34:01.0012 0x033c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
01:34:01.0028 0x033c adpahci - ok
01:34:01.0043 0x033c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
01:34:01.0059 0x033c adpu320 - ok
01:34:01.0090 0x033c [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
01:34:01.0106 0x033c AeLookupSvc - ok
01:34:01.0152 0x033c [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD C:\Windows\system32\drivers\afd.sys
01:34:01.0168 0x033c AFD - ok
01:34:01.0199 0x033c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
01:34:01.0199 0x033c agp440 - ok
01:34:01.0230 0x033c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
01:34:01.0246 0x033c ALG - ok
01:34:01.0262 0x033c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
01:34:01.0277 0x033c aliide - ok
01:34:01.0293 0x033c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
01:34:01.0308 0x033c amdide - ok
01:34:01.0308 0x033c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
01:34:01.0324 0x033c AmdK8 - ok
01:34:01.0340 0x033c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
01:34:01.0355 0x033c AmdPPM - ok
01:34:01.0371 0x033c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
01:34:01.0386 0x033c amdsata - ok
01:34:01.0402 0x033c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
01:34:01.0418 0x033c amdsbs - ok
01:34:01.0433 0x033c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
01:34:01.0449 0x033c amdxata - ok
01:34:01.0542 0x033c [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
01:34:01.0574 0x033c AntiVirMailService - ok
01:34:01.0574 0x033c Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
01:34:04.0054 0x033c Object send P2P result: true
01:34:04.0101 0x033c [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
01:34:04.0116 0x033c AntiVirSchedulerService - ok
01:34:04.0116 0x033c Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
01:34:06.0612 0x033c Object send P2P result: true
01:34:06.0644 0x033c [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService C:\Program Files (x86)\Avira\Antivirus\avguard.exe
01:34:06.0675 0x033c AntiVirService - ok
01:34:06.0675 0x033c Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
01:34:09.0155 0x033c Object send P2P result: true
01:34:09.0218 0x033c [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
01:34:09.0249 0x033c AntiVirWebService - ok
01:34:09.0264 0x033c Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
01:34:11.0745 0x033c Object send P2P result: true
01:34:11.0776 0x033c [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID C:\Windows\system32\drivers\appid.sys
01:34:11.0792 0x033c AppID - ok
01:34:11.0823 0x033c [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc C:\Windows\System32\appidsvc.dll
01:34:11.0838 0x033c AppIDSvc - ok
01:34:11.0870 0x033c [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo C:\Windows\System32\appinfo.dll
01:34:11.0885 0x033c Appinfo - ok
01:34:11.0901 0x033c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
01:34:11.0916 0x033c arc - ok
01:34:11.0932 0x033c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
01:34:11.0948 0x033c arcsas - ok
01:34:12.0026 0x033c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:34:12.0041 0x033c aspnet_state - ok
01:34:12.0057 0x033c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
01:34:12.0088 0x033c AsyncMac - ok
01:34:12.0119 0x033c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
01:34:12.0119 0x033c atapi - ok
01:34:12.0166 0x033c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
|
|
02.12.2015, 01:43
| #5 |
| | Anitvirus Programm findet Virus aber keine Probleme ? Zweite Teil des Reports von TDSSkiller (waren zuviele Zeichen): Code:
ATTFilter 01:34:12.0197 0x033c AudioEndpointBuilder - ok
01:34:12.0213 0x033c [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
01:34:12.0244 0x033c AudioSrv - ok
01:34:12.0275 0x033c [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
01:34:12.0291 0x033c avgntflt - ok
01:34:12.0306 0x033c [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
01:34:12.0322 0x033c avgtp - ok
01:34:12.0353 0x033c [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
01:34:12.0369 0x033c avipbb - ok
01:34:12.0384 0x033c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
01:34:12.0384 0x033c avkmgr - ok
01:34:12.0416 0x033c [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
01:34:12.0431 0x033c avnetflt - ok
01:34:12.0462 0x033c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
01:34:12.0478 0x033c AxInstSV - ok
01:34:12.0509 0x033c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
01:34:12.0540 0x033c b06bdrv - ok
01:34:12.0556 0x033c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
01:34:12.0572 0x033c b57nd60a - ok
01:34:12.0587 0x033c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
01:34:12.0603 0x033c BDESVC - ok
01:34:12.0618 0x033c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
01:34:12.0650 0x033c Beep - ok
01:34:12.0681 0x033c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
01:34:12.0712 0x033c BFE - ok
01:34:12.0743 0x033c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
01:34:12.0806 0x033c BITS - ok
01:34:12.0821 0x033c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
01:34:12.0821 0x033c blbdrive - ok
01:34:12.0852 0x033c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
01:34:12.0868 0x033c bowser - ok
01:34:12.0884 0x033c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
01:34:12.0899 0x033c BrFiltLo - ok
01:34:12.0899 0x033c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
01:34:12.0915 0x033c BrFiltUp - ok
01:34:12.0930 0x033c [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
01:34:12.0977 0x033c BridgeMP - ok
01:34:12.0993 0x033c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
01:34:13.0024 0x033c Browser - ok
01:34:13.0040 0x033c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
01:34:13.0055 0x033c Brserid - ok
01:34:13.0071 0x033c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
01:34:13.0086 0x033c BrSerWdm - ok
01:34:13.0086 0x033c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
01:34:13.0102 0x033c BrUsbMdm - ok
01:34:13.0118 0x033c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
01:34:13.0133 0x033c BrUsbSer - ok
01:34:13.0149 0x033c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
01:34:13.0164 0x033c BTHMODEM - ok
01:34:13.0196 0x033c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
01:34:13.0227 0x033c bthserv - ok
01:34:13.0227 0x033c catchme - ok
01:34:13.0242 0x033c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
01:34:13.0274 0x033c cdfs - ok
01:34:13.0289 0x033c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
01:34:13.0305 0x033c cdrom - ok
01:34:13.0320 0x033c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
01:34:13.0352 0x033c CertPropSvc - ok
01:34:13.0367 0x033c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
01:34:13.0383 0x033c circlass - ok
01:34:13.0414 0x033c [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
01:34:13.0430 0x033c CLFS - ok
01:34:13.0492 0x033c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:34:13.0508 0x033c clr_optimization_v2.0.50727_32 - ok
01:34:13.0523 0x033c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:34:13.0539 0x033c clr_optimization_v2.0.50727_64 - ok
01:34:13.0586 0x033c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:34:13.0601 0x033c clr_optimization_v4.0.30319_32 - ok
01:34:13.0601 0x033c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:34:13.0617 0x033c clr_optimization_v4.0.30319_64 - ok
01:34:13.0648 0x033c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
01:34:13.0664 0x033c CmBatt - ok
01:34:13.0679 0x033c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
01:34:13.0695 0x033c cmdide - ok
01:34:13.0742 0x033c [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG C:\Windows\system32\Drivers\cng.sys
01:34:13.0773 0x033c CNG - ok
01:34:13.0773 0x033c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
01:34:13.0788 0x033c Compbatt - ok
01:34:13.0788 0x033c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
01:34:13.0804 0x033c CompositeBus - ok
01:34:13.0804 0x033c COMSysApp - ok
01:34:13.0820 0x033c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
01:34:13.0835 0x033c crcdisk - ok
01:34:13.0866 0x033c [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc C:\Windows\system32\cryptsvc.dll
01:34:13.0882 0x033c CryptSvc - ok
01:34:13.0913 0x033c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
01:34:13.0960 0x033c DcomLaunch - ok
01:34:13.0991 0x033c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
01:34:14.0022 0x033c defragsvc - ok
01:34:14.0038 0x033c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
01:34:14.0069 0x033c DfsC - ok
01:34:14.0100 0x033c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
01:34:14.0116 0x033c Dhcp - ok
01:34:14.0178 0x033c [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack C:\Windows\system32\diagtrack.dll
01:34:14.0210 0x033c DiagTrack - ok
01:34:14.0225 0x033c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
01:34:14.0256 0x033c discache - ok
01:34:14.0272 0x033c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
01:34:14.0288 0x033c Disk - ok
01:34:14.0319 0x033c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
01:34:14.0334 0x033c Dnscache - ok
01:34:14.0350 0x033c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
01:34:14.0381 0x033c dot3svc - ok
01:34:14.0397 0x033c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
01:34:14.0428 0x033c DPS - ok
01:34:14.0444 0x033c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
01:34:14.0459 0x033c drmkaud - ok
01:34:14.0490 0x033c [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01 C:\Windows\system32\DRIVERS\dtsoftbus01.sys
01:34:14.0506 0x033c dtsoftbus01 - ok
01:34:14.0568 0x033c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
01:34:14.0600 0x033c DXGKrnl - ok
01:34:14.0615 0x033c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
01:34:14.0662 0x033c EapHost - ok
01:34:14.0756 0x033c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
01:34:14.0849 0x033c ebdrv - ok
01:34:14.0880 0x033c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS C:\Windows\System32\lsass.exe
01:34:14.0880 0x033c EFS - ok
01:34:14.0927 0x033c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
01:34:14.0958 0x033c ehRecvr - ok
01:34:14.0974 0x033c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
01:34:14.0990 0x033c ehSched - ok
01:34:15.0005 0x033c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
01:34:15.0036 0x033c elxstor - ok
01:34:15.0052 0x033c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
01:34:15.0068 0x033c ErrDev - ok
01:34:15.0099 0x033c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
01:34:15.0130 0x033c EventSystem - ok
01:34:15.0161 0x033c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
01:34:15.0192 0x033c exfat - ok
01:34:15.0208 0x033c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
01:34:15.0239 0x033c fastfat - ok
01:34:15.0270 0x033c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
01:34:15.0302 0x033c Fax - ok
01:34:15.0302 0x033c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
01:34:15.0317 0x033c fdc - ok
01:34:15.0333 0x033c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
01:34:15.0364 0x033c fdPHost - ok
01:34:15.0380 0x033c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
01:34:15.0411 0x033c FDResPub - ok
01:34:15.0426 0x033c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
01:34:15.0442 0x033c FileInfo - ok
01:34:15.0458 0x033c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
01:34:15.0489 0x033c Filetrace - ok
01:34:15.0489 0x033c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
01:34:15.0504 0x033c flpydisk - ok
01:34:15.0520 0x033c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
01:34:15.0551 0x033c FltMgr - ok
01:34:15.0598 0x033c [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache C:\Windows\system32\FntCache.dll
01:34:15.0645 0x033c FontCache - ok
01:34:15.0676 0x033c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:34:15.0692 0x033c FontCache3.0.0.0 - ok
01:34:15.0692 0x033c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
01:34:15.0707 0x033c FsDepends - ok
01:34:15.0738 0x033c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
01:34:15.0754 0x033c Fs_Rec - ok
01:34:15.0785 0x033c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
01:34:15.0801 0x033c fvevol - ok
01:34:15.0816 0x033c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
01:34:15.0832 0x033c gagp30kx - ok
01:34:15.0879 0x033c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
01:34:15.0926 0x033c gpsvc - ok
01:34:15.0941 0x033c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
01:34:15.0957 0x033c hcw85cir - ok
01:34:15.0988 0x033c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:34:16.0004 0x033c HdAudAddService - ok
01:34:16.0019 0x033c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
01:34:16.0035 0x033c HDAudBus - ok
01:34:16.0050 0x033c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
01:34:16.0066 0x033c HidBatt - ok
01:34:16.0082 0x033c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
01:34:16.0097 0x033c HidBth - ok
01:34:16.0113 0x033c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
01:34:16.0128 0x033c HidIr - ok
01:34:16.0144 0x033c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll
01:34:16.0191 0x033c hidserv - ok
01:34:16.0222 0x033c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\drivers\hidusb.sys
01:34:16.0238 0x033c HidUsb - ok
