Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: Anitvirus Programm findet Virus aber keine Probleme ?

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 29.11.2015, 12:20   #1
Ossel
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



Hallo an alle in diesem Forum und an das Team was alle HIlfeanfragen bearbeitet.

Ersteinmal dankeschön für die prompte und schnelle HIlfe bei Fragen und Problemen.

Aber zu meiner Sache ich habe nen Virus FUnd beim Suchlauf des Antivirusprogramm gefunden. Alles unverhofft, weil eigentlich keine Probleme bestanden von Seiten meines Computers. Im Oktober hatte den letzten Suchlauf gemacht da waren noch keine Fehler. Jetzt waren im Suchlauf 4 Funde und das kuriose für mich in Dateien die auch schon auf dem Computer waren die im Suchlauf im Oktober geprüft werden mussten. Die Funde waren 2 Viren. Hiermit stelle ich euch zur Ansicht ein Teil der Auswertung des Berichts rein damit ihr sehen könnt um was es sich handelt und wie es beseitigt wurde vom Programm.

Der Suchlauf über die ausgewählten Dateien wird begonnen:

Beginne mit der Suche in 'C:\'
[0] Archivtyp: RSRC
--> C:\Users\Martin_2\Downloads\FRAPS - CHIP-Installer.exe
[1] Archivtyp: Runtime Packed
--> C:\Users\Martin_2\Downloads\FreeAudioCDBurner_2.0.33.525.exe
[2] Archivtyp: Inno Setup
--> {tmp}\OCSetupHlp.dll
[FUND] Enthält Muster der Software PUA/OpenCandy.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Martin_2\Downloads\FreeAudioCDBurner_2.0.33.525.exe
[FUND] Enthält Muster der Software PUA/OpenCandy.Gen
--> C:\Users\Martin_2\Downloads\FreeYouTubeToMP3Converter_3.12.59.525.exe
[2] Archivtyp: Inno Setup
--> {tmp}\OCSetupHlp.dll
[FUND] Enthält Muster der Software PUA/OpenCandy.Gen
[WARNUNG] Infizierte Dateien in Archiven können nicht repariert werden
C:\Users\Martin_2\Downloads\FreeYouTubeToMP3Converter_3.12.59.525.exe
[FUND] Enthält Muster der Software PUA/OpenCandy.Gen
Beginne mit der Suche in 'E:\' <Volume>

Beginne mit der Desinfektion:
C:\Users\Martin_2\Downloads\FreeYouTubeToMP3Converter_3.12.59.525.exe
[FUND] Enthält Muster der Software PUA/OpenCandy.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '50d448cc.qua' verschoben!
C:\Users\Martin_2\Downloads\FreeAudioCDBurner_2.0.33.525.exe
[FUND] Enthält Muster der Software PUA/OpenCandy.Gen
[HINWEIS] Die Datei wurde ins Quarantäneverzeichnis unter dem Namen '4843677b.qua' verschoben!


Ich hoffe ihr könnt mir weiterhelfen was ich machen müsste und ob Probleme entstehen könnten.

Einen schönen 1. Advent wünsche ich euch allen.

MFG
Ossel

Alt 29.11.2015, 12:54   #2
M-K-D-B
/// TB-Ausbilder
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?






Mein Name ist Matthias und ich werde dir bei der Bereinigung deines Computers helfen.


Bitte beachte folgende Hinweise:
  • Falls wir Hinweise auf illegal erworbene Software finden, werden wir den Support unterbrechen bis jegliche Art von illegaler Software vom Rechner entfernt wurde.
  • Lies dir die Anleitungen sorgfältig durch. Solltest du Probleme haben, stoppe mit deiner Bearbeitung und beschreibe mir dein Problem so gut es geht.
  • Solltest du mir nicht innerhalb von 3 Tagen antworten, gehe ich davon aus, dass du keine Hilfe mehr benötigst. Dann lösche ich dein Thema aus meinem Abo. Solltest du einmal länger abwesend sein, so gib mir bitte Bescheid!
  • Während der Bereinigung bitte nichts installieren oder deinstallieren, außer ich bitte dich darum!
  • Bitte beachten: Download bei filepony.de: So ladet Ihr unsere Tools richtig!
  • Alle zu verwendenen Programme sind auf dem Desktop abzuspeichern und von dort zu starten!


Bitte arbeite alle Schritte in der vorgegebenen Reihefolge nacheinander ab und poste alle Logdateien in CODE-Tags:
So funktioniert es:
Posten in CODE-Tags
Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert deinem Helfer massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu groß für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
  • Markiere das gesamte Logfile (geht meist mit STRG+A) und kopiere es in die Zwischenablage mit STRG+C.
  • Klicke im Editor auf das #-Symbol. Es erscheinen zwei Klammerausdrücke [CODE] [/CODE].
  • Setze den Curser zwischen die CODE-Tags und drücke STRG+V.
  • Klicke aauf Erweitert/Vorschau, um so prüfen, ob du es richtig gemacht hast. Wenn alles stimmt ... auf Antworten.

Danke für deine Mitarbeit!




Zur ersten Analyse bitte FRST und TDSS-Killer ausführen:



Schritt 1
Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)






Schritt 2
Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.







Bitte poste mit deiner nächsten Antwort
  • die Logdatei von TDSS-Killer,
  • die beiden neuen Logdateien von FRST.
__________________

__________________

Alt 02.12.2015, 01:25   #3
Ossel
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



FRST:

Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:01-12-2015
durchgeführt von Martin (Administrator) auf HORTKIND (02-12-2015 01:22:27)
Gestartet von C:\Users\Martin\Downloads
Geladene Profile: Martin & Martin_2 & postgres (Verfügbare Profile: Martin & Franzi & Martin_2 & UpdatusUser & postgres)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Valve Corporation) E:\Steam\Steam.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(Valve Corporation) E:\Steam\bin\steamwebhelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1946159566-2597201721-649942275-1005\...\Run: [Steam] => E:\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-1946159566-2597201721-649942275-1005\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1946159566-2597201721-649942275-1005\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{47F4B598-D74D-4473-AB02-AF9C25D58E8C}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{70398351-FC00-42EC-A769-D01F7A60262C}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1946159566-2597201721-649942275-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1946159566-2597201721-649942275-1005\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1005 -> {39B95236-B403-4FFC-865F-632D50ED950A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=301e5fc1-5779-49b6-ae6c-294ef966bda2&apn_sauid=B4FF7A36-FCAF-43A1-9A41-C9AC28FE6075
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1005 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={AE22BF52-6799-4A0B-A9F8-19CF6F86893C}&mid=ff31abb759e247d0a2f8d16f5effffac-3d5a0b6b088d02546a84e551975de48d0a65403a&lang=de&ds=nr011&pr=sa&d=2013-01-26 18:42:11&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
Toolbar: HKU\S-1-5-21-1946159566-2597201721-649942275-1005 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_245.dll [2015-11-11] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] ()
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll [2013-02-28] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2014-04-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-10-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default\searchplugins\google-images.xml [2014-12-17]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default\searchplugins\google-maps.xml [2014-12-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [ist nicht signiert]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-21] ()
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-17] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-12] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-02 01:22 - 2015-12-02 01:22 - 00013076 _____ C:\Users\Martin\Downloads\FRST.txt
2015-12-02 01:22 - 2015-12-02 01:22 - 00000000 ____D C:\FRST
2015-12-02 01:21 - 2015-12-02 01:21 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Martin\Downloads\tdsskiller.exe
2015-12-02 01:21 - 2015-12-02 01:21 - 02350080 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2015-12-01 23:01 - 2015-12-01 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-27 21:09 - 2015-11-28 00:00 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\25Assist
2015-11-27 21:08 - 2015-11-27 21:08 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\WinRAR
2015-11-27 21:07 - 2015-11-27 21:07 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-27 21:07 - 2015-11-27 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-27 21:07 - 2015-11-27 21:07 - 00000000 ____D C:\Program Files\WinRAR
2015-11-12 22:06 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-11 02:33 - 2015-11-11 02:33 - 05286088 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2015-11-10 23:11 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-10 23:11 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-10 23:11 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-10 23:11 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-10 23:11 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-10 23:11 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-10 23:11 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-10 23:11 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-10 23:11 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-10 23:11 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-10 23:11 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-10 23:11 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-10 23:11 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-10 23:11 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-10 23:11 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-10 23:11 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-10 23:11 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-10 23:11 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-10 23:11 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-10 23:11 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-10 23:11 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-10 23:11 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-10 23:11 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-10 23:11 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-10 23:11 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-10 23:11 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-10 23:11 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-10 23:11 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-10 23:11 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-10 23:11 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-10 23:11 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-10 23:11 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-10 23:11 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-10 23:11 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-10 23:11 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-10 23:11 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-10 23:11 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-10 23:11 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-10 23:11 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-10 23:11 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-10 23:11 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-10 23:11 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-10 23:11 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-10 23:11 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-10 23:11 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-10 23:11 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-10 23:11 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-10 23:11 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-10 23:11 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-10 23:11 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-10 23:10 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-10 23:10 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-10 23:10 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-10 23:10 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-10 23:10 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-10 23:10 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-10 23:10 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-10 23:10 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-10 23:10 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-10 23:10 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-10 23:10 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-10 23:10 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-10 23:10 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-10 23:10 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-10 23:10 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-10 23:10 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-10 23:10 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-10 23:10 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-10 23:10 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-10 23:10 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-10 23:10 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-10 23:10 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-10 23:10 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-10 23:10 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-10 23:10 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-10 23:10 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-10 23:10 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-10 23:10 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-10 23:10 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-10 23:10 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-10 23:10 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-10 23:10 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-10 23:10 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-10 23:10 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-10 23:10 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-10 23:10 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-10 23:10 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-10 23:10 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-10 23:10 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-10 23:10 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-10 23:10 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-10 23:10 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-10 23:10 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-10 23:10 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-10 23:10 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-10 23:10 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-10 23:10 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-10 23:10 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-10 23:10 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-10 23:10 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 23:10 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-10 23:10 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-10 23:10 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 21:18 - 2015-12-02 00:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-09 21:18 - 2015-11-09 21:18 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-09 21:18 - 2015-11-09 21:18 - 00000000 ____D C:\Program Files (x86)\Adobe
2015-11-06 23:05 - 2015-11-09 20:12 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-02 01:22 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-02 01:21 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-02 01:21 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-02 00:33 - 2012-04-18 10:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-01 23:01 - 2015-09-27 23:02 - 00001952 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk
2015-12-01 23:00 - 2015-09-27 23:01 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-01 23:00 - 2015-09-27 23:01 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-01 23:00 - 2015-09-27 23:01 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-12-01 22:49 - 2011-12-21 23:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-01 22:49 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-01 02:32 - 2012-01-02 21:03 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\TS3Client
2015-11-27 23:26 - 2011-12-26 22:41 - 00233920 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-11-27 23:26 - 2011-12-23 02:37 - 00233920 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-27 23:26 - 2011-12-23 02:37 - 00233920 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-27 22:48 - 2011-12-26 22:41 - 00000000 ____D C:\Users\Martin_2\AppData\Local\PunkBuster
2015-11-27 22:47 - 2012-02-05 18:50 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-11-16 00:10 - 2012-01-02 21:02 - 00000000 ____D C:\Users\Martin_2\AppData\Local\TeamSpeak 3 Client
2015-11-13 03:26 - 2011-04-12 08:43 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-11-13 03:26 - 2011-04-12 08:43 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-11-13 03:26 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-13 03:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-11-13 03:20 - 2009-07-14 05:45 - 00366736 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 22:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 03:20 - 2013-08-15 02:02 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 03:14 - 2011-12-21 22:47 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 03:13 - 2012-04-12 17:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 03:06 - 2014-02-28 02:30 - 01594028 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 03:01 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-11 02:33 - 2012-04-18 10:47 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-11-11 02:33 - 2012-04-18 10:47 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-11-11 02:33 - 2011-12-23 21:35 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-11-09 21:34 - 2012-01-03 21:29 - 00000000 ____D C:\Users\Martin_2\AppData\Local\Adobe
2015-11-09 21:34 - 2011-12-23 21:35 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\Adobe
2015-11-09 21:18 - 2014-12-23 22:17 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-09 21:18 - 2012-01-03 21:28 - 00000000 ____D C:\ProgramData\Adobe
2015-11-09 20:12 - 2012-12-02 18:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-12 23:49 - 2014-12-12 23:49 - 0007605 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Franzi\AppData\Local\temp\avgnt.exe
C:\Users\Martin\AppData\Local\temp\avgnt.exe
C:\Users\Martin_2\AppData\Local\temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-11-26 09:20

==================== Ende von FRST.txt ============================
         
Addition:

Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:01-12-2015
durchgeführt von Martin (2015-12-02 01:23:19)
Gestartet von C:\Users\Martin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-21 20:59:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1946159566-2597201721-649942275-500 - Administrator - Disabled)
Franzi (S-1-5-21-1946159566-2597201721-649942275-1004 - Limited - Enabled) => C:\Users\Franzi
Gast (S-1-5-21-1946159566-2597201721-649942275-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1946159566-2597201721-649942275-1002 - Limited - Enabled)
Martin (S-1-5-21-1946159566-2597201721-649942275-1000 - Administrator - Enabled) => C:\Users\Martin
Martin_2 (S-1-5-21-1946159566-2597201721-649942275-1005 - Limited - Enabled) => C:\Users\Martin_2
postgres (S-1-5-21-1946159566-2597201721-649942275-1008 - Limited - Enabled) => C:\Users\postgres
UpdatusUser (S-1-5-21-1946159566-2597201721-649942275-1006 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 19 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated)
Adobe Flash Player 19 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated)
America's Army: Proving Grounds Beta (HKLM-x32\...\Steam App 203290) (Version:  - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.125 - Avira Operations GmbH & Co. KG)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Siedler - Aufbruch der Kulturen (HKLM-x32\...\SADK) (Version:  - )
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Free Audio CD Burner version 2.0.33.525 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.33.525 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.525 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.525 - DVDVideoSoft Ltd.)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{54B0845F-5540-4492-9939-CD8880ABABF0}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version:  - Firaxis Games)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1946159566-2597201721-649942275-1005\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-1946159566-2597201721-649942275-1000\...\Warcraft III) (Version:  - )
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

CustomCLSID: HKU\S-1-5-21-1946159566-2597201721-649942275-1005_Classes\CLSID\{c31ca596-532d-a36f-e223-ce16b9ac70a56}\InprocServer32 -> 0xC99207A61842D00126CFC833E94ED001060000000900000000000000 => Keine Datei

==================== Wiederherstellungspunkte =========================

30-10-2015 10:13:50 Geplanter Prüfpunkt
09-11-2015 20:49:33 Geplanter Prüfpunkt
11-11-2015 02:58:37 Windows Update
13-11-2015 03:00:19 Windows Update
27-11-2015 20:55:29 Geplanter Prüfpunkt

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2014-12-16 00:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {40A1B172-BFC3-447A-A94B-6BE59EF6D54C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated)
Task: {5F988119-92A6-4FE0-AC1D-59F8B228526B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {6E54DBE4-2439-456B-A0D5-C6DC8B2DD6A1} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HpWebReg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {AFC2E1DD-36A9-4AA5-8DF2-6BF723AA7FE4} - System32\Tasks\{3AAF5C2C-095A-4AF7-8577-6B2E77592076} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {BB1B2AB9-47E5-4641-AE8F-BA210B6BA02C} - System32\Tasks\HP Deskjet 2050 J510 series.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {D77A1060-02D8-41C4-8CF2-7080D4D161CD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-12-26 23:41 - 2013-01-18 16:00 - 00087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-12-23 02:37 - 2014-06-21 02:14 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-06 15:15 - 2014-02-18 09:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2015-02-06 15:16 - 2012-08-14 14:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll
2013-03-12 17:10 - 2015-10-05 17:18 - 00778752 _____ () E:\Steam\SDL2.dll
2015-01-21 19:03 - 2015-07-03 17:12 - 04962816 _____ () E:\Steam\v8.dll
2015-01-21 19:03 - 2015-07-03 17:12 - 01556992 _____ () E:\Steam\icui18n.dll
2015-01-21 19:03 - 2015-07-03 17:12 - 01187840 _____ () E:\Steam\icuuc.dll
2014-05-21 21:38 - 2015-11-10 03:44 - 02541648 _____ () E:\Steam\video.dll
2014-09-02 21:15 - 2015-09-24 01:33 - 02549248 _____ () E:\Steam\libavcodec-56.dll
2014-09-02 21:15 - 2015-09-24 01:33 - 00442880 _____ () E:\Steam\libavutil-54.dll
2014-09-02 21:15 - 2015-09-24 01:33 - 00491008 _____ () E:\Steam\libavformat-56.dll
2014-09-02 21:15 - 2015-09-24 01:33 - 00332800 _____ () E:\Steam\libavresample-2.dll
2014-09-02 21:15 - 2015-09-24 01:33 - 00485888 _____ () E:\Steam\libswscale-3.dll
2012-03-01 23:38 - 2015-11-10 03:44 - 00806992 _____ () E:\Steam\bin\chromehtml.DLL
2015-07-23 23:14 - 2015-11-03 23:00 - 00201728 _____ () E:\Steam\bin\openvr_api.dll
2012-03-01 23:38 - 2015-10-08 23:20 - 45010208 _____ () E:\Steam\bin\libcef.dll
2015-01-21 19:03 - 2015-09-25 00:56 - 00119208 _____ () E:\Steam\winh264.dll
2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1946159566-2597201721-649942275-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1946159566-2597201721-649942275-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{4D4DAEB3-50B6-4AFB-9089-49E140718FFC}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{6A87580C-6250-4A10-A786-386801CCD9F0}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{D32DF0ED-DABF-49FC-8CE8-153A5DE53E8F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2B1AB722-4096-496E-8F7B-5A5763151F1C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BA924145-3367-433F-B9B1-E5538F994E65}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{71384331-E5FF-4A44-9473-A040ADB041AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{AC60C9F0-5C7F-4C60-80AF-A823F70D063C}E:\warcraft iii\war3.exe] => (Allow) E:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{5FD8D355-CC2C-426E-BD8C-F8E8E50DFC95}E:\warcraft iii\war3.exe] => (Allow) E:\warcraft iii\war3.exe
FirewallRules: [{B9437D32-A009-494B-8CB2-9B15648DC51A}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{FEB4C588-588E-4DC1-9561-FBD1D2DDEB7B}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{1E0EB67B-7F4A-4BF9-BA34-2248B5B5D934}] => (Allow) E:\Diablo III\Diablo III.exe
FirewallRules: [{BAC7A7FF-EC53-4D74-976C-DDF004FD770D}] => (Allow) E:\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{0DFF146F-3969-40B8-8D8A-AF215E9DD3AF}E:\world_of_tanks\worldoftanks.exe] => (Allow) E:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{D818B4D1-4447-4386-9EF2-04E6B2F54040}E:\world_of_tanks\worldoftanks.exe] => (Allow) E:\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{BD2F3E3A-6202-4065-8010-90C20D862ECB}E:\world_of_tanks\wotlauncher.exe] => (Allow) E:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{8353764E-2D3B-42C2-93DC-D8A9E0570A2B}E:\world_of_tanks\wotlauncher.exe] => (Allow) E:\world_of_tanks\wotlauncher.exe
FirewallRules: [{1BD99672-03CD-476F-AF3F-DFC66BAC234E}] => (Allow) E:\StarCraft II\StarCraft II.exe
FirewallRules: [{661FC810-267C-4C3E-BBAE-0FE0BDC1C3AA}] => (Allow) E:\StarCraft II\StarCraft II.exe
FirewallRules: [{E37A7749-137E-4FD3-9971-3289C284650B}] => (Allow) E:\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{71ABFE45-F5EC-44CB-B038-181866A891BE}] => (Allow) E:\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{77A39096-3684-4E52-BD38-FF925CB275D8}E:\starcraft ii\versions\base24944\sc2.exe] => (Allow) E:\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{6B97C22F-3F5B-4578-BB70-7162E48030C1}E:\starcraft ii\versions\base24944\sc2.exe] => (Allow) E:\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [{52360F0A-803F-43A0-A997-37A29A94CAC3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{354F0C22-5D91-4858-9AD2-1F8137AAB27E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{9BB0F549-145F-493B-A9DB-9ACD8B246876}E:\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) E:\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [UDP Query User{BF2FFAE4-5400-4947-9DEA-8C3F824A0F64}E:\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) E:\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [{765600F6-7F53-4262-8842-3E3AC844B5BB}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{3B840478-C2A0-4507-ACF7-38DA949BB274}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{EB44CFA7-CC1E-431B-A107-819428E7DE8B}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D877DCEB-3CD5-409E-972F-5AB9266E8BB6}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7EACA803-C806-493E-ADBD-62881207F774}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{D26484FA-D4A8-4E30-8F09-CFAA653A6376}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{171CC73E-4337-445F-B758-F148D8357B7C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8848C9DC-8840-4D48-84B8-6E078A1217EC}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{2D9E1F6D-B1AE-480C-B54D-8165990D5FB0}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [UDP Query User{7772A721-EB86-419B-A833-FE9DA6CC2ABF}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [TCP Query User{0DD20770-675C-4B22-8FD5-E33F897B09D8}E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [UDP Query User{176B0B1A-DFEC-4C20-A604-2598FA4A55DF}E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [{3BC3A213-D2E6-42CC-B4F3-1DD4086386A0}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8306151D-1726-4126-98E1-D269460F4207}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C94727CC-BA27-45FD-8D9C-18C32B4CF201}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{1D98E21C-C1D3-4745-9C8A-CA7AEB893677}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{DBE9B1F7-8340-4BD1-A89E-A3BE6DB1D9CF}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{127EC0A1-2047-4213-8801-4539AA529213}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{0D099624-D553-435C-AEC6-D5B30CF9C3B0}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{80B4ACDC-4381-4828-A3D7-AC3447DD7CDD}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{4E5BF445-DFAA-4D71-9C72-4F8221C1EA2A}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{CED86F52-4553-4674-B73E-6166342DFAC5}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{C61F78F6-F8DB-48CD-8772-41CD6EF7D049}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C00F5169-10C9-42B0-AC09-9960712384FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2A479E5E-D00A-45DF-A305-BD0B8A363611}] => (Allow) LPort=5432
FirewallRules: [{9192585E-D207-4C1B-9953-5D09A54893E5}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{87A0EC8A-3BDE-4421-B4DE-54C172CD0D68}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{09F078DF-C6F8-4E16-800B-79F9ABD72FB8}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{7660A974-1AC3-456D-9765-48747D39000A}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{00CA72EE-76E2-440A-AAFF-08F1F3FE3EED}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{765E56CB-6FAA-45E6-A8A8-E540472428A2}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0514B855-93F0-4123-86E9-4FEB713C61F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D8FF3575-D4A0-42EE-8C40-FBD6166A5CB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A29973C5-59F7-4916-A428-59AD081E0525}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{1DA23919-688F-411A-88E5-BDE68E00D391}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [TCP Query User{B0F9CDD7-628C-4AC0-89E8-04D8BFE3CD2A}C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe] => (Allow) C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe
FirewallRules: [UDP Query User{11AB80CB-6110-46AE-8271-637CE3E35A52}C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe] => (Allow) C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/01/2015 11:20:46 PM) (Source: MsiInstaller) (EventID: 1024) (User: Hortkind)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6F00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (12/01/2015 10:49:51 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/01/2015 10:49:33 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-12-01 22:49:33 CETFATAL:  the database system is starting up