01:34:16.0253 0x033c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
01:34:16.0284 0x033c hkmsvc - ok
01:34:16.0300 0x033c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:34:16.0316 0x033c HomeGroupListener - ok
01:34:16.0331 0x033c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:34:16.0347 0x033c HomeGroupProvider - ok
01:34:16.0362 0x033c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
01:34:16.0378 0x033c HpSAMD - ok
01:34:16.0425 0x033c [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
01:34:16.0456 0x033c HTTP - ok
01:34:16.0472 0x033c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
01:34:16.0472 0x033c hwpolicy - ok
01:34:16.0487 0x033c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
01:34:16.0503 0x033c i8042prt - ok
01:34:16.0534 0x033c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
01:34:16.0550 0x033c iaStorV - ok
01:34:16.0612 0x033c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:34:16.0643 0x033c idsvc - ok
01:34:16.0643 0x033c IEEtwCollectorService - ok
01:34:16.0659 0x033c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
01:34:16.0674 0x033c iirsp - ok
01:34:16.0721 0x033c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
01:34:16.0752 0x033c IKEEXT - ok
01:34:16.0784 0x033c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
01:34:16.0799 0x033c intelide - ok
01:34:16.0815 0x033c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
01:34:16.0830 0x033c intelppm - ok
01:34:16.0846 0x033c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
01:34:16.0877 0x033c IPBusEnum - ok
01:34:16.0893 0x033c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:34:16.0924 0x033c IpFilterDriver - ok
01:34:16.0971 0x033c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
01:34:17.0002 0x033c iphlpsvc - ok
01:34:17.0018 0x033c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
01:34:17.0018 0x033c IPMIDRV - ok
01:34:17.0033 0x033c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
01:34:17.0064 0x033c IPNAT - ok
01:34:17.0080 0x033c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
01:34:17.0096 0x033c IRENUM - ok
01:34:17.0096 0x033c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
01:34:17.0111 0x033c isapnp - ok
01:34:17.0142 0x033c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
01:34:17.0158 0x033c iScsiPrt - ok
01:34:17.0174 0x033c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
01:34:17.0189 0x033c kbdclass - ok
01:34:17.0189 0x033c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
01:34:17.0205 0x033c kbdhid - ok
01:34:17.0205 0x033c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso C:\Windows\system32\lsass.exe
01:34:17.0220 0x033c KeyIso - ok
01:34:17.0252 0x033c [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
01:34:17.0267 0x033c KSecDD - ok
01:34:17.0267 0x033c [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
01:34:17.0283 0x033c KSecPkg - ok
01:34:17.0298 0x033c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
01:34:17.0330 0x033c ksthunk - ok
01:34:17.0361 0x033c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
01:34:17.0408 0x033c KtmRm - ok
01:34:17.0439 0x033c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll
01:34:17.0470 0x033c LanmanServer - ok
01:34:17.0486 0x033c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:34:17.0532 0x033c LanmanWorkstation - ok
01:34:17.0579 0x033c [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
01:34:17.0595 0x033c LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
01:34:17.0595 0x033c Detect skipped due to KSN trusted
01:34:17.0595 0x033c LightScribeService - ok
01:34:17.0595 0x033c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
01:34:17.0642 0x033c lltdio - ok
01:34:17.0657 0x033c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
01:34:17.0688 0x033c lltdsvc - ok
01:34:17.0704 0x033c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
01:34:17.0735 0x033c lmhosts - ok
01:34:17.0766 0x033c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
01:34:17.0782 0x033c LSI_FC - ok
01:34:17.0798 0x033c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
01:34:17.0813 0x033c LSI_SAS - ok
01:34:17.0829 0x033c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
01:34:17.0829 0x033c LSI_SAS2 - ok
01:34:17.0844 0x033c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
01:34:17.0860 0x033c LSI_SCSI - ok
01:34:17.0876 0x033c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
01:34:17.0907 0x033c luafv - ok
01:34:17.0938 0x033c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
01:34:17.0954 0x033c Mcx2Svc - ok
01:34:17.0954 0x033c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
01:34:17.0969 0x033c megasas - ok
01:34:17.0985 0x033c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
01:34:18.0000 0x033c MegaSR - ok
01:34:18.0047 0x033c Microsoft SharePoint Workspace Audit Service - ok
01:34:18.0063 0x033c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
01:34:18.0110 0x033c MMCSS - ok
01:34:18.0125 0x033c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
01:34:18.0156 0x033c Modem - ok
01:34:18.0172 0x033c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
01:34:18.0188 0x033c monitor - ok
01:34:18.0188 0x033c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
01:34:18.0203 0x033c mouclass - ok
01:34:18.0219 0x033c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
01:34:18.0234 0x033c mouhid - ok
01:34:18.0266 0x033c [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
01:34:18.0281 0x033c mountmgr - ok
01:34:18.0297 0x033c [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:34:18.0312 0x033c MozillaMaintenance - ok
01:34:18.0344 0x033c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
01:34:18.0359 0x033c mpio - ok
01:34:18.0359 0x033c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
01:34:18.0406 0x033c mpsdrv - ok
01:34:18.0437 0x033c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
01:34:18.0484 0x033c MpsSvc - ok
01:34:18.0531 0x033c [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
01:34:18.0546 0x033c MRxDAV - ok
01:34:18.0562 0x033c [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
01:34:18.0593 0x033c mrxsmb - ok
01:34:18.0624 0x033c [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:34:18.0640 0x033c mrxsmb10 - ok
01:34:18.0640 0x033c [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:34:18.0656 0x033c mrxsmb20 - ok
01:34:18.0687 0x033c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
01:34:18.0702 0x033c msahci - ok
01:34:18.0734 0x033c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
01:34:18.0749 0x033c msdsm - ok
01:34:18.0749 0x033c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
01:34:18.0765 0x033c MSDTC - ok
01:34:18.0780 0x033c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
01:34:18.0827 0x033c Msfs - ok
01:34:18.0827 0x033c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
01:34:18.0874 0x033c mshidkmdf - ok
01:34:18.0874 0x033c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
01:34:18.0890 0x033c msisadrv - ok
01:34:18.0905 0x033c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
01:34:18.0952 0x033c MSiSCSI - ok
01:34:18.0952 0x033c msiserver - ok
01:34:18.0968 0x033c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
01:34:18.0999 0x033c MSKSSRV - ok
01:34:19.0014 0x033c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
01:34:19.0046 0x033c MSPCLOCK - ok
01:34:19.0061 0x033c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
01:34:19.0092 0x033c MSPQM - ok
01:34:19.0108 0x033c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
01:34:19.0139 0x033c MsRPC - ok
01:34:19.0139 0x033c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
01:34:19.0155 0x033c mssmbios - ok
01:34:19.0170 0x033c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
01:34:19.0202 0x033c MSTEE - ok
01:34:19.0217 0x033c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
01:34:19.0217 0x033c MTConfig - ok
01:34:19.0248 0x033c [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
01:34:19.0264 0x033c MTsensor - ok
01:34:19.0264 0x033c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
01:34:19.0280 0x033c Mup - ok
01:34:19.0311 0x033c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
01:34:19.0358 0x033c napagent - ok
01:34:19.0373 0x033c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
01:34:19.0404 0x033c NativeWifiP - ok
01:34:19.0451 0x033c [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS C:\Windows\system32\drivers\ndis.sys
01:34:19.0482 0x033c NDIS - ok
01:34:19.0498 0x033c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
01:34:19.0529 0x033c NdisCap - ok
01:34:19.0545 0x033c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
01:34:19.0576 0x033c NdisTapi - ok
01:34:19.0592 0x033c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
01:34:19.0623 0x033c Ndisuio - ok
01:34:19.0638 0x033c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
01:34:19.0685 0x033c NdisWan - ok
01:34:19.0685 0x033c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
01:34:19.0732 0x033c NDProxy - ok
01:34:19.0732 0x033c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
01:34:19.0779 0x033c NetBIOS - ok
01:34:19.0794 0x033c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
01:34:19.0826 0x033c NetBT - ok
01:34:19.0841 0x033c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon C:\Windows\system32\lsass.exe
01:34:19.0857 0x033c Netlogon - ok
01:34:19.0888 0x033c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
01:34:19.0935 0x033c Netman - ok
01:34:19.0950 0x033c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:34:19.0982 0x033c NetMsmqActivator - ok
01:34:19.0982 0x033c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:34:19.0997 0x033c NetPipeActivator - ok
01:34:20.0013 0x033c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
01:34:20.0060 0x033c netprofm - ok
01:34:20.0075 0x033c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:34:20.0091 0x033c NetTcpActivator - ok
01:34:20.0091 0x033c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:34:20.0106 0x033c NetTcpPortSharing - ok
01:34:20.0122 0x033c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
01:34:20.0138 0x033c nfrd960 - ok
01:34:20.0169 0x033c [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
01:34:20.0184 0x033c NlaSvc - ok
01:34:20.0200 0x033c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
01:34:20.0231 0x033c Npfs - ok
01:34:20.0247 0x033c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
01:34:20.0294 0x033c nsi - ok
01:34:20.0294 0x033c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
01:34:20.0325 0x033c nsiproxy - ok
01:34:20.0387 0x033c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
01:34:20.0450 0x033c Ntfs - ok
01:34:20.0450 0x033c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
01:34:20.0481 0x033c Null - ok
01:34:20.0793 0x033c [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:34:21.0042 0x033c nvlddmkm - ok
01:34:21.0089 0x033c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
01:34:21.0105 0x033c nvraid - ok
01:34:21.0120 0x033c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
01:34:21.0136 0x033c nvstor - ok
01:34:21.0167 0x033c [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc C:\Windows\system32\nvvsvc.exe
01:34:21.0198 0x033c nvsvc - ok
01:34:21.0261 0x033c [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:34:21.0308 0x033c nvUpdatusService - ok
01:34:21.0323 0x033c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
01:34:21.0339 0x033c nv_agp - ok
01:34:21.0354 0x033c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
01:34:21.0370 0x033c ohci1394 - ok
01:34:21.0401 0x033c [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:34:21.0417 0x033c ose - ok
01:34:21.0604 0x033c [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:34:21.0713 0x033c osppsvc - ok
01:34:21.0760 0x033c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
01:34:21.0776 0x033c p2pimsvc - ok
01:34:21.0807 0x033c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
01:34:21.0822 0x033c p2psvc - ok
01:34:21.0854 0x033c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
01:34:21.0869 0x033c Parport - ok
01:34:21.0885 0x033c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
01:34:21.0900 0x033c partmgr - ok
01:34:21.0932 0x033c [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
01:34:21.0947 0x033c PcaSvc - ok
01:34:21.0978 0x033c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
01:34:21.0994 0x033c pci - ok
01:34:22.0025 0x033c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
01:34:22.0025 0x033c pciide - ok
01:34:22.0056 0x033c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
01:34:22.0072 0x033c pcmcia - ok
01:34:22.0072 0x033c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
01:34:22.0088 0x033c pcw - ok
01:34:22.0119 0x033c [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
01:34:22.0150 0x033c PEAUTH - ok
01:34:22.0181 0x033c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
01:34:22.0197 0x033c PerfHost - ok
01:34:22.0259 0x033c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
01:34:22.0322 0x033c pla - ok
01:34:22.0353 0x033c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
01:34:22.0368 0x033c PlugPlay - ok
01:34:22.0368 0x033c PnkBstrA - ok
01:34:22.0400 0x033c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
01:34:22.0415 0x033c PNRPAutoReg - ok
01:34:22.0446 0x033c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
01:34:22.0462 0x033c PNRPsvc - ok
01:34:22.0493 0x033c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
01:34:22.0524 0x033c PolicyAgent - ok