Error: (11/30/2015 11:56:52 PM) (Source: MsiInstaller) (EventID: 1024) (User: Hortkind)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6F00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/30/2015 08:27:16 PM) (Source: MsiInstaller) (EventID: 1024) (User: Hortkind)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6F00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/30/2015 08:15:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/30/2015 08:14:42 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-11-30 20:14:42 CETFATAL:  the database system is starting up

Error: (11/29/2015 00:13:28 PM) (Source: MsiInstaller) (EventID: 1024) (User: Hortkind)
Description: Produkt: Adobe Acrobat Reader DC - Deutsch - Update "{AC76BA86-7AD7-0000-2550-AC0F094E6F00}" konnte nicht installiert werden. Fehlercode 1625. Windows Installer kann Protokolle erstellen, um bei der Problembehandlung betreffend der Installation von Softwarepaketen behilflich zu sein. Verwenden Sie folgenden Link, um Anweisungen zur Aktivierung der Protokollierungsunterstützung zu erhalten: hxxp://go.microsoft.com/fwlink/?LinkId=23127

Error: (11/29/2015 00:01:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (11/29/2015 00:01:06 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-11-29 12:01:06 CETFATAL:  the database system is starting up


Systemfehler:
=============
Error: (12/01/2015 10:51:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (12/01/2015 10:51:53 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (11/30/2015 08:17:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (11/30/2015 08:17:17 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (11/29/2015 00:03:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (11/29/2015 00:03:36 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (11/27/2015 08:07:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (11/27/2015 08:07:38 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (11/26/2015 08:42:53 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (11/26/2015 08:42:53 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


CodeIntegrity:
===================================
  Date: 2014-12-16 00:10:42.684
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-16 00:10:42.637
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
Prozentuale Nutzung des RAM: 42%
Installierter physikalischer RAM: 4094.85 MB
Verfügbarer physikalischer RAM: 2345.03 MB
Summe virtueller Speicher: 8187.91 MB
Verfügbarer virtueller Speicher: 5945.46 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:270.35 GB) (Free:180.03 GB) NTFS
Drive d: (CIVILIZATION5) (CDROM) (Total:3.02 GB) (Free:0 GB) CDFS
Drive e: (Volume) (Fixed) (Total:195.31 GB) (Free:90.73 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 194F194F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=270.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         
__________________

Alt 02.12.2015, 01:41   #4
Ossel
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



TDSSkiller:

Code:
ATTFilter
01:29:35.0507 0x0c88  TDSS rootkit removing tool 3.1.0.7 Nov 29 2015 22:37:04
01:30:55.0138 0x0c88  ============================================================
01:30:55.0138 0x0c88  Current date / time: 2015/12/02 01:30:55.0138
01:30:55.0138 0x0c88  SystemInfo:
01:30:55.0138 0x0c88  
01:30:55.0138 0x0c88  OS Version: 6.1.7601 ServicePack: 1.0
01:30:55.0138 0x0c88  Product type: Workstation
01:30:55.0138 0x0c88  ComputerName: HORTKIND
01:30:55.0138 0x0c88  UserName: Martin
01:30:55.0138 0x0c88  Windows directory: C:\Windows
01:30:55.0138 0x0c88  System windows directory: C:\Windows
01:30:55.0138 0x0c88  Running under WOW64
01:30:55.0138 0x0c88  Processor architecture: Intel x64
01:30:55.0138 0x0c88  Number of processors: 4
01:30:55.0138 0x0c88  Page size: 0x1000
01:30:55.0138 0x0c88  Boot type: Normal boot
01:30:55.0138 0x0c88  ============================================================
01:30:56.0464 0x0c88  KLMD registered as C:\Windows\system32\drivers\99339242.sys
01:30:56.0838 0x0c88  System UUID: {FF7FFEF3-A591-D896-1733-90FA5C9BDA85}
01:30:57.0400 0x0c88  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0x38080, SectorsPerTrack: 0x13, TracksPerCylinder: 0xE0, Type 'K0', Flags 0x00000040
01:30:57.0400 0x0c88  ============================================================
01:30:57.0400 0x0c88  \Device\Harddisk0\DR0:
01:30:57.0400 0x0c88  MBR partitions:
01:30:57.0400 0x0c88  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:30:57.0400 0x0c88  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x21CB3000
01:30:57.0400 0x0c88  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x21CE5800, BlocksNum 0x1869F800
01:30:57.0400 0x0c88  ============================================================
01:30:57.0431 0x0c88  C: <-> \Device\Harddisk0\DR0\Partition2
01:30:57.0462 0x0c88  E: <-> \Device\Harddisk0\DR0\Partition3
01:30:57.0462 0x0c88  ============================================================
01:30:57.0462 0x0c88  Initialize success
01:30:57.0462 0x0c88  ============================================================
01:31:32.0702 0x0144  ============================================================
01:31:32.0702 0x0144  Scan started
01:31:32.0702 0x0144  Mode: Manual; SigCheck; TDLFS; 
01:31:32.0702 0x0144  ============================================================
01:31:32.0702 0x0144  KSN ping started
01:31:35.0105 0x0144  KSN ping finished: true
01:31:36.0602 0x0144  ================ Scan system memory ========================
01:31:36.0602 0x0144  System memory - ok
01:31:36.0602 0x0144  ================ Scan services =============================
01:31:36.0696 0x0144  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
01:31:36.0743 0x0144  1394ohci - ok
01:31:36.0774 0x0144  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
01:31:36.0790 0x0144  ACPI - ok
01:31:36.0805 0x0144  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
01:31:36.0836 0x0144  AcpiPmi - ok
01:31:36.0930 0x0144  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:31:36.0946 0x0144  AdobeARMservice - ok
01:31:37.0039 0x0144  [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:31:37.0055 0x0144  AdobeFlashPlayerUpdateSvc - ok
01:31:37.0086 0x0144  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
01:31:37.0117 0x0144  adp94xx - ok
01:31:37.0148 0x0144  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
01:31:37.0164 0x0144  adpahci - ok
01:31:37.0211 0x0144  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
01:31:37.0226 0x0144  adpu320 - ok
01:31:37.0258 0x0144  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
01:31:37.0273 0x0144  AeLookupSvc - ok
01:31:37.0336 0x0144  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
01:31:37.0367 0x0144  AFD - ok
01:31:37.0398 0x0144  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
01:31:37.0414 0x0144  agp440 - ok
01:31:37.0429 0x0144  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
01:31:37.0445 0x0144  ALG - ok
01:31:37.0476 0x0144  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
01:31:37.0492 0x0144  aliide - ok
01:31:37.0507 0x0144  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
01:31:37.0507 0x0144  amdide - ok
01:31:37.0538 0x0144  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
01:31:37.0554 0x0144  AmdK8 - ok
01:31:37.0554 0x0144  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
01:31:37.0570 0x0144  AmdPPM - ok
01:31:37.0585 0x0144  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
01:31:37.0601 0x0144  amdsata - ok
01:31:37.0632 0x0144  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
01:31:37.0648 0x0144  amdsbs - ok
01:31:37.0663 0x0144  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
01:31:37.0679 0x0144  amdxata - ok
01:31:37.0772 0x0144  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
01:31:37.0804 0x0144  AntiVirMailService - ok
01:31:37.0866 0x0144  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
01:31:37.0897 0x0144  AntiVirSchedulerService - ok
01:31:37.0944 0x0144  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
01:31:37.0960 0x0144  AntiVirService - ok
01:31:38.0022 0x0144  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
01:31:38.0053 0x0144  AntiVirWebService - ok
01:31:38.0100 0x0144  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
01:31:38.0116 0x0144  AppID - ok
01:31:38.0131 0x0144  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
01:31:38.0147 0x0144  AppIDSvc - ok
01:31:38.0178 0x0144  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
01:31:38.0194 0x0144  Appinfo - ok
01:31:38.0240 0x0144  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
01:31:38.0240 0x0144  arc - ok
01:31:38.0256 0x0144  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
01:31:38.0272 0x0144  arcsas - ok
01:31:38.0365 0x0144  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:31:38.0428 0x0144  aspnet_state - ok
01:31:38.0459 0x0144  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
01:31:38.0490 0x0144  AsyncMac - ok
01:31:38.0521 0x0144  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
01:31:38.0521 0x0144  atapi - ok
01:31:38.0584 0x0144  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:31:38.0599 0x0144  AudioEndpointBuilder - ok
01:31:38.0630 0x0144  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
01:31:38.0662 0x0144  AudioSrv - ok
01:31:38.0693 0x0144  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
01:31:38.0708 0x0144  avgntflt - ok
01:31:38.0740 0x0144  [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
01:31:38.0755 0x0144  avgtp - ok
01:31:38.0786 0x0144  [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
01:31:38.0802 0x0144  avipbb - ok
01:31:38.0818 0x0144  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
01:31:38.0833 0x0144  avkmgr - ok
01:31:38.0849 0x0144  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
01:31:38.0864 0x0144  avnetflt - ok
01:31:38.0911 0x0144  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
01:31:38.0942 0x0144  AxInstSV - ok
01:31:38.0974 0x0144  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
01:31:39.0005 0x0144  b06bdrv - ok
01:31:39.0036 0x0144  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
01:31:39.0067 0x0144  b57nd60a - ok
01:31:39.0083 0x0144  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
01:31:39.0098 0x0144  BDESVC - ok
01:31:39.0114 0x0144  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
01:31:39.0161 0x0144  Beep - ok
01:31:39.0192 0x0144  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
01:31:39.0223 0x0144  BFE - ok
01:31:39.0270 0x0144  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
01:31:39.0348 0x0144  BITS - ok
01:31:39.0395 0x0144  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
01:31:39.0410 0x0144  blbdrive - ok
01:31:39.0426 0x0144  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
01:31:39.0442 0x0144  bowser - ok
01:31:39.0457 0x0144  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
01:31:39.0473 0x0144  BrFiltLo - ok
01:31:39.0473 0x0144  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
01:31:39.0488 0x0144  BrFiltUp - ok
01:31:39.0535 0x0144  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
01:31:39.0566 0x0144  BridgeMP - ok
01:31:39.0598 0x0144  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
01:31:39.0613 0x0144  Browser - ok
01:31:39.0629 0x0144  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
01:31:39.0644 0x0144  Brserid - ok
01:31:39.0660 0x0144  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
01:31:39.0676 0x0144  BrSerWdm - ok
01:31:39.0691 0x0144  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
01:31:39.0707 0x0144  BrUsbMdm - ok
01:31:39.0722 0x0144  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
01:31:39.0722 0x0144  BrUsbSer - ok
01:31:39.0738 0x0144  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
01:31:39.0754 0x0144  BTHMODEM - ok
01:31:39.0800 0x0144  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
01:31:39.0832 0x0144  bthserv - ok
01:31:39.0847 0x0144  catchme - ok
01:31:39.0863 0x0144  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
01:31:39.0910 0x0144  cdfs - ok
01:31:39.0925 0x0144  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
01:31:39.0941 0x0144  cdrom - ok
01:31:39.0956 0x0144  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
01:31:40.0003 0x0144  CertPropSvc - ok
01:31:40.0003 0x0144  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
01:31:40.0019 0x0144  circlass - ok
01:31:40.0066 0x0144  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
01:31:40.0081 0x0144  CLFS - ok
01:31:40.0128 0x0144  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:31:40.0144 0x0144  clr_optimization_v2.0.50727_32 - ok
01:31:40.0175 0x0144  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:31:40.0190 0x0144  clr_optimization_v2.0.50727_64 - ok
01:31:40.0237 0x0144  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:31:40.0300 0x0144  clr_optimization_v4.0.30319_32 - ok
01:31:40.0331 0x0144  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:31:40.0346 0x0144  clr_optimization_v4.0.30319_64 - ok
01:31:40.0393 0x0144  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
01:31:40.0409 0x0144  CmBatt - ok
01:31:40.0440 0x0144  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
01:31:40.0456 0x0144  cmdide - ok
01:31:40.0487 0x0144  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
01:31:40.0518 0x0144  CNG - ok
01:31:40.0518 0x0144  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
01:31:40.0534 0x0144  Compbatt - ok
01:31:40.0549 0x0144  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
01:31:40.0565 0x0144  CompositeBus - ok
01:31:40.0565 0x0144  COMSysApp - ok
01:31:40.0580 0x0144  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
01:31:40.0596 0x0144  crcdisk - ok
01:31:40.0627 0x0144  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
01:31:40.0643 0x0144  CryptSvc - ok
01:31:40.0674 0x0144  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
01:31:40.0721 0x0144  DcomLaunch - ok
01:31:40.0752 0x0144  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
01:31:40.0783 0x0144  defragsvc - ok
01:31:40.0799 0x0144  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
01:31:40.0830 0x0144  DfsC - ok
01:31:40.0861 0x0144  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
01:31:40.0892 0x0144  Dhcp - ok
01:31:40.0955 0x0144  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
01:31:41.0017 0x0144  DiagTrack - ok
01:31:41.0033 0x0144  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
01:31:41.0080 0x0144  discache - ok
01:31:41.0080 0x1250  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
01:31:41.0095 0x0144  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
01:31:41.0111 0x0144  Disk - ok
01:31:41.0142 0x0144  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
01:31:41.0158 0x0144  Dnscache - ok
01:31:41.0189 0x0144  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
01:31:41.0236 0x0144  dot3svc - ok
01:31:41.0236 0x0144  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
01:31:41.0282 0x0144  DPS - ok
01:31:41.0298 0x0144  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
01:31:41.0314 0x0144  drmkaud - ok
01:31:41.0345 0x0144  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
01:31:41.0376 0x0144  dtsoftbus01 - ok
01:31:41.0423 0x0144  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
01:31:41.0454 0x0144  DXGKrnl - ok
01:31:41.0470 0x0144  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
01:31:41.0501 0x0144  EapHost - ok
01:31:41.0610 0x0144  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
01:31:41.0735 0x0144  ebdrv - ok
01:31:41.0766 0x0144  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
01:31:41.0797 0x0144  EFS - ok
01:31:41.0860 0x0144  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
01:31:41.0891 0x0144  ehRecvr - ok
01:31:41.0906 0x0144  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
01:31:41.0922 0x0144  ehSched - ok
01:31:41.0969 0x0144  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
01:31:41.0984 0x0144  elxstor - ok
01:31:42.0000 0x0144  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
01:31:42.0016 0x0144  ErrDev - ok
01:31:42.0047 0x0144  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
01:31:42.0094 0x0144  EventSystem - ok
01:31:42.0109 0x0144  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
01:31:42.0156 0x0144  exfat - ok
01:31:42.0172 0x0144  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
01:31:42.0218 0x0144  fastfat - ok
01:31:42.0250 0x0144  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
01:31:42.0281 0x0144  Fax - ok
01:31:42.0296 0x0144  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
01:31:42.0312 0x0144  fdc - ok
01:31:42.0328 0x0144  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
01:31:42.0359 0x0144  fdPHost - ok
01:31:42.0374 0x0144  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
01:31:42.0406 0x0144  FDResPub - ok
01:31:42.0406 0x0144  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
01:31:42.0421 0x0144  FileInfo - ok
01:31:42.0437 0x0144  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
01:31:42.0468 0x0144  Filetrace - ok
01:31:42.0468 0x0144  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
01:31:42.0484 0x0144  flpydisk - ok
01:31:42.0499 0x0144  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
01:31:42.0530 0x0144  FltMgr - ok
01:31:42.0577 0x0144  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