01:34:22.0602 0x033c [ 4671F353D0DF74C3B0D2D00DE676F56C, 0F75009DD36B2E18212CE855FB7CA7D273E5749D8F2F451655ED81AA5E86BA9F ] postgresql-8.4 c:\postgreSQL\bin\pg_ctl.exe
01:34:22.0602 0x033c postgresql-8.4 - detected UnsignedFile.Multi.Generic ( 1 )
01:34:22.0602 0x033c Detect skipped due to KSN trusted
01:34:22.0602 0x033c postgresql-8.4 - ok
01:34:22.0634 0x033c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
01:34:22.0665 0x033c Power - ok
01:34:22.0680 0x033c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
01:34:22.0727 0x033c PptpMiniport - ok
01:34:22.0727 0x033c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
01:34:22.0743 0x033c Processor - ok
01:34:22.0774 0x033c [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
01:34:22.0790 0x033c ProfSvc - ok
01:34:22.0805 0x033c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:34:22.0821 0x033c ProtectedStorage - ok
01:34:22.0836 0x033c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
01:34:22.0868 0x033c Psched - ok
01:34:22.0930 0x033c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
01:34:22.0977 0x033c ql2300 - ok
01:34:22.0992 0x033c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
01:34:23.0008 0x033c ql40xx - ok
01:34:23.0024 0x033c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
01:34:23.0039 0x033c QWAVE - ok
01:34:23.0055 0x033c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
01:34:23.0070 0x033c QWAVEdrv - ok
01:34:23.0086 0x033c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
01:34:23.0117 0x033c RasAcd - ok
01:34:23.0133 0x033c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
01:34:23.0164 0x033c RasAgileVpn - ok
01:34:23.0180 0x033c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
01:34:23.0211 0x033c RasAuto - ok
01:34:23.0226 0x033c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
01:34:23.0258 0x033c Rasl2tp - ok
01:34:23.0273 0x033c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
01:34:23.0320 0x033c RasMan - ok
01:34:23.0351 0x033c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
01:34:23.0382 0x033c RasPppoe - ok
01:34:23.0382 0x033c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
01:34:23.0429 0x033c RasSstp - ok
01:34:23.0445 0x033c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
01:34:23.0476 0x033c rdbss - ok
01:34:23.0492 0x033c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
01:34:23.0507 0x033c rdpbus - ok
01:34:23.0523 0x033c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
01:34:23.0554 0x033c RDPCDD - ok
01:34:23.0570 0x033c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
01:34:23.0601 0x033c RDPENCDD - ok
01:34:23.0601 0x033c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
01:34:23.0648 0x033c RDPREFMP - ok
01:34:23.0663 0x033c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
01:34:23.0694 0x033c RDPWD - ok
01:34:23.0694 0x033c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
01:34:23.0726 0x033c rdyboost - ok
01:34:23.0741 0x033c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
01:34:23.0788 0x033c RemoteAccess - ok
01:34:23.0804 0x033c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
01:34:23.0835 0x033c RemoteRegistry - ok
01:34:23.0850 0x033c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
01:34:23.0882 0x033c RpcEptMapper - ok
01:34:23.0897 0x033c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
01:34:23.0897 0x033c RpcLocator - ok
01:34:23.0928 0x033c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
01:34:23.0975 0x033c RpcSs - ok
01:34:23.0991 0x033c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
01:34:24.0022 0x033c rspndr - ok
01:34:24.0038 0x033c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs C:\Windows\system32\lsass.exe
01:34:24.0053 0x033c SamSs - ok
01:34:24.0069 0x033c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
01:34:24.0069 0x033c sbp2port - ok
01:34:24.0100 0x033c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
01:34:24.0131 0x033c SCardSvr - ok
01:34:24.0147 0x033c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
01:34:24.0178 0x033c scfilter - ok
01:34:24.0240 0x033c [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule C:\Windows\system32\schedsvc.dll
01:34:24.0272 0x033c Schedule - ok
01:34:24.0303 0x033c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
01:34:24.0334 0x033c SCPolicySvc - ok
01:34:24.0350 0x033c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
01:34:24.0365 0x033c SDRSVC - ok
01:34:24.0396 0x033c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
01:34:24.0396 0x033c secdrv - ok
01:34:24.0412 0x033c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
01:34:24.0459 0x033c seclogon - ok
01:34:24.0459 0x033c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll
01:34:24.0506 0x033c SENS - ok
01:34:24.0506 0x033c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
01:34:24.0521 0x033c SensrSvc - ok
01:34:24.0537 0x033c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
01:34:24.0552 0x033c Serenum - ok
01:34:24.0568 0x033c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
01:34:24.0584 0x033c Serial - ok
01:34:24.0599 0x033c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
01:34:24.0599 0x033c sermouse - ok
01:34:24.0630 0x033c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
01:34:24.0662 0x033c SessionEnv - ok
01:34:24.0677 0x033c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
01:34:24.0693 0x033c sffdisk - ok
01:34:24.0708 0x033c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
01:34:24.0724 0x033c sffp_mmc - ok
01:34:24.0724 0x033c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
01:34:24.0740 0x033c sffp_sd - ok
01:34:24.0755 0x033c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
01:34:24.0771 0x033c sfloppy - ok
01:34:24.0802 0x033c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
01:34:24.0849 0x033c SharedAccess - ok
01:34:24.0864 0x033c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:34:24.0911 0x033c ShellHWDetection - ok
01:34:24.0911 0x033c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
01:34:24.0927 0x033c SiSRaid2 - ok
01:34:24.0942 0x033c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
01:34:24.0958 0x033c SiSRaid4 - ok
01:34:24.0958 0x033c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
01:34:25.0005 0x033c Smb - ok
01:34:25.0020 0x033c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
01:34:25.0036 0x033c SNMPTRAP - ok
01:34:25.0036 0x033c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
01:34:25.0052 0x033c spldr - ok
01:34:25.0083 0x033c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
01:34:25.0114 0x033c Spooler - ok
01:34:25.0208 0x033c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
01:34:25.0317 0x033c sppsvc - ok
01:34:25.0332 0x033c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
01:34:25.0379 0x033c sppuinotify - ok
01:34:25.0395 0x033c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
01:34:25.0410 0x033c srv - ok
01:34:25.0426 0x033c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
01:34:25.0457 0x033c srv2 - ok
01:34:25.0473 0x033c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
01:34:25.0488 0x033c srvnet - ok
01:34:25.0504 0x033c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
01:34:25.0551 0x033c SSDPSRV - ok
01:34:25.0551 0x033c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
01:34:25.0582 0x033c SstpSvc - ok
01:34:25.0644 0x033c [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
01:34:25.0660 0x033c Steam Client Service - ok
01:34:25.0722 0x033c [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
01:34:25.0738 0x033c Stereo Service - ok
01:34:25.0754 0x033c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
01:34:25.0769 0x033c stexstor - ok
01:34:25.0785 0x033c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
01:34:25.0816 0x033c stisvc - ok
01:34:25.0832 0x033c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
01:34:25.0847 0x033c swenum - ok
01:34:25.0878 0x033c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
01:34:25.0925 0x033c swprv - ok
01:34:25.0988 0x033c [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain C:\Windows\system32\sysmain.dll
01:34:26.0034 0x033c SysMain - ok
01:34:26.0050 0x033c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:34:26.0081 0x033c TabletInputService - ok
01:34:26.0097 0x033c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
01:34:26.0128 0x033c TapiSrv - ok
01:34:26.0144 0x033c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
01:34:26.0190 0x033c TBS - ok
01:34:26.0253 0x033c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
01:34:26.0300 0x033c Tcpip - ok
01:34:26.0362 0x033c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
01:34:26.0409 0x033c TCPIP6 - ok
01:34:26.0424 0x033c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
01:34:26.0440 0x033c tcpipreg - ok
01:34:26.0471 0x033c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
01:34:26.0487 0x033c TDPIPE - ok
01:34:26.0518 0x033c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
01:34:26.0534 0x033c TDTCP - ok
01:34:26.0565 0x033c [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
01:34:26.0580 0x033c tdx - ok
01:34:26.0596 0x033c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
01:34:26.0612 0x033c TermDD - ok
01:34:26.0643 0x033c [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
01:34:26.0674 0x033c TermService - ok
01:34:26.0705 0x033c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
01:34:26.0721 0x033c Themes - ok
01:34:26.0736 0x033c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
01:34:26.0768 0x033c THREADORDER - ok
01:34:26.0783 0x033c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
01:34:26.0814 0x033c TrkWks - ok
01:34:26.0861 0x033c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:34:26.0892 0x033c TrustedInstaller - ok
01:34:26.0924 0x033c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
01:34:26.0939 0x033c tssecsrv - ok
01:34:26.0955 0x033c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
01:34:26.0970 0x033c TsUsbFlt - ok
01:34:26.0986 0x033c [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
01:34:26.0986 0x033c TsUsbGD - ok
01:34:27.0017 0x033c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
01:34:27.0048 0x033c tunnel - ok
01:34:27.0064 0x033c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
01:34:27.0080 0x033c uagp35 - ok
01:34:27.0095 0x033c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
01:34:27.0126 0x033c udfs - ok
01:34:27.0158 0x033c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
01:34:27.0173 0x033c UI0Detect - ok
01:34:27.0189 0x033c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
01:34:27.0189 0x033c uliagpkx - ok
01:34:27.0204 0x033c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
01:34:27.0220 0x033c umbus - ok
01:34:27.0236 0x033c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
01:34:27.0251 0x033c UmPass - ok
01:34:27.0282 0x033c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
01:34:27.0314 0x033c upnphost - ok
01:34:27.0345 0x033c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
01:34:27.0360 0x033c usbccgp - ok
01:34:27.0392 0x033c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
01:34:27.0407 0x033c usbcir - ok
01:34:27.0423 0x033c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
01:34:27.0438 0x033c usbehci - ok
01:34:27.0485 0x033c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
01:34:27.0501 0x033c usbhub - ok
01:34:27.0516 0x033c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
01:34:27.0516 0x033c usbohci - ok
01:34:27.0548 0x033c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
01:34:27.0563 0x033c usbprint - ok
01:34:27.0563 0x033c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
01:34:27.0579 0x033c usbscan - ok
01:34:27.0610 0x033c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:34:27.0626 0x033c USBSTOR - ok
01:34:27.0626 0x033c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
01:34:27.0641 0x033c usbuhci - ok
01:34:27.0657 0x033c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
01:34:27.0704 0x033c UxSms - ok
01:34:27.0704 0x033c [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc C:\Windows\system32\lsass.exe
01:34:27.0719 0x033c VaultSvc - ok
01:34:27.0735 0x033c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
01:34:27.0750 0x033c vdrvroot - ok
01:34:27.0766 0x033c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
01:34:27.0813 0x033c vds - ok
01:34:27.0828 0x033c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
01:34:27.0844 0x033c vga - ok
01:34:27.0860 0x033c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
01:34:27.0891 0x033c VgaSave - ok
01:34:27.0906 0x033c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
01:34:27.0922 0x033c vhdmp - ok
01:34:27.0953 0x033c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
01:34:27.0953 0x033c viaide - ok
01:34:27.0969 0x033c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
01:34:27.0984 0x033c volmgr - ok
01:34:28.0000 0x033c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
01:34:28.0016 0x033c volmgrx - ok
01:34:28.0031 0x033c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
01:34:28.0047 0x033c volsnap - ok
01:34:28.0062 0x033c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
01:34:28.0078 0x033c vsmraid - ok
01:34:28.0140 0x033c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
01:34:28.0203 0x033c VSS - ok
01:34:28.0218 0x033c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
01:34:28.0234 0x033c vwifibus - ok
01:34:28.0250 0x033c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