01:31:42.0640 0x0144  FontCache - ok
01:31:42.0686 0x0144  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:31:42.0686 0x0144  FontCache3.0.0.0 - ok
01:31:42.0702 0x0144  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
01:31:42.0718 0x0144  FsDepends - ok
01:31:42.0764 0x0144  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
01:31:42.0764 0x0144  Fs_Rec - ok
01:31:42.0811 0x0144  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
01:31:42.0842 0x0144  fvevol - ok
01:31:42.0874 0x0144  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
01:31:42.0889 0x0144  gagp30kx - ok
01:31:42.0920 0x0144  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
01:31:42.0967 0x0144  gpsvc - ok
01:31:42.0983 0x0144  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
01:31:42.0998 0x0144  hcw85cir - ok
01:31:43.0030 0x0144  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:31:43.0061 0x0144  HdAudAddService - ok
01:31:43.0076 0x0144  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
01:31:43.0092 0x0144  HDAudBus - ok
01:31:43.0108 0x0144  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
01:31:43.0123 0x0144  HidBatt - ok
01:31:43.0139 0x0144  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
01:31:43.0154 0x0144  HidBth - ok
01:31:43.0170 0x0144  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
01:31:43.0186 0x0144  HidIr - ok
01:31:43.0217 0x0144  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
01:31:43.0248 0x0144  hidserv - ok
01:31:43.0295 0x0144  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
01:31:43.0310 0x0144  HidUsb - ok
01:31:43.0326 0x0144  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
01:31:43.0357 0x0144  hkmsvc - ok
01:31:43.0373 0x0144  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:31:43.0404 0x0144  HomeGroupListener - ok
01:31:43.0420 0x0144  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:31:43.0435 0x0144  HomeGroupProvider - ok
01:31:43.0466 0x0144  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
01:31:43.0482 0x0144  HpSAMD - ok
01:31:43.0529 0x0144  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
01:31:43.0576 0x0144  HTTP - ok
01:31:43.0591 0x0144  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
01:31:43.0591 0x1250  Object send P2P result: true
01:31:43.0591 0x1250  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
01:31:43.0591 0x0144  hwpolicy - ok
01:31:43.0607 0x0144  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
01:31:43.0622 0x0144  i8042prt - ok
01:31:43.0654 0x0144  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
01:31:43.0685 0x0144  iaStorV - ok
01:31:43.0732 0x0144  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:31:43.0763 0x0144  idsvc - ok
01:31:43.0825 0x0144  IEEtwCollectorService - ok
01:31:43.0841 0x0144  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
01:31:43.0856 0x0144  iirsp - ok
01:31:43.0903 0x0144  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
01:31:43.0934 0x0144  IKEEXT - ok
01:31:43.0981 0x0144  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
01:31:43.0997 0x0144  intelide - ok
01:31:44.0012 0x0144  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
01:31:44.0028 0x0144  intelppm - ok
01:31:44.0044 0x0144  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
01:31:44.0090 0x0144  IPBusEnum - ok
01:31:44.0106 0x0144  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:31:44.0137 0x0144  IpFilterDriver - ok
01:31:44.0184 0x0144  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
01:31:44.0215 0x0144  iphlpsvc - ok
01:31:44.0215 0x0144  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
01:31:44.0231 0x0144  IPMIDRV - ok
01:31:44.0246 0x0144  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
01:31:44.0278 0x0144  IPNAT - ok
01:31:44.0293 0x0144  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
01:31:44.0309 0x0144  IRENUM - ok
01:31:44.0324 0x0144  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
01:31:44.0340 0x0144  isapnp - ok
01:31:44.0356 0x0144  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
01:31:44.0387 0x0144  iScsiPrt - ok
01:31:44.0402 0x0144  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
01:31:44.0418 0x0144  kbdclass - ok
01:31:44.0418 0x0144  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
01:31:44.0434 0x0144  kbdhid - ok
01:31:44.0449 0x0144  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
01:31:44.0465 0x0144  KeyIso - ok
01:31:44.0496 0x0144  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
01:31:44.0512 0x0144  KSecDD - ok
01:31:44.0527 0x0144  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
01:31:44.0543 0x0144  KSecPkg - ok
01:31:44.0558 0x0144  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
01:31:44.0590 0x0144  ksthunk - ok
01:31:44.0621 0x0144  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
01:31:44.0652 0x0144  KtmRm - ok
01:31:44.0683 0x0144  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
01:31:44.0730 0x0144  LanmanServer - ok
01:31:44.0746 0x0144  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:31:44.0777 0x0144  LanmanWorkstation - ok
01:31:44.0855 0x0144  [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
01:31:44.0870 0x0144  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
01:31:46.0072 0x1250  Object send P2P result: true
01:31:46.0072 0x1250  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
01:31:47.0226 0x0144  Detect skipped due to KSN trusted
01:31:47.0226 0x0144  LightScribeService - ok
01:31:47.0242 0x0144  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
01:31:47.0273 0x0144  lltdio - ok
01:31:47.0304 0x0144  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
01:31:47.0351 0x0144  lltdsvc - ok
01:31:47.0351 0x0144  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
01:31:47.0382 0x0144  lmhosts - ok
01:31:47.0413 0x0144  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
01:31:47.0429 0x0144  LSI_FC - ok
01:31:47.0444 0x0144  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
01:31:47.0460 0x0144  LSI_SAS - ok
01:31:47.0460 0x0144  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
01:31:47.0476 0x0144  LSI_SAS2 - ok
01:31:47.0491 0x0144  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
01:31:47.0507 0x0144  LSI_SCSI - ok
01:31:47.0522 0x0144  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
01:31:47.0569 0x0144  luafv - ok
01:31:47.0585 0x0144  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
01:31:47.0600 0x0144  Mcx2Svc - ok
01:31:47.0616 0x0144  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
01:31:47.0632 0x0144  megasas - ok
01:31:47.0647 0x0144  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
01:31:47.0663 0x0144  MegaSR - ok
01:31:47.0725 0x0144  Microsoft SharePoint Workspace Audit Service - ok
01:31:47.0741 0x0144  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
01:31:47.0788 0x0144  MMCSS - ok
01:31:47.0803 0x0144  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
01:31:47.0834 0x0144  Modem - ok
01:31:47.0850 0x0144  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
01:31:47.0866 0x0144  monitor - ok
01:31:47.0881 0x0144  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
01:31:47.0897 0x0144  mouclass - ok
01:31:47.0944 0x0144  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
01:31:47.0944 0x0144  mouhid - ok
01:31:47.0975 0x0144  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
01:31:47.0990 0x0144  mountmgr - ok
01:31:48.0037 0x0144  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:31:48.0053 0x0144  MozillaMaintenance - ok
01:31:48.0084 0x0144  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
01:31:48.0100 0x0144  mpio - ok
01:31:48.0115 0x0144  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
01:31:48.0146 0x0144  mpsdrv - ok
01:31:48.0193 0x0144  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
01:31:48.0256 0x0144  MpsSvc - ok
01:31:48.0287 0x0144  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
01:31:48.0302 0x0144  MRxDAV - ok
01:31:48.0334 0x0144  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
01:31:48.0349 0x0144  mrxsmb - ok
01:31:48.0365 0x0144  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:31:48.0396 0x0144  mrxsmb10 - ok
01:31:48.0396 0x0144  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:31:48.0412 0x0144  mrxsmb20 - ok
01:31:48.0443 0x0144  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
01:31:48.0458 0x0144  msahci - ok
01:31:48.0474 0x0144  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
01:31:48.0490 0x0144  msdsm - ok
01:31:48.0505 0x0144  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
01:31:48.0521 0x0144  MSDTC - ok
01:31:48.0536 0x1250  Object send P2P result: true
01:31:48.0536 0x1250  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
01:31:48.0552 0x0144  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
01:31:48.0583 0x0144  Msfs - ok
01:31:48.0599 0x0144  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
01:31:48.0630 0x0144  mshidkmdf - ok
01:31:48.0630 0x0144  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
01:31:48.0646 0x0144  msisadrv - ok
01:31:48.0677 0x0144  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
01:31:48.0708 0x0144  MSiSCSI - ok
01:31:48.0708 0x0144  msiserver - ok
01:31:48.0724 0x0144  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
01:31:48.0770 0x0144  MSKSSRV - ok
01:31:48.0770 0x0144  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
01:31:48.0802 0x0144  MSPCLOCK - ok
01:31:48.0817 0x0144  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
01:31:48.0848 0x0144  MSPQM - ok
01:31:48.0864 0x0144  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
01:31:48.0895 0x0144  MsRPC - ok
01:31:48.0895 0x0144  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
01:31:48.0911 0x0144  mssmbios - ok
01:31:48.0926 0x0144  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
01:31:48.0958 0x0144  MSTEE - ok
01:31:48.0973 0x0144  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
01:31:48.0989 0x0144  MTConfig - ok
01:31:49.0004 0x0144  [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
01:31:49.0020 0x0144  MTsensor - ok
01:31:49.0036 0x0144  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
01:31:49.0051 0x0144  Mup - ok
01:31:49.0067 0x0144  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
01:31:49.0114 0x0144  napagent - ok
01:31:49.0145 0x0144  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
01:31:49.0176 0x0144  NativeWifiP - ok
01:31:49.0223 0x0144  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
01:31:49.0254 0x0144  NDIS - ok
01:31:49.0270 0x0144  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
01:31:49.0316 0x0144  NdisCap - ok
01:31:49.0332 0x0144  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
01:31:49.0363 0x0144  NdisTapi - ok
01:31:49.0363 0x0144  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
01:31:49.0410 0x0144  Ndisuio - ok
01:31:49.0426 0x0144  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
01:31:49.0457 0x0144  NdisWan - ok
01:31:49.0472 0x0144  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
01:31:49.0504 0x0144  NDProxy - ok
01:31:49.0519 0x0144  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
01:31:49.0550 0x0144  NetBIOS - ok
01:31:49.0582 0x0144  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
01:31:49.0613 0x0144  NetBT - ok
01:31:49.0628 0x0144  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
01:31:49.0644 0x0144  Netlogon - ok
01:31:49.0675 0x0144  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
01:31:49.0722 0x0144  Netman - ok
01:31:49.0753 0x0144  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:31:49.0784 0x0144  NetMsmqActivator - ok
01:31:49.0784 0x0144  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:31:49.0800 0x0144  NetPipeActivator - ok
01:31:49.0831 0x0144  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
01:31:49.0878 0x0144  netprofm - ok
01:31:49.0894 0x0144  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:31:49.0909 0x0144  NetTcpActivator - ok
01:31:49.0909 0x0144  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:31:49.0925 0x0144  NetTcpPortSharing - ok
01:31:49.0956 0x0144  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
01:31:49.0972 0x0144  nfrd960 - ok
01:31:50.0003 0x0144  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
01:31:50.0034 0x0144  NlaSvc - ok
01:31:50.0050 0x0144  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
01:31:50.0081 0x0144  Npfs - ok
01:31:50.0096 0x0144  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
01:31:50.0128 0x0144  nsi - ok
01:31:50.0128 0x0144  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
01:31:50.0159 0x0144  nsiproxy - ok
01:31:50.0237 0x0144  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
01:31:50.0299 0x0144  Ntfs - ok
01:31:50.0315 0x0144  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
01:31:50.0346 0x0144  Null - ok
01:31:50.0658 0x0144  [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:31:51.0001 0x0144  nvlddmkm - ok
01:31:51.0032 0x1250  Object send P2P result: true
01:31:51.0048 0x0144  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
01:31:51.0064 0x0144  nvraid - ok
01:31:51.0079 0x0144  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
01:31:51.0095 0x0144  nvstor - ok
01:31:51.0126 0x0144  [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc           C:\Windows\system32\nvvsvc.exe
01:31:51.0173 0x0144  nvsvc - ok
01:31:51.0251 0x0144  [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:31:51.0298 0x0144  nvUpdatusService - ok
01:31:51.0329 0x0144  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
01:31:51.0344 0x0144  nv_agp - ok
01:31:51.0360 0x0144  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
01:31:51.0376 0x0144  ohci1394 - ok
01:31:51.0407 0x0144  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:31:51.0422 0x0144  ose - ok
01:31:51.0610 0x0144  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:31:51.0766 0x0144  osppsvc - ok
01:31:51.0812 0x0144  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
01:31:51.0844 0x0144  p2pimsvc - ok
01:31:51.0875 0x0144  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
01:31:51.0906 0x0144  p2psvc - ok
01:31:51.0922 0x0144  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
01:31:51.0937 0x0144  Parport - ok
01:31:51.0968 0x0144  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
01:31:51.0968 0x0144  partmgr - ok
01:31:52.0015 0x0144  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
01:31:52.0031 0x0144  PcaSvc - ok
01:31:52.0046 0x0144  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
01:31:52.0078 0x0144  pci - ok
01:31:52.0109 0x0144  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
01:31:52.0109 0x0144  pciide - ok
01:31:52.0140 0x0144  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
01:31:52.0156 0x0144  pcmcia - ok
01:31:52.0156 0x0144  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
01:31:52.0171 0x0144  pcw - ok
01:31:52.0202 0x0144  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
01:31:52.0234 0x0144  PEAUTH - ok
01:31:52.0280 0x0144  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
01:31:52.0296 0x0144  PerfHost - ok
01:31:52.0343 0x0144  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
01:31:52.0421 0x0144  pla - ok
01:31:52.0452 0x0144  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
01:31:52.0483 0x0144  PlugPlay - ok
01:31:52.0499 0x0144  PnkBstrA - ok
01:31:52.0499 0x0144  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
01:31:52.0514 0x0144  PNRPAutoReg - ok
01:31:52.0546 0x0144  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
01:31:52.0561 0x0144  PNRPsvc - ok
01:31:52.0592 0x0144  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
01:31:52.0639 0x0144  PolicyAgent - ok
01:31:52.0717 0x0144  [ 4671F353D0DF74C3B0D2D00DE676F56C, 0F75009DD36B2E18212CE855FB7CA7D273E5749D8F2F451655ED81AA5E86BA9F ] postgresql-8.4  c:\postgreSQL\bin\pg_ctl.exe
01:31:52.0717 0x0144  postgresql-8.4 - detected UnsignedFile.Multi.Generic ( 1 )
01:31:55.0088 0x0144  Detect skipped due to KSN trusted
01:31:55.0088 0x0144  postgresql-8.4 - ok
01:31:55.0120 0x0144  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
01:31:55.0166 0x0144  Power - ok
01:31:55.0198 0x0144  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
01:31:55.0229 0x0144  PptpMiniport - ok
01:31:55.0244 0x0144  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
01:31:55.0260 0x0144  Processor - ok
01:31:55.0307 0x0144  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
01:31:55.0322 0x0144  ProfSvc - ok
01:31:55.0338 0x0144  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:31:55.0354 0x0144  ProtectedStorage - ok
01:31:55.0369 0x0144  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
01:31:55.0416 0x0144  Psched - ok
01:31:55.0463 0x0144  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
01:31:55.0525 0x0144  ql2300 - ok
01:31:55.0541 0x0144  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
01:31:55.0557 0x0144  ql40xx - ok
01:31:55.0572 0x0144  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
01:31:55.0603 0x0144  QWAVE - ok
01:31:55.0619 0x0144  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
01:31:55.0635 0x0144  QWAVEdrv - ok
01:31:55.0635 0x0144  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
01:31:55.0666 0x0144  RasAcd - ok
01:31:55.0681 0x0144  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
01:31:55.0728 0x0144  RasAgileVpn - ok
01:31:55.0728 0x0144  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
01:31:55.0775 0x0144  RasAuto - ok
01:31:55.0775 0x0144  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
01:31:55.0822 0x0144  Rasl2tp - ok
01:31:55.0837 0x0144  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
01:31:55.0884 0x0144  RasMan - ok
01:31:55.0884 0x0144  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
01:31:55.0931 0x0144  RasPppoe - ok
01:31:55.0931 0x0144  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
01:31:55.0978 0x0144  RasSstp - ok
01:31:55.0993 0x0144  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
01:31:56.0025 0x0144  rdbss - ok
01:31:56.0040 0x0144  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
01:31:56.0056 0x0144  rdpbus - ok
01:31:56.0071 0x0144  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
01:31:56.0103 0x0144  RDPCDD - ok
01:31:56.0134 0x0144  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
01:31:56.0165 0x0144  RDPENCDD - ok
01:31:56.0165 0x0144  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
01:31:56.0212 0x0144  RDPREFMP - ok
01:31:56.0227 0x0144  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
01:31:56.0259 0x0144  RDPWD - ok
01:31:56.0274 0x0144  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
01:31:56.0290 0x0144  rdyboost - ok
01:31:56.0321 0x0144  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
01:31:56.0352 0x0144  RemoteAccess - ok
01:31:56.0368 0x0144  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
01:31:56.0415 0x0144  RemoteRegistry - ok
01:31:56.0430 0x0144  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
01:31:56.0477 0x0144  RpcEptMapper - ok
01:31:56.0477 0x0144  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
01:31:56.0493 0x0144  RpcLocator - ok
01:31:56.0524 0x0144  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
01:31:56.0555 0x0144  RpcSs - ok
01:31:56.0586 0x0144  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
01:31:56.0633 0x0144  rspndr - ok
01:31:56.0633 0x0144  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
01:31:56.0649 0x0144  SamSs - ok
01:31:56.0664 0x0144  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
01:31:56.0680 0x0144  sbp2port - ok
01:31:56.0695 0x0144  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
01:31:56.0727 0x0144  SCardSvr - ok
01:31:56.0742 0x0144  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
01:31:56.0773 0x0144  scfilter - ok
01:31:56.0836 0x0144  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
01:31:56.0883 0x0144  Schedule - ok
01:31:56.0914 0x0144  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
01:31:56.0945 0x0144  SCPolicySvc - ok
01:31:56.0961 0x0144  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
01:31:56.0976 0x0144  SDRSVC - ok
01:31:57.0007 0x0144  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
01:31:57.0039 0x0144  secdrv - ok
01:31:57.0039 0x0144  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
01:31:57.0070 0x0144  seclogon - ok
01:31:57.0085 0x0144  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
01:31:57.0117 0x0144  SENS - ok
01:31:57.0148 0x0144  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
01:31:57.0163 0x0144  SensrSvc - ok
01:31:57.0163 0x0144  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
01:31:57.0179 0x0144  Serenum - ok
01:31:57.0195 0x0144  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
01:31:57.0210 0x0144  Serial - ok
01:31:57.0226 0x0144  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
01:31:57.0241 0x0144  sermouse - ok
01:31:57.0273 0x0144  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
01:31:57.0304 0x0144  SessionEnv - ok
01:31:57.0319 0x0144  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
01:31:57.0335 0x0144  sffdisk - ok
01:31:57.0351 0x0144  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
01:31:57.0366 0x0144  sffp_mmc - ok
01:31:57.0382 0x0144  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
01:31:57.0397 0x0144  sffp_sd - ok
01:31:57.0397 0x0144  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
01:31:57.0413 0x0144  sfloppy - ok
01:31:57.0444 0x0144  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
01:31:57.0491 0x0144  SharedAccess - ok
01:31:57.0507 0x0144  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:31:57.0553 0x0144  ShellHWDetection - ok
01:31:57.0569 0x0144  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
01:31:57.0585 0x0144  SiSRaid2 - ok
01:31:57.0585 0x0144  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
01:31:57.0600 0x0144  SiSRaid4 - ok
01:31:57.0631 0x0144  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
01:31:57.0663 0x0144  Smb - ok
01:31:57.0694 0x0144  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
01:31:57.0709 0x0144  SNMPTRAP - ok
01:31:57.0725 0x0144  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
01:31:57.0725 0x0144  spldr - ok
01:31:57.0772 0x0144  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
01:31:57.0787 0x0144  Spooler - ok
01:31:57.0912 0x0144  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
01:31:58.0053 0x0144  sppsvc - ok
01:31:58.0068 0x0144  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
01:31:58.0099 0x0144  sppuinotify - ok
01:31:58.0162 0x0144  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
01:31:58.0193 0x0144  srv - ok
01:31:58.0209 0x0144  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
01:31:58.0240 0x0144  srv2 - ok
01:31:58.0271 0x0144  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
01:31:58.0287 0x0144  srvnet - ok
01:31:58.0318 0x0144  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
01:31:58.0349 0x0144  SSDPSRV - ok
01:31:58.0349 0x0144  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
01:31:58.0396 0x0144  SstpSvc - ok
01:31:58.0458 0x0144  [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
01:31:58.0474 0x0144  Steam Client Service - ok
01:31:58.0536 0x0144  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
01:31:58.0567 0x0144  Stereo Service - ok
01:31:58.0583 0x0144  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
01:31:58.0599 0x0144  stexstor - ok
01:31:58.0630 0x0144  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
01:31:58.0661 0x0144  stisvc - ok
01:31:58.0661 0x0144  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
01:31:58.0677 0x0144  swenum - ok
01:31:58.0723 0x0144  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
01:31:58.0770 0x0144  swprv - ok
01:31:58.0833 0x0144  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
01:31:58.0911 0x0144  SysMain - ok
01:31:58.0926 0x0144  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:31:58.0942 0x0144  TabletInputService - ok
01:31:58.0973 0x0144  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
01:31:59.0004 0x0144  TapiSrv - ok
01:31:59.0020 0x0144  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
01:31:59.0051 0x0144  TBS - ok
01:31:59.0129 0x0144  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
01:31:59.0191 0x0144  Tcpip - ok
01:31:59.0254 0x0144  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
01:31:59.0316 0x0144  TCPIP6 - ok
01:31:59.0347 0x0144  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
01:31:59.0363 0x0144  tcpipreg - ok
01:31:59.0379 0x0144  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
01:31:59.0394 0x0144  TDPIPE - ok
01:31:59.0441 0x0144  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
01:31:59.0441 0x0144  TDTCP - ok
01:31:59.0488 0x0144  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
01:31:59.0503 0x0144  tdx - ok
01:31:59.0519 0x0144  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
01:31:59.0535 0x0144  TermDD - ok
01:31:59.0566 0x0144  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
01:31:59.0597 0x0144  TermService - ok
01:31:59.0628 0x0144  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
01:31:59.0644 0x0144  Themes - ok
01:31:59.0659 0x0144  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
01:31:59.0706 0x0144  THREADORDER - ok
01:31:59.0706 0x0144  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
01:31:59.0753 0x0144  TrkWks - ok
01:31:59.0784 0x0144  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:31:59.0815 0x0144  TrustedInstaller - ok
01:31:59.0847 0x0144  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
01:31:59.0862 0x0144  tssecsrv - ok
01:31:59.0893 0x0144  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
01:31:59.0925 0x0144  TsUsbFlt - ok
01:31:59.0940 0x0144  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
01:31:59.0940 0x0144  TsUsbGD - ok
01:31:59.0971 0x0144  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
01:32:00.0003 0x0144  tunnel - ok
01:32:00.0018 0x0144  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
01:32:00.0034 0x0144  uagp35 - ok
01:32:00.0049 0x0144  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
01:32:00.0081 0x0144  udfs - ok
01:32:00.0112 0x0144  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
01:32:00.0127 0x0144  UI0Detect - ok
01:32:00.0143 0x0144  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
01:32:00.0159 0x0144  uliagpkx - ok
01:32:00.0174 0x0144  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
01:32:00.0190 0x0144  umbus - ok
01:32:00.0205 0x0144  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
01:32:00.0221 0x0144  UmPass - ok
01:32:00.0237 0x0144  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
01:32:00.0283 0x0144  upnphost - ok
01:32:00.0315 0x0144  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
01:32:00.0330 0x0144  usbccgp - ok
01:32:00.0361 0x0144  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
01:32:00.0377 0x0144  usbcir - ok
01:32:00.0408 0x0144  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
01:32:00.0424 0x0144  usbehci - ok
01:32:00.0455 0x0144  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
01:32:00.0486 0x0144  usbhub - ok
01:32:00.0486 0x0144  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
01:32:00.0502 0x0144  usbohci - ok
01:32:00.0533 0x0144  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
01:32:00.0549 0x0144  usbprint - ok
01:32:00.0549 0x0144  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
01:32:00.0580 0x0144  usbscan - ok
01:32:00.0595 0x0144  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:32:00.0611 0x0144  USBSTOR - ok
01:32:00.0627 0x0144  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
01:32:00.0627 0x0144  usbuhci - ok
01:32:00.0642 0x0144  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
01:32:00.0689 0x0144  UxSms - ok
01:32:00.0705 0x0144  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
01:32:00.0705 0x0144  VaultSvc - ok
01:32:00.0720 0x0144  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
01:32:00.0736 0x0144  vdrvroot - ok
01:32:00.0751 0x0144  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
01:32:00.0798 0x0144  vds - ok
01:32:00.0814 0x0144  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
01:32:00.0829 0x0144  vga - ok
01:32:00.0829 0x0144  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
01:32:00.0876 0x0144  VgaSave - ok
01:32:00.0892 0x0144  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
01:32:00.0907 0x0144  vhdmp - ok
01:32:00.0923 0x0144  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
01:32:00.0939 0x0144  viaide - ok
01:32:00.0954 0x0144  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
01:32:00.0970 0x0144  volmgr - ok