01:34:28.0296 0x033c W32Time - ok
01:34:28.0312 0x033c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
01:34:28.0328 0x033c WacomPen - ok
01:34:28.0343 0x033c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
01:34:28.0374 0x033c WANARP - ok
01:34:28.0390 0x033c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
01:34:28.0421 0x033c Wanarpv6 - ok
01:34:28.0484 0x033c [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
01:34:28.0530 0x033c WatAdminSvc - ok
01:34:28.0577 0x033c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
01:34:28.0624 0x033c wbengine - ok
01:34:28.0655 0x033c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
01:34:28.0671 0x033c WbioSrvc - ok
01:34:28.0702 0x033c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
01:34:28.0718 0x033c wcncsvc - ok
01:34:28.0733 0x033c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:34:28.0749 0x033c WcsPlugInService - ok
01:34:28.0764 0x033c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
01:34:28.0780 0x033c Wd - ok
01:34:28.0811 0x033c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
01:34:28.0842 0x033c Wdf01000 - ok
01:34:28.0874 0x033c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
01:34:28.0889 0x033c WdiServiceHost - ok
01:34:28.0889 0x033c [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
01:34:28.0905 0x033c WdiSystemHost - ok
01:34:28.0936 0x033c [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient C:\Windows\System32\webclnt.dll
01:34:28.0967 0x033c WebClient - ok
01:34:28.0983 0x033c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
01:34:29.0030 0x033c Wecsvc - ok
01:34:29.0045 0x033c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
01:34:29.0076 0x033c wercplsupport - ok
01:34:29.0076 0x033c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
01:34:29.0123 0x033c WerSvc - ok
01:34:29.0139 0x033c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
01:34:29.0170 0x033c WfpLwf - ok
01:34:29.0186 0x033c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
01:34:29.0186 0x033c WIMMount - ok
01:34:29.0201 0x033c WinDefend - ok
01:34:29.0217 0x033c WinHttpAutoProxySvc - ok
01:34:29.0248 0x033c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
01:34:29.0295 0x033c Winmgmt - ok
01:34:29.0357 0x033c [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
01:34:29.0420 0x033c WinRM - ok
01:34:29.0451 0x033c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
01:34:29.0466 0x033c WinUsb - ok
01:34:29.0513 0x033c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
01:34:29.0560 0x033c Wlansvc - ok
01:34:29.0560 0x033c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
01:34:29.0576 0x033c WmiAcpi - ok
01:34:29.0591 0x033c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
01:34:29.0607 0x033c wmiApSrv - ok
01:34:29.0638 0x033c WMPNetworkSvc - ok
01:34:29.0638 0x033c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
01:34:29.0654 0x033c WPCSvc - ok
01:34:29.0669 0x033c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
01:34:29.0685 0x033c WPDBusEnum - ok
01:34:29.0700 0x033c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
01:34:29.0747 0x033c ws2ifsl - ok
01:34:29.0747 0x033c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll
01:34:29.0763 0x033c wscsvc - ok
01:34:29.0778 0x033c WSearch - ok
01:34:29.0872 0x033c [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv C:\Windows\system32\wuaueng.dll
01:34:29.0934 0x033c wuauserv - ok
01:34:29.0966 0x033c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
01:34:29.0981 0x033c WudfPf - ok
01:34:30.0012 0x033c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
01:34:30.0028 0x033c WUDFRd - ok
01:34:30.0059 0x033c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
01:34:30.0075 0x033c wudfsvc - ok
01:34:30.0106 0x033c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
01:34:30.0122 0x033c WwanSvc - ok
01:34:30.0168 0x033c [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x64.sys
01:34:30.0184 0x033c yukonw7 - ok
01:34:30.0184 0x033c ================ Scan global ===============================
01:34:30.0215 0x033c [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
01:34:30.0246 0x033c [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
01:34:30.0262 0x033c [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
01:34:30.0293 0x033c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
01:34:30.0324 0x033c [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
01:34:30.0324 0x033c [ Global ] - ok
01:34:30.0324 0x033c ================ Scan MBR ==================================
01:34:30.0340 0x033c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:34:30.0543 0x033c \Device\Harddisk0\DR0 - ok
01:34:30.0543 0x033c ================ Scan VBR ==================================
01:34:30.0543 0x033c [ 1CB388BC93E57F76D2F36B933DDE7907 ] \Device\Harddisk0\DR0\Partition1
01:34:30.0543 0x033c \Device\Harddisk0\DR0\Partition1 - ok
01:34:30.0543 0x033c [ 5DAD4841F9A15EF124BF6DB3BB281701 ] \Device\Harddisk0\DR0\Partition2
01:34:30.0543 0x033c \Device\Harddisk0\DR0\Partition2 - ok
01:34:30.0543 0x033c [ A3D6D4A58824A1288984E69394CBFC4A ] \Device\Harddisk0\DR0\Partition3
01:34:30.0558 0x033c \Device\Harddisk0\DR0\Partition3 - ok
01:34:30.0558 0x033c ================ Scan generic autorun ======================
01:34:30.0636 0x033c [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
01:34:30.0668 0x033c avgnt - ok
01:34:30.0730 0x033c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:34:30.0761 0x033c Sidebar - ok
01:34:30.0761 0x033c AVG-Secure-Search-Update_JUNE2013_TB - ok
01:34:30.0792 0x033c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:34:30.0808 0x033c mctadmin - ok
01:34:30.0917 0x033c [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
01:34:30.0995 0x033c LightScribe Control Panel - ok
01:34:31.0120 0x033c [ 5353A34090BABE3CD48B70569AF0DD12, A211D0B06DC05BFCBD13EBC71275C644B7616E95485ED8336DEFF257B7AE7E80 ] E:\Steam\steam.exe
01:34:31.0182 0x033c Steam - ok
01:34:31.0198 0x033c Object required for P2P: [ 5353A34090BABE3CD48B70569AF0DD12 ] E:\Steam\steam.exe
01:34:33.0694 0x033c Object send P2P result: true
01:34:33.0788 0x033c [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
01:34:33.0850 0x033c LightScribe Control Panel - ok
01:34:34.0100 0x033c [ 15914F30482983E349FF9544B2DCAF11, 457833C665AB340D6DEE6B489947EE2D5202D4C93097C194A9DF196AFE4E4898 ] C:\Program Files\CCleaner\CCleaner64.exe
01:34:34.0287 0x033c CCleaner Monitoring - ok
01:34:34.0302 0x033c Object required for P2P: [ 15914F30482983E349FF9544B2DCAF11 ] C:\Program Files\CCleaner\CCleaner64.exe
01:34:36.0830 0x033c Object send P2P result: true
01:34:36.0876 0x033c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:34:36.0923 0x033c Sidebar - ok
01:34:36.0923 0x033c AVG-Secure-Search-Update_JUNE2013_TB - ok
01:34:36.0939 0x033c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:34:36.0954 0x033c mctadmin - ok
01:34:37.0001 0x033c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:34:37.0032 0x033c Sidebar - ok
01:34:37.0032 0x033c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:34:37.0064 0x033c mctadmin - ok
01:34:37.0064 0x033c AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
01:34:37.0064 0x033c Win FW state via NFP2: enabled ( trusted )
01:34:39.0482 0x033c ============================================================
01:34:39.0482 0x033c Scan finished
01:34:39.0482 0x033c ============================================================
01:34:39.0482 0x117c Detected object count: 0
01:34:39.0482 0x117c Actual detected object count: 0
|
|
02.12.2015, 14:47
| #6 |
| /// TB-Ausbilder | Anitvirus Programm findet Virus aber keine Probleme ? Servus, wir schauen kurz, ob alles ok ist: Schritt 1 Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Schritt 2 Downloade Dir bitte  Malwarebytes Anti-Malware
Schritt 3 Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
05.12.2015, 12:29
| #7 |
| /// TB-Ausbilder | Anitvirus Programm findet Virus aber keine Probleme ? Fehlende Rückmeldung Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten. PM an mich falls Du denoch weiter machen willst. Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist. Jeder andere bitte hier klicken und einen eigenen Thread erstellen! |
|
09.12.2015, 02:41
| #8 |
| | Anitvirus Programm findet Virus aber keine Probleme ? AdwCleaner: Code:
ATTFilter # AdwCleaner v5.024 - Bericht erstellt am 09/12/2015 um 01:53:38
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-07.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Martin - HORTKIND
# Gestartet von : C:\Users\Martin\Downloads\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum
***** [ Dienste ] *****
***** [ Ordner ] *****
***** [ Dateien ] *****
***** [ DLLs ] *****
***** [ Verknüpfungen ] *****
***** [ Aufgabenplanung ] *****
***** [ Registrierungsdatenbank ] *****
[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4
***** [ Internetbrowser ] *****
*************************
:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht
########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4998 Bytes] ##########
Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlaufdatum: 09.12.2015 Suchlaufzeit: 02:04 Protokolldatei: mbam.txt Administrator: Ja Version: 2.2.0.1024 Malware-Datenbank: v2015.12.08.05 Rootkit-Datenbank: v2015.12.07.01 Lizenz: Kostenlose Version Malware-Schutz: Deaktiviert Schutz vor bösartigen Websites: Deaktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Martin Suchlauftyp: Bedrohungssuchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 521631 Abgelaufene Zeit: 21 Min., 9 Sek. Speicher: Aktiviert Start: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (keine bösartigen Elemente erkannt) Module: 0 (keine bösartigen Elemente erkannt) Registrierungsschlüssel: 0 (keine bösartigen Elemente erkannt) Registrierungswerte: 0 (keine bösartigen Elemente erkannt) Registrierungsdaten: 0 (keine bösartigen Elemente erkannt) Ordner: 0 (keine bösartigen Elemente erkannt) Dateien: 0 (keine bösartigen Elemente erkannt) Physische Sektoren: 0 (keine bösartigen Elemente erkannt) (end) Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64
Ran by Martin (Administrator) on 09.12.2015 at 2:35:51,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
File System: 0
Registry: 0
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.12.2015 at 2:37:37,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
durchgeführt von Martin (Administrator) auf HORTKIND (09-12-2015 02:39:36)
Gestartet von C:\Users\Martin\Downloads
Geladene Profile: Martin & postgres & (Verfügbare Profile: Martin & Franzi & Martin_2 & UpdatusUser & postgres)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1946159566-2597201721-649942275-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
HKU\S-1-5-21-1946159566-2597201721-649942275-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => E:\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-1946159566-2597201721-649942275-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe" /PROMPT /CMPID=JUNE2013_TB
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{47F4B598-D74D-4473-AB02-AF9C25D58E8C}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{70398351-FC00-42EC-A769-D01F7A60262C}: [DhcpNameServer] 192.168.2.1
Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1946159566-2597201721-649942275-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1946159566-2597201721-649942275-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1946159566-2597201721-649942275-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C40D9CA3-4BF2-45A9-98FD-0B54556E25DA} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=301e5fc1-5779-49b6-ae6c-294ef966bda2&apn_sauid=B4FF7A36-FCAF-43A1-9A41-C9AC28FE6075
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {39B95236-B403-4FFC-865F-632D50ED950A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=301e5fc1-5779-49b6-ae6c-294ef966bda2&apn_sauid=B4FF7A36-FCAF-43A1-9A41-C9AC28FE6075
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={AE22BF52-6799-4A0B-A9F8-19CF6F86893C}&mid=ff31abb759e247d0a2f8d16f5effffac-3d5a0b6b088d02546a84e551975de48d0a65403a&lang=de&ds=nr011&pr=sa&d=2013-01-26 18:42:11&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
Toolbar: HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Keine Datei
FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll [2013-02-28] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2014-04-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-10-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default\searchplugins\google-images.xml [2014-12-17]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default\searchplugins\google-maps.xml [2014-12-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [ist nicht signiert]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-21] ()
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-17] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-12] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-09 02:39 - 2015-12-09 02:39 - 00014818 _____ C:\Users\Martin\Downloads\FRST.txt
2015-12-09 02:39 - 2015-12-09 02:39 - 00000000 ____D C:\Users\Martin\Downloads\FRST-OlderVersion
2015-12-09 02:34 - 2015-12-09 02:34 - 01599336 _____ (Malwarebytes) C:\Users\Martin\Downloads\JRT.exe
2015-12-09 02:04 - 2015-12-09 02:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-09 02:03 - 2015-12-09 02:03 - 22908888 _____ (Malwarebytes ) C:\Users\Martin\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-09 02:03 - 2015-12-09 02:03 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware
2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware
2015-12-09 02:03 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-09 02:03 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-09 02:03 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-09 01:55 - 2015-12-09 01:55 - 00000000 ____D C:\Users\Martin\AppData\Local\GWX
2015-12-09 01:51 - 2015-12-09 02:00 - 00000000 ____D C:\AdwCleaner
2015-12-09 01:50 - 2015-12-09 01:50 - 01738240 _____ C:\Users\Martin\Downloads\AdwCleaner_5.024.exe
2015-12-02 01:29 - 2015-12-02 01:37 - 00378062 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_01.29.35_log.txt
2015-12-02 01:22 - 2015-12-09 02:39 - 00000000 ____D C:\FRST
2015-12-02 01:21 - 2015-12-09 02:39 - 02369024 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2015-12-02 01:21 - 2015-12-02 01:21 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Martin\Downloads\tdsskiller.exe
2015-12-01 23:01 - 2015-12-01 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-27 21:09 - 2015-11-28 00:00 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\25Assist
2015-11-27 21:08 - 2015-11-27 21:08 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\WinRAR
2015-11-27 21:07 - 2015-11-27 21:07 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-27 21:07 - 2015-11-27 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-27 21:07 - 2015-11-27 21:07 - 00000000 ____D C:\Program Files\WinRAR
2015-11-12 22:06 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-10 23:11 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-10 23:11 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-10 23:11 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-10 23:11 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-10 23:11 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-10 23:11 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-10 23:11 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-10 23:11 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-10 23:11 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-10 23:11 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-10 23:11 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-10 23:11 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-10 23:11 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-10 23:11 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-10 23:11 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-10 23:11 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-10 23:11 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-10 23:11 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-10 23:11 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-10 23:11 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-10 23:11 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-10 23:11 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-10 23:11 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-10 23:11 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-10 23:11 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-10 23:11 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-10 23:11 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-10 23:11 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-10 23:11 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-10 23:11 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-10 23:11 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-10 23:11 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-10 23:11 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-10 23:11 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-10 23:11 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-10 23:11 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-10 23:11 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-10 23:11 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-10 23:11 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-10 23:11 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-10 23:11 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-10 23:11 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-10 23:11 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-10 23:11 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-10 23:11 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-10 23:11 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-10 23:11 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-10 23:11 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-10 23:11 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-10 23:11 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-10 23:10 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-10 23:10 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-10 23:10 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-10 23:10 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-10 23:10 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-10 23:10 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-10 23:10 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-10 23:10 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-10 23:10 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-10 23:10 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-10 23:10 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-10 23:10 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-10 23:10 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-10 23:10 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-10 23:10 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-10 23:10 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-10 23:10 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-10 23:10 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-10 23:10 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-10 23:10 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-10 23:10 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-10 23:10 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-10 23:10 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-10 23:10 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-10 23:10 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-10 23:10 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-10 23:10 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-10 23:10 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-10 23:10 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-10 23:10 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-10 23:10 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-10 23:10 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-10 23:10 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-10 23:10 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-10 23:10 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-10 23:10 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-10 23:10 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-10 23:10 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-10 23:10 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-10 23:10 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-10 23:10 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-10 23:10 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-10 23:10 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-10 23:10 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-10 23:10 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-10 23:10 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-10 23:10 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-10 23:10 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-10 23:10 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-10 23:10 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 23:10 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-10 23:10 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-10 23:10 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 21:18 - 2015-12-02 00:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-09 21:18 - 2015-11-09 21:18 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-09 21:18 - 2015-11-09 21:18 - 00000000 ____D C:\Program Files (x86)\Adobe
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2015-12-09 02:33 - 2012-04-18 10:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-09 02:03 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-09 02:03 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-09 01:55 - 2011-12-21 23:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-09 01:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-09 00:33 - 2012-04-18 10:47 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 00:33 - 2012-04-18 10:47 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 00:33 - 2011-12-23 21:35 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 02:37 - 2012-01-02 21:03 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\TS3Client
2015-12-02 01:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-01 23:01 - 2015-09-27 23:02 - 00001952 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk
2015-12-01 23:00 - 2015-09-27 23:01 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-01 23:00 - 2015-09-27 23:01 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-01 23:00 - 2015-09-27 23:01 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-11-27 23:26 - 2011-12-26 22:41 - 00233920 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-11-27 23:26 - 2011-12-23 02:37 - 00233920 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-27 23:26 - 2011-12-23 02:37 - 00233920 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-27 22:48 - 2011-12-26 22:41 - 00000000 ____D C:\Users\Martin_2\AppData\Local\PunkBuster
2015-11-27 22:47 - 2012-02-05 18:50 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-11-16 00:10 - 2012-01-02 21:02 - 00000000 ____D C:\Users\Martin_2\AppData\Local\TeamSpeak 3 Client
2015-11-13 03:26 - 2011-04-12 08:43 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-11-13 03:26 - 2011-04-12 08:43 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-11-13 03:26 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-13 03:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-11-13 03:20 - 2009-07-14 05:45 - 00366736 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 22:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 03:20 - 2013-08-15 02:02 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 03:14 - 2011-12-21 22:47 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 03:13 - 2012-04-12 17:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 03:06 - 2014-02-28 02:30 - 01594028 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 03:01 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-09 21:34 - 2012-01-03 21:29 - 00000000 ____D C:\Users\Martin_2\AppData\Local\Adobe
2015-11-09 21:34 - 2011-12-23 21:35 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\Adobe
2015-11-09 21:18 - 2014-12-23 22:17 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-09 21:18 - 2012-01-03 21:28 - 00000000 ____D C:\ProgramData\Adobe
2015-11-09 20:12 - 2015-11-06 23:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-09 20:12 - 2012-12-02 18:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2014-12-12 23:49 - 2014-12-12 23:49 - 0007605 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg
Einige Dateien in TEMP:
====================
C:\Users\Franzi\AppData\Local\temp\avgnt.exe
C:\Users\Martin\AppData\Local\temp\avgnt.exe
C:\Users\Martin_2\AppData\Local\temp\avgnt.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2015-12-07 18:10
==================== Ende von FRST.txt ============================
Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von Martin (2015-12-09 02:40:10)
Gestartet von C:\Users\Martin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-21 20:59:34)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-1946159566-2597201721-649942275-500 - Administrator - Disabled)
Franzi (S-1-5-21-1946159566-2597201721-649942275-1004 - Limited - Enabled) => C:\Users\Franzi
Gast (S-1-5-21-1946159566-2597201721-649942275-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1946159566-2597201721-649942275-1002 - Limited - Enabled)
Martin (S-1-5-21-1946159566-2597201721-649942275-1000 - Administrator - Enabled) => C:\Users\Martin
Martin_2 (S-1-5-21-1946159566-2597201721-649942275-1005 - Limited - Enabled) => C:\Users\Martin_2
postgres (S-1-5-21-1946159566-2597201721-649942275-1008 - Limited - Enabled) => C:\Users\postgres
UpdatusUser (S-1-5-21-1946159566-2597201721-649942275-1006 - Limited - Enabled) => C:\Users\UpdatusUser
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
America's Army: Proving Grounds Beta (HKLM-x32\...\Steam App 203290) (Version: - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.125 - Avira Operations GmbH & Co. KG)
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-1946159566-2597201721-649942275-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.3.0.23930 - Ask.com) <==== ACHTUNG
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Die Siedler - Aufbruch der Kulturen (HKLM-x32\...\SADK) (Version: - )
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - )
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version: - Paradox Development Studio)
Free Audio CD Burner version 2.0.33.525 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.33.525 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.525 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.525 - DVDVideoSoft Ltd.)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{54B0845F-5540-4492-9939-CD8880ABABF0}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version: - PokerStars.eu)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version: - Firaxis Games)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-1946159566-2597201721-649942275-1000\...\Warcraft III) (Version: - )
Warcraft III: All Products (HKU\S-1-5-21-1946159566-2597201721-649942275-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Warcraft III) (Version: - )
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Wiederherstellungspunkte =========================
09-11-2015 20:49:33 Geplanter Prüfpunkt
11-11-2015 02:58:37 Windows Update
13-11-2015 03:00:19 Windows Update
27-11-2015 20:55:29 Geplanter Prüfpunkt
07-12-2015 18:17:32 Geplanter Prüfpunkt
09-12-2015 02:35:54 JRT Pre-Junkware Removal
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 03:34 - 2014-12-16 00:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {40A1B172-BFC3-447A-A94B-6BE59EF6D54C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {5F988119-92A6-4FE0-AC1D-59F8B228526B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {6E54DBE4-2439-456B-A0D5-C6DC8B2DD6A1} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HpWebReg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {AFC2E1DD-36A9-4AA5-8DF2-6BF723AA7FE4} - System32\Tasks\{3AAF5C2C-095A-4AF7-8577-6B2E77592076} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {BB1B2AB9-47E5-4641-AE8F-BA210B6BA02C} - System32\Tasks\HP Deskjet 2050 J510 series.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {D77A1060-02D8-41C4-8CF2-7080D4D161CD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-12-23 02:37 - 2014-06-21 02:14 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-06 15:15 - 2014-02-18 09:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2015-02-06 15:16 - 2012-08-14 14:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-1946159566-2597201721-649942275-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1946159566-2597201721-649942275-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1946159566-2597201721-649942275-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Franzi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{4D4DAEB3-50B6-4AFB-9089-49E140718FFC}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{6A87580C-6250-4A10-A786-386801CCD9F0}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{D32DF0ED-DABF-49FC-8CE8-153A5DE53E8F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2B1AB722-4096-496E-8F7B-5A5763151F1C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BA924145-3367-433F-B9B1-E5538F994E65}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{71384331-E5FF-4A44-9473-A040ADB041AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{AC60C9F0-5C7F-4C60-80AF-A823F70D063C}E:\warcraft iii\war3.exe] => (Allow) E:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{5FD8D355-CC2C-426E-BD8C-F8E8E50DFC95}E:\warcraft iii\war3.exe] => (Allow) E:\warcraft iii\war3.exe
FirewallRules: [{B9437D32-A009-494B-8CB2-9B15648DC51A}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{FEB4C588-588E-4DC1-9561-FBD1D2DDEB7B}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{1E0EB67B-7F4A-4BF9-BA34-2248B5B5D934}] => (Allow) E:\Diablo III\Diablo III.exe
FirewallRules: [{BAC7A7FF-EC53-4D74-976C-DDF004FD770D}] => (Allow) E:\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{0DFF146F-3969-40B8-8D8A-AF215E9DD3AF}E:\world_of_tanks\worldoftanks.exe] => (Allow) E:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{D818B4D1-4447-4386-9EF2-04E6B2F54040}E:\world_of_tanks\worldoftanks.exe] => (Allow) E:\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{BD2F3E3A-6202-4065-8010-90C20D862ECB}E:\world_of_tanks\wotlauncher.exe] => (Allow) E:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{8353764E-2D3B-42C2-93DC-D8A9E0570A2B}E:\world_of_tanks\wotlauncher.exe] => (Allow) E:\world_of_tanks\wotlauncher.exe
FirewallRules: [{1BD99672-03CD-476F-AF3F-DFC66BAC234E}] => (Allow) E:\StarCraft II\StarCraft II.exe
FirewallRules: [{661FC810-267C-4C3E-BBAE-0FE0BDC1C3AA}] => (Allow) E:\StarCraft II\StarCraft II.exe
FirewallRules: [{E37A7749-137E-4FD3-9971-3289C284650B}] => (Allow) E:\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{71ABFE45-F5EC-44CB-B038-181866A891BE}] => (Allow) E:\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{77A39096-3684-4E52-BD38-FF925CB275D8}E:\starcraft ii\versions\base24944\sc2.exe] => (Allow) E:\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{6B97C22F-3F5B-4578-BB70-7162E48030C1}E:\starcraft ii\versions\base24944\sc2.exe] => (Allow) E:\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [{52360F0A-803F-43A0-A997-37A29A94CAC3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{354F0C22-5D91-4858-9AD2-1F8137AAB27E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{9BB0F549-145F-493B-A9DB-9ACD8B246876}E:\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) E:\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [UDP Query User{BF2FFAE4-5400-4947-9DEA-8C3F824A0F64}E:\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) E:\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [{765600F6-7F53-4262-8842-3E3AC844B5BB}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{3B840478-C2A0-4507-ACF7-38DA949BB274}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{EB44CFA7-CC1E-431B-A107-819428E7DE8B}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D877DCEB-3CD5-409E-972F-5AB9266E8BB6}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7EACA803-C806-493E-ADBD-62881207F774}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{D26484FA-D4A8-4E30-8F09-CFAA653A6376}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{171CC73E-4337-445F-B758-F148D8357B7C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8848C9DC-8840-4D48-84B8-6E078A1217EC}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{2D9E1F6D-B1AE-480C-B54D-8165990D5FB0}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [UDP Query User{7772A721-EB86-419B-A833-FE9DA6CC2ABF}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [TCP Query User{0DD20770-675C-4B22-8FD5-E33F897B09D8}E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [UDP Query User{176B0B1A-DFEC-4C20-A604-2598FA4A55DF}E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [{3BC3A213-D2E6-42CC-B4F3-1DD4086386A0}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8306151D-1726-4126-98E1-D269460F4207}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C94727CC-BA27-45FD-8D9C-18C32B4CF201}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{1D98E21C-C1D3-4745-9C8A-CA7AEB893677}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{DBE9B1F7-8340-4BD1-A89E-A3BE6DB1D9CF}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{127EC0A1-2047-4213-8801-4539AA529213}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{0D099624-D553-435C-AEC6-D5B30CF9C3B0}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{80B4ACDC-4381-4828-A3D7-AC3447DD7CDD}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{4E5BF445-DFAA-4D71-9C72-4F8221C1EA2A}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{CED86F52-4553-4674-B73E-6166342DFAC5}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{C61F78F6-F8DB-48CD-8772-41CD6EF7D049}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C00F5169-10C9-42B0-AC09-9960712384FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2A479E5E-D00A-45DF-A305-BD0B8A363611}] => (Allow) LPort=5432
FirewallRules: [{9192585E-D207-4C1B-9953-5D09A54893E5}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{87A0EC8A-3BDE-4421-B4DE-54C172CD0D68}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{09F078DF-C6F8-4E16-800B-79F9ABD72FB8}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{7660A974-1AC3-456D-9765-48747D39000A}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{00CA72EE-76E2-440A-AAFF-08F1F3FE3EED}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{765E56CB-6FAA-45E6-A8A8-E540472428A2}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0514B855-93F0-4123-86E9-4FEB713C61F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D8FF3575-D4A0-42EE-8C40-FBD6166A5CB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A29973C5-59F7-4916-A428-59AD081E0525}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{1DA23919-688F-411A-88E5-BDE68E00D391}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [TCP Query User{B0F9CDD7-628C-4AC0-89E8-04D8BFE3CD2A}C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe] => (Allow) C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe
FirewallRules: [UDP Query User{11AB80CB-6110-46AE-8271-637CE3E35A52}C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe] => (Allow) C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe
==================== Fehlerhafte Geräte im Gerätemanager =============
Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (12/09/2015 01:55:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/09/2015 01:55:29 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-12-09 01:55:29 CETFATAL: the database system is starting up
Error: (12/08/2015 10:33:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/08/2015 10:33:19 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-12-08 22:33:19 CETFATAL: the database system is starting up
Error: (12/07/2015 05:45:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/07/2015 05:45:29 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-12-07 17:45:29 CETFATAL: the database system is starting up
Error: (12/06/2015 10:17:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/06/2015 10:16:50 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-12-06 22:16:50 CETFATAL: the database system is starting up
Error: (12/04/2015 12:11:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/04/2015 12:10:55 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-12-04 00:10:55 CETFATAL: the database system is starting up
Systemfehler:
=============
Error: (12/09/2015 02:36:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/09/2015 01:57:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1069
Error: (12/09/2015 01:57:50 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden:
%%1330
Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).
Error: (12/09/2015 01:54:09 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler:
%%1056
Error: (12/09/2015 01:53:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/09/2015 01:53:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/09/2015 01:53:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/09/2015 01:53:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.
Error: (12/09/2015 01:53:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "postgresql-8.4 - PostgreSQL Server 8.4" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
Error: (12/09/2015 01:53:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.
CodeIntegrity:
===================================
Date: 2014-12-16 00:10:42.684
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2014-12-16 00:10:42.637
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 4094.85 MB
Verfügbarer physikalischer RAM: 2804.31 MB
Summe virtueller Speicher: 8187.91 MB
Verfügbarer virtueller Speicher: 6461.66 MB
==================== Laufwerke ================================
Drive c: () (Fixed) (Total:270.35 GB) (Free:179.12 GB) NTFS
Drive d: (CIVILIZATION5) (CDROM) (Total:3.02 GB) (Free:0 GB) CDFS
Drive e: (Volume) (Fixed) (Total:195.31 GB) (Free:90.57 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 194F194F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=270.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)
==================== Ende von Addition.txt ============================
|
|
09.12.2015, 17:59
| #9 |
| /// TB-Ausbilder | Anitvirus Programm findet Virus aber keine Probleme ? Servus, Hinweis: Der Suchlauf mit ESET kann länger dauern. Schritt 1 Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
Schritt 2 Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
Schritt 3 ESET Online Scanner
Schritt 4
Bitte poste mit deiner nächsten Antwort
|
|
10.12.2015, 11:22
| #10 |
| | Anitvirus Programm findet Virus aber keine Probleme ? Werde heute abend schauen das ich es durchführe. |
|
10.12.2015, 20:46
| #11 |
| /// TB-Ausbilder | Anitvirus Programm findet Virus aber keine Probleme ? Ok.  |
|
11.12.2015, 18:37
| #12 |
| | Anitvirus Programm findet Virus aber keine Probleme ? FRST-Fix: Code:
ATTFilter Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von Martin (2015-12-11 18:22:59) Run:1
Gestartet von C:\Users\Martin\Downloads
Geladene Profile: Martin & postgres (Verfügbare Profile: Martin & Franzi & Martin_2 & UpdatusUser & postgres)
Start-Modus: Normal
==============================================
fixlist Inhalt:
*****************
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
*****************
Prozess erfolgreich geschlossen.
========= RemoveProxy: =========
HKU\S-1-5-21-1946159566-2597201721-649942275-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1946159566-2597201721-649942275-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt
========= Ende von RemoveProxy: =========
========= ipconfig /flushdns =========
Windows-IP-Konfiguration
Der DNS-Aufl�sungscache wurde geleert.
========= Ende von CMD: =========
========= netsh winsock reset =========
Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.
========= Ende von CMD: =========
EmptyTemp: => 153 MB temporäre Dateien entfernt.
Das System musste neu gestartet werden.