01:32:00.0985 0x0144  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
01:32:01.0001 0x0144  volmgrx - ok
01:32:01.0017 0x0144  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
01:32:01.0032 0x0144  volsnap - ok
01:32:01.0063 0x0144  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
01:32:01.0079 0x0144  vsmraid - ok
01:32:01.0126 0x0144  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
01:32:01.0204 0x0144  VSS - ok
01:32:01.0219 0x0144  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
01:32:01.0235 0x0144  vwifibus - ok
01:32:01.0266 0x0144  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
01:32:01.0313 0x0144  W32Time - ok
01:32:01.0329 0x0144  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
01:32:01.0344 0x0144  WacomPen - ok
01:32:01.0360 0x0144  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
01:32:01.0407 0x0144  WANARP - ok
01:32:01.0407 0x0144  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
01:32:01.0438 0x0144  Wanarpv6 - ok
01:32:01.0516 0x0144  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
01:32:01.0563 0x0144  WatAdminSvc - ok
01:32:01.0625 0x0144  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
01:32:01.0687 0x0144  wbengine - ok
01:32:01.0703 0x0144  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
01:32:01.0719 0x0144  WbioSrvc - ok
01:32:01.0734 0x0144  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
01:32:01.0765 0x0144  wcncsvc - ok
01:32:01.0765 0x0144  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:32:01.0797 0x0144  WcsPlugInService - ok
01:32:01.0812 0x0144  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
01:32:01.0828 0x0144  Wd - ok
01:32:01.0875 0x0144  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
01:32:01.0906 0x0144  Wdf01000 - ok
01:32:01.0953 0x0144  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
01:32:01.0968 0x0144  WdiServiceHost - ok
01:32:01.0984 0x0144  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
01:32:01.0999 0x0144  WdiSystemHost - ok
01:32:02.0015 0x0144  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
01:32:02.0046 0x0144  WebClient - ok
01:32:02.0077 0x0144  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
01:32:02.0124 0x0144  Wecsvc - ok
01:32:02.0140 0x0144  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
01:32:02.0171 0x0144  wercplsupport - ok
01:32:02.0187 0x0144  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
01:32:02.0218 0x0144  WerSvc - ok
01:32:02.0249 0x0144  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
01:32:02.0280 0x0144  WfpLwf - ok
01:32:02.0296 0x0144  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
01:32:02.0311 0x0144  WIMMount - ok
01:32:02.0327 0x0144  WinDefend - ok
01:32:02.0343 0x0144  WinHttpAutoProxySvc - ok
01:32:02.0374 0x0144  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
01:32:02.0421 0x0144  Winmgmt - ok
01:32:02.0483 0x0144  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
01:32:02.0577 0x0144  WinRM - ok
01:32:02.0608 0x0144  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
01:32:02.0623 0x0144  WinUsb - ok
01:32:02.0670 0x0144  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
01:32:02.0717 0x0144  Wlansvc - ok
01:32:02.0733 0x0144  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
01:32:02.0748 0x0144  WmiAcpi - ok
01:32:02.0779 0x0144  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
01:32:02.0795 0x0144  wmiApSrv - ok
01:32:02.0826 0x0144  WMPNetworkSvc - ok
01:32:02.0826 0x0144  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
01:32:02.0857 0x0144  WPCSvc - ok
01:32:02.0873 0x0144  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
01:32:02.0889 0x0144  WPDBusEnum - ok
01:32:02.0904 0x0144  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
01:32:02.0935 0x0144  ws2ifsl - ok
01:32:02.0951 0x0144  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
01:32:02.0967 0x0144  wscsvc - ok
01:32:02.0982 0x0144  WSearch - ok
01:32:03.0076 0x0144  [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv        C:\Windows\system32\wuaueng.dll
01:32:03.0185 0x0144  wuauserv - ok
01:32:03.0216 0x0144  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
01:32:03.0232 0x0144  WudfPf - ok
01:32:03.0279 0x0144  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
01:32:03.0294 0x0144  WUDFRd - ok
01:32:03.0325 0x0144  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
01:32:03.0341 0x0144  wudfsvc - ok
01:32:03.0372 0x0144  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
01:32:03.0403 0x0144  WwanSvc - ok
01:32:03.0435 0x0144  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
01:32:03.0466 0x0144  yukonw7 - ok
01:32:03.0466 0x0144  ================ Scan global ===============================
01:32:03.0497 0x0144  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
01:32:03.0513 0x0144  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
01:32:03.0528 0x0144  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
01:32:03.0559 0x0144  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
01:32:03.0591 0x0144  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
01:32:03.0606 0x0144  [ Global ] - ok
01:32:03.0606 0x0144  ================ Scan MBR ==================================
01:32:03.0606 0x0144  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:32:03.0809 0x0144  \Device\Harddisk0\DR0 - ok
01:32:03.0809 0x0144  ================ Scan VBR ==================================
01:32:03.0809 0x0144  [ 1CB388BC93E57F76D2F36B933DDE7907 ] \Device\Harddisk0\DR0\Partition1
01:32:03.0809 0x0144  \Device\Harddisk0\DR0\Partition1 - ok
01:32:03.0809 0x0144  [ 5DAD4841F9A15EF124BF6DB3BB281701 ] \Device\Harddisk0\DR0\Partition2
01:32:03.0825 0x0144  \Device\Harddisk0\DR0\Partition2 - ok
01:32:03.0825 0x0144  [ A3D6D4A58824A1288984E69394CBFC4A ] \Device\Harddisk0\DR0\Partition3
01:32:03.0825 0x0144  \Device\Harddisk0\DR0\Partition3 - ok
01:32:03.0825 0x0144  ================ Scan generic autorun ======================
01:32:03.0903 0x0144  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
01:32:03.0934 0x0144  avgnt - ok
01:32:03.0996 0x0144  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:32:04.0059 0x0144  Sidebar - ok
01:32:04.0059 0x0144  AVG-Secure-Search-Update_JUNE2013_TB - ok
01:32:04.0090 0x0144  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:32:04.0105 0x0144  mctadmin - ok
01:32:04.0230 0x0144  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
01:32:04.0339 0x0144  LightScribe Control Panel - ok
01:32:04.0480 0x0144  [ 5353A34090BABE3CD48B70569AF0DD12, A211D0B06DC05BFCBD13EBC71275C644B7616E95485ED8336DEFF257B7AE7E80 ] E:\Steam\steam.exe
01:32:04.0542 0x0144  Steam - ok
01:32:04.0651 0x0144  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
01:32:04.0714 0x0144  LightScribe Control Panel - ok
01:32:04.0979 0x0144  [ 15914F30482983E349FF9544B2DCAF11, 457833C665AB340D6DEE6B489947EE2D5202D4C93097C194A9DF196AFE4E4898 ] C:\Program Files\CCleaner\CCleaner64.exe
01:32:05.0229 0x0144  CCleaner Monitoring - ok
01:32:05.0275 0x0144  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:32:05.0322 0x0144  Sidebar - ok
01:32:05.0322 0x0144  AVG-Secure-Search-Update_JUNE2013_TB - ok
01:32:05.0338 0x0144  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:32:05.0353 0x0144  mctadmin - ok
01:32:05.0385 0x0144  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:32:05.0431 0x0144  Sidebar - ok
01:32:05.0431 0x0144  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:32:05.0447 0x0144  mctadmin - ok
01:32:05.0447 0x0144  Waiting for KSN requests completion. In queue: 160
01:32:06.0461 0x0144  Waiting for KSN requests completion. In queue: 160
01:32:07.0475 0x0144  Waiting for KSN requests completion. In queue: 160
01:32:07.0865 0x1084  Object required for P2P: [ 5353A34090BABE3CD48B70569AF0DD12 ] E:\Steam\steam.exe
01:32:08.0489 0x0144  Waiting for KSN requests completion. In queue: 2
01:32:09.0503 0x0144  Waiting for KSN requests completion. In queue: 2
01:32:10.0361 0x1084  Object send P2P result: true
01:32:10.0361 0x1084  Object required for P2P: [ 15914F30482983E349FF9544B2DCAF11 ] C:\Program Files\CCleaner\CCleaner64.exe
01:32:10.0517 0x0144  Waiting for KSN requests completion. In queue: 1
01:32:11.0531 0x0144  Waiting for KSN requests completion. In queue: 1
01:32:12.0545 0x0144  Waiting for KSN requests completion. In queue: 1
01:32:12.0888 0x1084  Object send P2P result: true
01:32:13.0559 0x0144  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
01:32:13.0575 0x0144  Win FW state via NFP2: enabled ( trusted )
01:32:16.0008 0x0144  ============================================================
01:32:16.0008 0x0144  Scan finished
01:32:16.0008 0x0144  ============================================================
01:32:16.0008 0x0294  Detected object count: 0
01:32:16.0008 0x0294  Actual detected object count: 0
01:33:57.0658 0x033c  ============================================================
01:33:57.0658 0x033c  Scan started
01:33:57.0658 0x033c  Mode: Manual; SigCheck; TDLFS; 
01:33:57.0658 0x033c  ============================================================
01:33:57.0658 0x033c  KSN ping started
01:34:00.0014 0x033c  KSN ping finished: true
01:34:00.0575 0x033c  ================ Scan system memory ========================
01:34:00.0575 0x033c  System memory - ok
01:34:00.0575 0x033c  ================ Scan services =============================
01:34:00.0669 0x033c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\DRIVERS\1394ohci.sys
01:34:00.0700 0x033c  1394ohci - ok
01:34:00.0716 0x033c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
01:34:00.0731 0x033c  ACPI - ok
01:34:00.0747 0x033c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
01:34:00.0762 0x033c  AcpiPmi - ok
01:34:00.0825 0x033c  [ 5DB2C6B908C50767E2EDAA294A7566B5, 13AE4879D679BB0C6B2A5A5B13910359815A9D2E569BC1DE740B5A387A78CF33 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:34:00.0840 0x033c  AdobeARMservice - ok
01:34:00.0918 0x033c  [ 280A526E8111AC6A5BCC1A059E1E0340, FB92DDAE29A097D148AB23D8A0BD2B9E662EC1DBF0DA8B716374D6919B4C646F ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:34:00.0934 0x033c  AdobeFlashPlayerUpdateSvc - ok
01:34:00.0950 0x033c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
01:34:00.0981 0x033c  adp94xx - ok
01:34:01.0012 0x033c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
01:34:01.0028 0x033c  adpahci - ok
01:34:01.0043 0x033c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
01:34:01.0059 0x033c  adpu320 - ok
01:34:01.0090 0x033c  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
01:34:01.0106 0x033c  AeLookupSvc - ok
01:34:01.0152 0x033c  [ 9A4A1EEE802BF2F878EE8EAB407B21B7, 177EB7DF4B35FE4C0E45E775A0FD5D48D39B410052E3EE18BDEEC809E152D9D8 ] AFD             C:\Windows\system32\drivers\afd.sys
01:34:01.0168 0x033c  AFD - ok
01:34:01.0199 0x033c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
01:34:01.0199 0x033c  agp440 - ok
01:34:01.0230 0x033c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
01:34:01.0246 0x033c  ALG - ok
01:34:01.0262 0x033c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
01:34:01.0277 0x033c  aliide - ok
01:34:01.0293 0x033c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
01:34:01.0308 0x033c  amdide - ok
01:34:01.0308 0x033c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
01:34:01.0324 0x033c  AmdK8 - ok
01:34:01.0340 0x033c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
01:34:01.0355 0x033c  AmdPPM - ok
01:34:01.0371 0x033c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
01:34:01.0386 0x033c  amdsata - ok
01:34:01.0402 0x033c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
01:34:01.0418 0x033c  amdsbs - ok
01:34:01.0433 0x033c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
01:34:01.0449 0x033c  amdxata - ok
01:34:01.0542 0x033c  [ 81E02299B534F61E104C1235519C37B3, B389458C13A0E0717365B7CE371A6B768EB2F98C4CDBAA6DCBBBDE3A2B1D8B14 ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
01:34:01.0574 0x033c  AntiVirMailService - ok
01:34:01.0574 0x033c  Object required for P2P: [ 81E02299B534F61E104C1235519C37B3 ] AntiVirMailService
01:34:04.0054 0x033c  Object send P2P result: true
01:34:04.0101 0x033c  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
01:34:04.0116 0x033c  AntiVirSchedulerService - ok
01:34:04.0116 0x033c  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirSchedulerService
01:34:06.0612 0x033c  Object send P2P result: true
01:34:06.0644 0x033c  [ 3CBE5047BB08BD363420D68364F9E829, 7A6C59E9B98C1A50CB5FB895050127C5A433BA825D3832FC6DDA2A41AE986543 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
01:34:06.0675 0x033c  AntiVirService - ok
01:34:06.0675 0x033c  Object required for P2P: [ 3CBE5047BB08BD363420D68364F9E829 ] AntiVirService
01:34:09.0155 0x033c  Object send P2P result: true
01:34:09.0218 0x033c  [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F, 827400CFB53026757B3D75B6C5AC7BBECE7E62B335160C18CBF6A41047F4A400 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
01:34:09.0249 0x033c  AntiVirWebService - ok
01:34:09.0264 0x033c  Object required for P2P: [ CAA9D66CA6D21AF0AE7DA01D5AC6CC2F ] AntiVirWebService
01:34:11.0745 0x033c  Object send P2P result: true
01:34:11.0776 0x033c  [ 27DABFB4A6B0140C34DBEC713469592B, A355170D353AFBF0DE4EF53282F8404788FBBD0E2A1B7282B1B2925923E83141 ] AppID           C:\Windows\system32\drivers\appid.sys
01:34:11.0792 0x033c  AppID - ok
01:34:11.0823 0x033c  [ ABC373B9C6275D45F17DB559408FFD1B, 12B355393BEBE2D1D24D7A9DA5E69E03E334899407503BC1CADCF7BE39828223 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
01:34:11.0838 0x033c  AppIDSvc - ok
01:34:11.0870 0x033c  [ 3EA5DA3F459F6ED19E10166965F6892F, F5618A5FA72C5E57BCFA6F2ECB840B1AEC60C72840AF3C1D94D5FCDB5ED2BF5E ] Appinfo         C:\Windows\System32\appinfo.dll
01:34:11.0885 0x033c  Appinfo - ok
01:34:11.0901 0x033c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
01:34:11.0916 0x033c  arc - ok
01:34:11.0932 0x033c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
01:34:11.0948 0x033c  arcsas - ok
01:34:12.0026 0x033c  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:34:12.0041 0x033c  aspnet_state - ok
01:34:12.0057 0x033c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
01:34:12.0088 0x033c  AsyncMac - ok
01:34:12.0119 0x033c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
01:34:12.0119 0x033c  atapi - ok
01:34:12.0166 0x033c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
         