==== Ende von Fixlog 18:23:11 ====
Code:
ATTFilter HitmanPro 3.7.10.251
www.hitmanpro.com
Computer name . . . . : HORTKIND
Windows . . . . . . . : 6.1.1.7601.X64/4
User name . . . . . . : Hortkind\Martin
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free
Scan date . . . . . . : 2015-12-11 18:31:01
Scan mode . . . . . . : Normal
Scan duration . . . . : 5m 27s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No
Threats . . . . . . . : 0
Traces . . . . . . . : 92
Objects scanned . . . : 2.017.790
Files scanned . . . . : 56.587
Remnants scanned . . : 487.579 files / 1.473.624 keys
Suspicious files ____________________________________________________________
C:\Users\Martin\AppData\Local\PunkBuster\BF3\pb\dll\wc002286.dll
Size . . . . . . . : 942.907 bytes
Age . . . . . . . : 1426.7 days (2012-01-15 01:43:42)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 151573760160ED491B4528616FF16C058966B9555B73E804AF1CD60B3F8EB33D
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\Martin\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
Size . . . . . . . : 942.907 bytes
Age . . . . . . . : 1426.7 days (2012-01-15 01:43:42)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 151573760160ED491B4528616FF16C058966B9555B73E804AF1CD60B3F8EB33D
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\Martin\AppData\Local\PunkBuster\BF3\pb\pbclold.dll
Size . . . . . . . : 951.497 bytes
Age . . . . . . . : 1426.7 days (2012-01-15 01:39:27)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 43358BBCEC1EBE7927CA3B0A3DCA0597D5E8584F0FCBE987B8126A0C12D73A2B
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\Martin\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys
Size . . . . . . . : 139.688 bytes
Age . . . . . . . : 1426.7 days (2012-01-15 01:39:47)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 643818A644C5A07C59DFACE042F53ACF33FAE290276555B3688066C40A024FB2
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Program is code signed with a valid Authenticode certificate.
C:\Users\Martin\Downloads\FRST64.exe
Size . . . . . . . : 2.369.024 bytes
Age . . . . . . . : 2.7 days (2015-12-09 02:39:26)
Entropy . . . . . : 7.6
SHA-256 . . . . . : DD61D2EA4C8059F67734E11221DED682276773D0361CB530D346E4C01C0A0176
Needs elevation . : Yes
Fuzzy . . . . . . : 24.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Forensic Cluster
0.0s C:\Users\Martin\Downloads\FRST64.exe
0.9s C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default\datareporting\archived\2015-12\1449624772249.1ef9583a-4807-40bc-b9cd-cda943a19bb8.main.jsonlz4
C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbcl.dll
Size . . . . . . . : 930.024 bytes
Age . . . . . . . : 13.8 days (2015-11-27 22:48:51)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 13B3D879B8F163A8378CDD83EB290403BBA3708E7004380EF6645C39DE868FE1
Fuzzy . . . . . . : 30.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Program contains PE structure anomalies. This is not typical for most programs.
Forensic Cluster
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbcl.db
-0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\
-0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\
-0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbclgame.cfg
-0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbcl.db
0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbcl.dll
0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbag.dll
0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\scrnshot\
0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\dll\
0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\htm\
11.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\PnkBstrB.exe
13.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D47DBD2F9E3365FBBE008D71FB06716F_4DD1053BCC726DA41115FFF4C7D6E9CC
13.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D47DBD2F9E3365FBBE008D71FB06716F_4DD1053BCC726DA41115FFF4C7D6E9CC
13.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4DD39726D4B55AC3B4119B35A893323C_D9FA1A7D52109971837F7989B56BFE53
13.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4DD39726D4B55AC3B4119B35A893323C_D9FA1A7D52109971837F7989B56BFE53
20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\PnkBstrK.sys
C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\PnkBstrK.sys
Size . . . . . . . : 139.136 bytes
Age . . . . . . . : 13.8 days (2015-11-27 22:49:12)
Entropy . . . . . : 7.7
SHA-256 . . . . . : 79CAD9D90619FEAECABBFD635AA54B9932345BC59656FAFA9169871ED28D299E
RSA Key Size . . . : 1024
Authenticode . . . : Valid
Fuzzy . . . . . . : 23.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Program contains PE structure anomalies. This is not typical for most programs.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Program is code signed with a valid Authenticode certificate.
Forensic Cluster
-20.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbcl.db
-20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\
-20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\
-20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbclgame.cfg
-20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbcl.db
-20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbcl.dll
-20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbag.dll
-20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\scrnshot\
-20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\dll\
-20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\htm\
-9.1s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\PnkBstrB.exe
-7.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D47DBD2F9E3365FBBE008D71FB06716F_4DD1053BCC726DA41115FFF4C7D6E9CC
-7.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D47DBD2F9E3365FBBE008D71FB06716F_4DD1053BCC726DA41115FFF4C7D6E9CC
-7.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4DD39726D4B55AC3B4119B35A893323C_D9FA1A7D52109971837F7989B56BFE53
-7.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4DD39726D4B55AC3B4119B35A893323C_D9FA1A7D52109971837F7989B56BFE53
0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\PnkBstrK.sys
C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002286.dll
Size . . . . . . . : 942.907 bytes
Age . . . . . . . : 1438.8 days (2012-01-02 22:18:25)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 151573760160ED491B4528616FF16C058966B9555B73E804AF1CD60B3F8EB33D
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002287.dll
Size . . . . . . . : 948.113 bytes
Age . . . . . . . : 1416.7 days (2012-01-25 00:33:07)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 1BE27031845D80D6803C15BCE2EBE1276C0CA17F3BD47FDA8EAD97DBF5A517AF
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002288.dll
Size . . . . . . . : 948.118 bytes
Age . . . . . . . : 1411.7 days (2012-01-30 00:37:53)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 3192353354FE593051B33886088D4C312ACB9A653D874281B2EBF131B80415CB
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002292.dll
Size . . . . . . . : 956.681 bytes
Age . . . . . . . : 1317.9 days (2012-05-02 20:07:16)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 7218A15A9890CE82EB25F7AB5AC7AA60B4E3055C5574B70A6CABA4274D6DE493
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002317.dll
Size . . . . . . . : 949.613 bytes
Age . . . . . . . : 1171.9 days (2012-09-25 20:03:19)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 15059F09B1D62DEA6B5D22EF9E0D062411C167378D870AE339AAB50B0BDC7FC0
Fuzzy . . . . . . : 29.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002325.dll
Size . . . . . . . : 959.376 bytes
Age . . . . . . . : 1021.1 days (2013-02-23 16:10:17)
Entropy . . . . . : 7.6
SHA-256 . . . . . : A85592ACDCFDA7C0293504A5F5279C2654ACC0E6D2398ED8958F6E03F05DCEB5
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
Program is code signed with a valid Authenticode certificate.
C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002331.dll
Size . . . . . . . : 963.480 bytes
Age . . . . . . . : 580.9 days (2014-05-09 21:39:31)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
Program is code signed with a valid Authenticode certificate.
C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
Size . . . . . . . : 963.480 bytes
Age . . . . . . . : 580.8 days (2014-05-09 23:11:21)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
Program is code signed with a valid Authenticode certificate.
C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\pbclold.dll
Size . . . . . . . : 963.480 bytes
Age . . . . . . . : 1445.8 days (2011-12-26 22:41:48)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
Program is code signed with a valid Authenticode certificate.
C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys
Size . . . . . . . : 139.032 bytes
Age . . . . . . . : 1445.8 days (2011-12-26 22:42:10)
Entropy . . . . . : 7.8
SHA-256 . . . . . : 0CA9D48C9E3D938121A73EBE6EA3FBE19A9AE017EEDA066A22CF254A688A98C2
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Program is code signed with a valid Authenticode certificate.
C:\Users\Martin_2\AppData\Local\PunkBuster\PG\pb\dll\wc002341.dll
Size . . . . . . . : 965.880 bytes
Age . . . . . . . : 538.7 days (2014-06-21 02:14:14)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 9D84C917D9E747EDCBB23A765E2D70C8AE9E629556BB19613136B4C7598062BE
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
Program is code signed with a valid Authenticode certificate.
C:\Users\Martin_2\AppData\Local\PunkBuster\PG\pb\pbcl.dll
Size . . . . . . . : 965.880 bytes
Age . . . . . . . : 396.8 days (2014-11-09 22:51:16)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 9D84C917D9E747EDCBB23A765E2D70C8AE9E629556BB19613136B4C7598062BE
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
Program is code signed with a valid Authenticode certificate.
C:\Users\Martin_2\AppData\Local\PunkBuster\PG\pb\pbclold.dll
Size . . . . . . . : 965.880 bytes
Age . . . . . . . : 538.7 days (2014-06-21 01:02:28)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 9D84C917D9E747EDCBB23A765E2D70C8AE9E629556BB19613136B4C7598062BE
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
Program is code signed with a valid Authenticode certificate.
C:\Users\Martin_2\AppData\Local\PunkBuster\PG\pb\PnkBstrK.sys
Size . . . . . . . : 140.160 bytes
Age . . . . . . . : 538.7 days (2014-06-21 01:02:40)
Entropy . . . . . : 7.8
SHA-256 . . . . . : C5FF96EF8AC37C5B02579173DBA6BC9E8148381BC9817C426600968A7BAAF168
RSA Key Size . . . : 2048
Authenticode . . . : Valid
Fuzzy . . . . . . : 22.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.
The file is a device driver. Device drivers run as trusted (highly privileged) code.
Program is code signed with a valid Authenticode certificate.
C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\wc002243.dll
Size . . . . . . . : 930.024 bytes
Age . . . . . . . : 13.8 days (2015-11-27 22:43:52)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 13B3D879B8F163A8378CDD83EB290403BBA3708E7004380EF6645C39DE868FE1
Fuzzy . . . . . . : 30.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Program contains PE structure anomalies. This is not typical for most programs.
Forensic Cluster
-1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\
-1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\splash.bmp
-1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AA.key
-1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\sso.public.rsa.key
-1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pbag.bin
-1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\RunServer.bat
-1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\RunServerTournament.bat
-1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Config\
-1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Config\AceKilla.txt
-1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AdditionalCredits.txt
-1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyOpsGlossary.txt
-1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyOpsReadMe.txt
-1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\credits.txt
-1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\creditsarmy.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_Acog_4x.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_ACOG_Reflex.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_Harris_Bipod.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_heatshield.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_Ironsight.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M203A1_Grenade.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M4qd_suppressor.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M583A1_Flare.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M68_Aimpoint.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_NONE.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\overview.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Config\Poland.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Weapon_AKS74U.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Weapon_M4A1.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AntiPoke.ini
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Build.ini
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Default.ini
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\DefUnrealEd.ini
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\DefUser.ini
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Distribution.ini
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\FanSites.ini
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Help.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\KeyBindings.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Links.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\maap71.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\maap720.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\maap721.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Partners.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\server.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Services.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\tournament.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\tours.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UPlaylists.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\WeaponMods.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyGameEULA.rtf
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\PunkBusterEULA.rtf
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\libandromeda.so
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\DtC6dal.dat
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\DtC6dl.dat
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt16M9bs.dat
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt16M9fs.dat
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt8S9bs.dat
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt8S9fs.dat
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\aa.sdk.key.data
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\aa.sdk.rsa.data
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP.int
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Interface.int
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Vehicles.int
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ALAudio.int
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Core.int
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\D3DDrv.int
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Editor.int
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Engine.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IpDrv.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Setup.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Skins.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\SoftDrv.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Startup.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UnrealEd.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UWeb.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Vehicles.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Window.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\WinDrv.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\XInterface.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\CivDoc_3P.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\CivDoc_3P.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\COGGruntMesh.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\DI-oc3entver.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\DI-oc3entver.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\DocF_Nurse.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\DocM_Labcoat.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\George_FlakVest.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SF_3P.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierF_Infantry_ClassB.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_Infantry_ClassB.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_Instr_AA.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_Pilot.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_SF_RBA_AdvMarksman.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_SF_RBA_Rifleman.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_SF_RBA_Saw.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\UT-Ref-maya.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\CivDocFemale_3P.map
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\CivDoc_3P.map
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\COGGruntMesh.map
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\DI-oc3entver.map
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\SF_3P.map
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\SoldierM_Infantry_ClassB.map
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\UT-Ref-maya.map
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Packages.MD5
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AA25Characters.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_AI.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Characters.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Effects.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Game.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Gameplay.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Interface.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Inventory.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Objects.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Script.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Security.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_UI.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Vehicles.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Andromeda.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AntiPoke.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Core.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Editor.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Engine.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Fire.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Gameplay.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IpDrv.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\mAApFriend.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\mAApKActor.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\SpankyCameraTextureClient.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\TriggerLightReset.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UnrealEd.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UTelnet.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\XInterface.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\BugSubmit.URL
-0.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyOps.exe
-0.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\BugReport.exe
-0.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Server.exe
-0.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Interface.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Utils.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Vehicles.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ALAudio.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Andromeda.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Core.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\D3DDrv.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\DBGHELP.DLL
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\defOpenAL32.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Editor.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Engine.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Fire.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\GSMSLibrary.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IFC23.DLL
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ImpersonatorLib_rd.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IpDrv.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\libandromeda.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\libgmp.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\msvcp71.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\msvcr71.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ogg.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbag.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbcl.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\vorbis.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\vorbisfile.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\wa001371.dll
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\wc002243.dll
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Window.dll
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\WinDrv.dll
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\XInterface.dll
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Save\
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\scrnshot\
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\htm\
1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbclgame.cfg
C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbcl.dll
Size . . . . . . . : 930.024 bytes
Age . . . . . . . : 13.8 days (2015-11-27 22:43:52)
Entropy . . . . . : 7.6
SHA-256 . . . . . : 13B3D879B8F163A8378CDD83EB290403BBA3708E7004380EF6645C39DE868FE1
Fuzzy . . . . . . : 30.0
The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Time indicates that the file appeared recently on this computer.
Program contains PE structure anomalies. This is not typical for most programs.
Forensic Cluster
-1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\
-1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\splash.bmp
-1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AA.key
-1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\sso.public.rsa.key
-1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pbag.bin
-1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\RunServer.bat
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\RunServerTournament.bat
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Config\
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Config\AceKilla.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AdditionalCredits.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyOpsGlossary.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyOpsReadMe.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\credits.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\creditsarmy.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_Acog_4x.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_ACOG_Reflex.txt
-1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_Harris_Bipod.txt
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_heatshield.txt
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_Ironsight.txt
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M203A1_Grenade.txt
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M4qd_suppressor.txt
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M583A1_Flare.txt
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M68_Aimpoint.txt
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_NONE.txt
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\overview.txt
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Config\Poland.txt
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Weapon_AKS74U.txt
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Weapon_M4A1.txt
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AntiPoke.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Build.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Default.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\DefUnrealEd.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\DefUser.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Distribution.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\FanSites.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Help.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\KeyBindings.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Links.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\maap71.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\maap720.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\maap721.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Partners.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\server.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Services.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\tournament.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\tours.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UPlaylists.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\WeaponMods.ini
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyGameEULA.rtf
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\PunkBusterEULA.rtf
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\libandromeda.so
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\DtC6dal.dat
-1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\DtC6dl.dat
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt16M9bs.dat
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt16M9fs.dat
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt8S9bs.dat
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt8S9fs.dat
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\aa.sdk.key.data
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\aa.sdk.rsa.data
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Interface.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Vehicles.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ALAudio.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Core.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\D3DDrv.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Editor.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Engine.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IpDrv.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Setup.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Skins.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\SoftDrv.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Startup.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UnrealEd.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UWeb.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Vehicles.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Window.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\WinDrv.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\XInterface.int
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\CivDoc_3P.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\CivDoc_3P.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\COGGruntMesh.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\DI-oc3entver.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\DI-oc3entver.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\DocF_Nurse.lad
-0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\DocM_Labcoat.lad
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\George_FlakVest.lad
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SF_3P.lad
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierF_Infantry_ClassB.lad
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_Infantry_ClassB.lad
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_Instr_AA.lad
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_Pilot.lad
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_SF_RBA_AdvMarksman.lad
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_SF_RBA_Rifleman.lad
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_SF_RBA_Saw.lad
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\UT-Ref-maya.lad
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\CivDocFemale_3P.map
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\CivDoc_3P.map
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\COGGruntMesh.map
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\DI-oc3entver.map
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\SF_3P.map
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\SoldierM_Infantry_ClassB.map
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\UT-Ref-maya.map
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Packages.MD5
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AA25Characters.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_AI.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Characters.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Effects.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Game.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Gameplay.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Interface.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Inventory.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Objects.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Script.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Security.u
-0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_UI.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Vehicles.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Andromeda.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AntiPoke.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Core.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Editor.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Engine.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Fire.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Gameplay.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IpDrv.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\mAApFriend.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\mAApKActor.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\SpankyCameraTextureClient.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\TriggerLightReset.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UnrealEd.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UTelnet.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\XInterface.u
-0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\BugSubmit.URL
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyOps.exe
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\BugReport.exe
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Server.exe
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Interface.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Utils.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Vehicles.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ALAudio.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Andromeda.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Core.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\D3DDrv.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\DBGHELP.DLL
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\defOpenAL32.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Editor.dll
-0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Engine.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Fire.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\GSMSLibrary.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IFC23.DLL
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ImpersonatorLib_rd.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IpDrv.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\libandromeda.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\libgmp.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\msvcp71.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\msvcr71.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ogg.dll
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\
-0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbag.dll
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbcl.dll
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\vorbis.dll
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\vorbisfile.dll
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\wa001371.dll
0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\wc002243.dll
0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Window.dll
0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\WinDrv.dll
0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\XInterface.dll
0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Save\
0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\scrnshot\
0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\htm\
1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbclgame.cfg
Potential Unwanted Programs _________________________________________________
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\06B42F08F6F40FA4F83EA94EF9F03F63\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\06FCEE940712E4B4C8A7362CD8D249A1\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\085CE460BADC1D14EA94D8A62E517577\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B2690283E07C9B4085B3B794202E7F7\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12D3738E79C70C74E9D808E162BD6691\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\189F6D048E923EA48B11D15B30CDAC81\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F0968491626AD249A2A6CBAC4DE352D\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22A78C977EC431247B2ECECC374DFE13\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2CAC1D959B4188B4F8E8C251A25DA9DB\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\33990057697C62f47BB9FFD59CB4AEEB\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\41BF64DDE5C2457478691CB0675759BA\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42F5B13BF4BAD8D409578286A354E360\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4374E71C5355C4B4AACC93BBBF40E99F\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4410C9B6FF0094C418865CD2B243B258\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45B0A4620F799834C82DE0BD4E90E40B\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4859A93046C917F408248F3C16F75E77\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A3D29BA507550f4F87F6F33D42B24D6\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4E28C30B25E21BF4C9418857AEB2AF7C\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50390A9E27AD04A4698BF297EF564973\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D5D3B13CCBA08C479F107E50BD81C8A\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65655A3C1C3738748BE6470495D534FC\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\661134B612233374391C95E8AC373BA3\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\734F787B99D52824EAB6CA1A89F801F7\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73A172B6C18A3594A9FA363311A187A3\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A0CF0C6A9F9B8642A392A1896DCCCF2\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE43E6BAE0DC0B43883C669D8DCE8B1\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D7860B78D7B6F64887AFCB83061837A\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7EC46CC5C43127A45A99762BF7A9C9E5\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFDE7BEC9977ac46B41B0A2BF7D88CD\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8011A895DAAC4CC45AF1397E3CE9CA16\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\81EE804DA9066C64A859E01A38075C59\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\879DDA62492E58A40898AD146BBB572E\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88761D7BAC02ccc428CD5EF352BB933C\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CB53AD495D2C5443B95C9EE29E47902\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F85A4D374D5bf245B8722C062C2D00E\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9516FC331A505934FA76C22DCFFEC47E\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98B242210207F2D48AF879D69C381D08\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A08449608E3Ca1f4ABF236256A256754\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A431C8F3F57D7844B89242F5F7A5F62C\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A66E2D84F93A9E94FBA6AB3524D85958\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA27FE018F87f5e4F97F31C09E7C5370\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC049320EE27170499EC0B6124142ED7\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B448F401EF39C8346BF7BE9B8D1C7060\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5211271DD585A740AA28576B137D09D\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B58469E2C54833741B90BAD9CE5A1159\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6DA77032731EEE40B463A325128D613\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCC2BCA248E19F74F9AEDE4D1EFEFBC9\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C70C6F53DEE245249956FC291D801A71\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C7C0052DD04CBC84C81C0AC586485E50\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C879DCC3D00BE8E4282F02F1735E78DF\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9FBD8E8A2691564FA012512BCC3748C\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB3AEBFFA9E907145906294AB669B1F2\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE142BFA81B72674892EB318BD603CB0\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE90A73A5D5A01a43A2EDCCF04BA9487\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D03E28F842DF79F4DA05A3B6B86B095C\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D05B2B3F5629f9d41A7E57FB534168CA\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D158B0E5D051EA046B8E08BF6B004842\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D45A81F48EF19334EABB33FF8871C4F5\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D538E650623CB2C43AD5FBF587227D55\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D8D06C15BF8AFCD449EFF90B935AEF7C\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB1AE396B3BBfe940922C55C6EEF740A\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDF3C3F412F4F954F9F2723C62C65C25\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDF89DEE0C7E9A5448382117C4436818\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E55AA93871A0fde4490A708053AC6501\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E954A03F45EC92B419A55A0D4815C0A3\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E97C12D46BF588241856422D760336B4\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EA1332016439DD54C840C7D45CFB2705\ (AskBar)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EFBB6B0872B0DBB4D912A0F52986399D\ (AskBar)
|
|
11.12.2015, 20:38
| #13 |
| /// TB-Ausbilder | Anitvirus Programm findet Virus aber keine Probleme ? Servus, gut gemacht. Fehlen noch die Logdateien von ESET und FRST. |
|
11.12.2015, 20:46
| #14 |
| | Anitvirus Programm findet Virus aber keine Probleme ? ESET: Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5c09cf3d64543e4a973da84a0a988fa1
# end=init
# utc_time=2015-12-11 05:39:04
# local_time=2015-12-11 06:39:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27155
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5c09cf3d64543e4a973da84a0a988fa1
# end=updated
# utc_time=2015-12-11 05:43:15
# local_time=2015-12-11 06:43:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5c09cf3d64543e4a973da84a0a988fa1
# engine=27155
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-11 07:36:46
# local_time=2015-12-11 08:36:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 65436 201492456 0 0
# scanned=295015
# found=0
# cleaned=0
# scan_time=6811
|
|
11.12.2015, 20:47
| #15 |
| /// TB-Ausbilder | Anitvirus Programm findet Virus aber keine Probleme ? Fehlt nur noch FRST. |
|
| Themen zu Anitvirus Programm findet Virus aber keine Probleme ? |
| ansicht, archiv, archive, auswertung, bestanden, converter, dankeschön, dateien, forum, frage, fragen, fund, hinweis, infizierte, namen, probleme, programm, sache, seite, seiten, software, suche, tmp, virus, warnung |
und 
und speichere die Logdatei auf Deinem Desktop.