Alt 02.12.2015, 01:43   #5
Ossel
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



Zweite Teil des Reports von TDSSkiller (waren zuviele Zeichen):

Code:
ATTFilter
01:34:12.0197 0x033c  AudioEndpointBuilder - ok
01:34:12.0213 0x033c  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
01:34:12.0244 0x033c  AudioSrv - ok
01:34:12.0275 0x033c  [ 29E019B4607E410BFE4DB778C3300BC5, 32D1A5A5836152BAAA168B4A06AC6F52DBC19150D339B5F87E8E3A1E1EE580C3 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
01:34:12.0291 0x033c  avgntflt - ok
01:34:12.0306 0x033c  [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp           C:\Windows\system32\drivers\avgtpx64.sys
01:34:12.0322 0x033c  avgtp - ok
01:34:12.0353 0x033c  [ 1AD2C8F543F261F0AB90AD80767AB21D, 364DA0D0B8A91688CE39FEDF68EB93260819849097444F6A10A3F95CC32F9EA5 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
01:34:12.0369 0x033c  avipbb - ok
01:34:12.0384 0x033c  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
01:34:12.0384 0x033c  avkmgr - ok
01:34:12.0416 0x033c  [ 99672CCD11058D6E2F627473B773F971, 4EF2BCDA4678F9ECE499F216AC0F8105F37D2AB0320064741A8DFB5C39E5048C ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
01:34:12.0431 0x033c  avnetflt - ok
01:34:12.0462 0x033c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
01:34:12.0478 0x033c  AxInstSV - ok
01:34:12.0509 0x033c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
01:34:12.0540 0x033c  b06bdrv - ok
01:34:12.0556 0x033c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
01:34:12.0572 0x033c  b57nd60a - ok
01:34:12.0587 0x033c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
01:34:12.0603 0x033c  BDESVC - ok
01:34:12.0618 0x033c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
01:34:12.0650 0x033c  Beep - ok
01:34:12.0681 0x033c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
01:34:12.0712 0x033c  BFE - ok
01:34:12.0743 0x033c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
01:34:12.0806 0x033c  BITS - ok
01:34:12.0821 0x033c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
01:34:12.0821 0x033c  blbdrive - ok
01:34:12.0852 0x033c  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
01:34:12.0868 0x033c  bowser - ok
01:34:12.0884 0x033c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
01:34:12.0899 0x033c  BrFiltLo - ok
01:34:12.0899 0x033c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
01:34:12.0915 0x033c  BrFiltUp - ok
01:34:12.0930 0x033c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
01:34:12.0977 0x033c  BridgeMP - ok
01:34:12.0993 0x033c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
01:34:13.0024 0x033c  Browser - ok
01:34:13.0040 0x033c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
01:34:13.0055 0x033c  Brserid - ok
01:34:13.0071 0x033c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
01:34:13.0086 0x033c  BrSerWdm - ok
01:34:13.0086 0x033c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
01:34:13.0102 0x033c  BrUsbMdm - ok
01:34:13.0118 0x033c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
01:34:13.0133 0x033c  BrUsbSer - ok
01:34:13.0149 0x033c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
01:34:13.0164 0x033c  BTHMODEM - ok
01:34:13.0196 0x033c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
01:34:13.0227 0x033c  bthserv - ok
01:34:13.0227 0x033c  catchme - ok
01:34:13.0242 0x033c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
01:34:13.0274 0x033c  cdfs - ok
01:34:13.0289 0x033c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
01:34:13.0305 0x033c  cdrom - ok
01:34:13.0320 0x033c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
01:34:13.0352 0x033c  CertPropSvc - ok
01:34:13.0367 0x033c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
01:34:13.0383 0x033c  circlass - ok
01:34:13.0414 0x033c  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
01:34:13.0430 0x033c  CLFS - ok
01:34:13.0492 0x033c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:34:13.0508 0x033c  clr_optimization_v2.0.50727_32 - ok
01:34:13.0523 0x033c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:34:13.0539 0x033c  clr_optimization_v2.0.50727_64 - ok
01:34:13.0586 0x033c  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:34:13.0601 0x033c  clr_optimization_v4.0.30319_32 - ok
01:34:13.0601 0x033c  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:34:13.0617 0x033c  clr_optimization_v4.0.30319_64 - ok
01:34:13.0648 0x033c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
01:34:13.0664 0x033c  CmBatt - ok
01:34:13.0679 0x033c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
01:34:13.0695 0x033c  cmdide - ok
01:34:13.0742 0x033c  [ EC0511BB85BAA42A9734011685A6732C, 10B52F0860CCB3AA0FC34DDA5C5538BFCF7B6D40738B7756297237FD2D9E01C1 ] CNG             C:\Windows\system32\Drivers\cng.sys
01:34:13.0773 0x033c  CNG - ok
01:34:13.0773 0x033c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
01:34:13.0788 0x033c  Compbatt - ok
01:34:13.0788 0x033c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
01:34:13.0804 0x033c  CompositeBus - ok
01:34:13.0804 0x033c  COMSysApp - ok
01:34:13.0820 0x033c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
01:34:13.0835 0x033c  crcdisk - ok
01:34:13.0866 0x033c  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
01:34:13.0882 0x033c  CryptSvc - ok
01:34:13.0913 0x033c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
01:34:13.0960 0x033c  DcomLaunch - ok
01:34:13.0991 0x033c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
01:34:14.0022 0x033c  defragsvc - ok
01:34:14.0038 0x033c  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
01:34:14.0069 0x033c  DfsC - ok
01:34:14.0100 0x033c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
01:34:14.0116 0x033c  Dhcp - ok
01:34:14.0178 0x033c  [ EC3F433D00365F1A9BC3411BCA7C7140, 0852D747359DE573504EBBDB99DA26D3BFA8B3C7A4836F8E3A5AD94B5571AD5C ] DiagTrack       C:\Windows\system32\diagtrack.dll
01:34:14.0210 0x033c  DiagTrack - ok
01:34:14.0225 0x033c  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
01:34:14.0256 0x033c  discache - ok
01:34:14.0272 0x033c  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
01:34:14.0288 0x033c  Disk - ok
01:34:14.0319 0x033c  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
01:34:14.0334 0x033c  Dnscache - ok
01:34:14.0350 0x033c  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
01:34:14.0381 0x033c  dot3svc - ok
01:34:14.0397 0x033c  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
01:34:14.0428 0x033c  DPS - ok
01:34:14.0444 0x033c  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
01:34:14.0459 0x033c  drmkaud - ok
01:34:14.0490 0x033c  [ 46571ED73AE84469DCA53081D33CF3C8, 8BB386BB4F6AD39F06A8607CD1DF3D67CFA45BBE52E40EDB90EB8C862283EBFF ] dtsoftbus01     C:\Windows\system32\DRIVERS\dtsoftbus01.sys
01:34:14.0506 0x033c  dtsoftbus01 - ok
01:34:14.0568 0x033c  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
01:34:14.0600 0x033c  DXGKrnl - ok
01:34:14.0615 0x033c  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
01:34:14.0662 0x033c  EapHost - ok
01:34:14.0756 0x033c  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
01:34:14.0849 0x033c  ebdrv - ok
01:34:14.0880 0x033c  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] EFS             C:\Windows\System32\lsass.exe
01:34:14.0880 0x033c  EFS - ok
01:34:14.0927 0x033c  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
01:34:14.0958 0x033c  ehRecvr - ok
01:34:14.0974 0x033c  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
01:34:14.0990 0x033c  ehSched - ok
01:34:15.0005 0x033c  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
01:34:15.0036 0x033c  elxstor - ok
01:34:15.0052 0x033c  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
01:34:15.0068 0x033c  ErrDev - ok
01:34:15.0099 0x033c  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
01:34:15.0130 0x033c  EventSystem - ok
01:34:15.0161 0x033c  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
01:34:15.0192 0x033c  exfat - ok
01:34:15.0208 0x033c  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
01:34:15.0239 0x033c  fastfat - ok
01:34:15.0270 0x033c  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
01:34:15.0302 0x033c  Fax - ok
01:34:15.0302 0x033c  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
01:34:15.0317 0x033c  fdc - ok
01:34:15.0333 0x033c  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
01:34:15.0364 0x033c  fdPHost - ok
01:34:15.0380 0x033c  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
01:34:15.0411 0x033c  FDResPub - ok
01:34:15.0426 0x033c  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
01:34:15.0442 0x033c  FileInfo - ok
01:34:15.0458 0x033c  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
01:34:15.0489 0x033c  Filetrace - ok
01:34:15.0489 0x033c  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
01:34:15.0504 0x033c  flpydisk - ok
01:34:15.0520 0x033c  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
01:34:15.0551 0x033c  FltMgr - ok
01:34:15.0598 0x033c  [ D5A775990A7C202A037378FDBCDB6141, 27AD242914FAFB7A27B3045C0F0F6AFE6873FE331A51D8BB29A63B5D84C72EFB ] FontCache       C:\Windows\system32\FntCache.dll
01:34:15.0645 0x033c  FontCache - ok
01:34:15.0676 0x033c  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:34:15.0692 0x033c  FontCache3.0.0.0 - ok
01:34:15.0692 0x033c  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
01:34:15.0707 0x033c  FsDepends - ok
01:34:15.0738 0x033c  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
01:34:15.0754 0x033c  Fs_Rec - ok
01:34:15.0785 0x033c  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
01:34:15.0801 0x033c  fvevol - ok
01:34:15.0816 0x033c  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
01:34:15.0832 0x033c  gagp30kx - ok
01:34:15.0879 0x033c  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
01:34:15.0926 0x033c  gpsvc - ok
01:34:15.0941 0x033c  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
01:34:15.0957 0x033c  hcw85cir - ok
01:34:15.0988 0x033c  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:34:16.0004 0x033c  HdAudAddService - ok
01:34:16.0019 0x033c  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
01:34:16.0035 0x033c  HDAudBus - ok
01:34:16.0050 0x033c  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
01:34:16.0066 0x033c  HidBatt - ok
01:34:16.0082 0x033c  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
01:34:16.0097 0x033c  HidBth - ok
01:34:16.0113 0x033c  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
01:34:16.0128 0x033c  HidIr - ok
01:34:16.0144 0x033c  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
01:34:16.0191 0x033c  hidserv - ok
01:34:16.0222 0x033c  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
01:34:16.0238 0x033c  HidUsb - ok
01:34:16.0253 0x033c  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
01:34:16.0284 0x033c  hkmsvc - ok
01:34:16.0300 0x033c  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:34:16.0316 0x033c  HomeGroupListener - ok
01:34:16.0331 0x033c  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:34:16.0347 0x033c  HomeGroupProvider - ok
01:34:16.0362 0x033c  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
01:34:16.0378 0x033c  HpSAMD - ok
01:34:16.0425 0x033c  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
01:34:16.0456 0x033c  HTTP - ok
01:34:16.0472 0x033c  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
01:34:16.0472 0x033c  hwpolicy - ok
01:34:16.0487 0x033c  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
01:34:16.0503 0x033c  i8042prt - ok
01:34:16.0534 0x033c  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
01:34:16.0550 0x033c  iaStorV - ok
01:34:16.0612 0x033c  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:34:16.0643 0x033c  idsvc - ok
01:34:16.0643 0x033c  IEEtwCollectorService - ok
01:34:16.0659 0x033c  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
01:34:16.0674 0x033c  iirsp - ok
01:34:16.0721 0x033c  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
01:34:16.0752 0x033c  IKEEXT - ok
01:34:16.0784 0x033c  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
01:34:16.0799 0x033c  intelide - ok
01:34:16.0815 0x033c  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
01:34:16.0830 0x033c  intelppm - ok
01:34:16.0846 0x033c  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
01:34:16.0877 0x033c  IPBusEnum - ok
01:34:16.0893 0x033c  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:34:16.0924 0x033c  IpFilterDriver - ok
01:34:16.0971 0x033c  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
01:34:17.0002 0x033c  iphlpsvc - ok
01:34:17.0018 0x033c  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
01:34:17.0018 0x033c  IPMIDRV - ok
01:34:17.0033 0x033c  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
01:34:17.0064 0x033c  IPNAT - ok
01:34:17.0080 0x033c  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
01:34:17.0096 0x033c  IRENUM - ok
01:34:17.0096 0x033c  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
01:34:17.0111 0x033c  isapnp - ok
01:34:17.0142 0x033c  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
01:34:17.0158 0x033c  iScsiPrt - ok
01:34:17.0174 0x033c  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
01:34:17.0189 0x033c  kbdclass - ok
01:34:17.0189 0x033c  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
01:34:17.0205 0x033c  kbdhid - ok
01:34:17.0205 0x033c  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] KeyIso          C:\Windows\system32\lsass.exe
01:34:17.0220 0x033c  KeyIso - ok
01:34:17.0252 0x033c  [ BCC83F22805F560C8A487F2F296A78FE, B6729B9D85CC3B9377E3143FEF920EFAA82D152845A43074417E9266C9F5C1A8 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
01:34:17.0267 0x033c  KSecDD - ok
01:34:17.0267 0x033c  [ 33D52A96BEEE8AFCE9E07EEC9FE0C9DB, 5367B46A43296792A0E6294906D40511079D5CAA23F08D5A7EDE02C06AD34484 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
01:34:17.0283 0x033c  KSecPkg - ok
01:34:17.0298 0x033c  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
01:34:17.0330 0x033c  ksthunk - ok
01:34:17.0361 0x033c  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
01:34:17.0408 0x033c  KtmRm - ok
01:34:17.0439 0x033c  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
01:34:17.0470 0x033c  LanmanServer - ok
01:34:17.0486 0x033c  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:34:17.0532 0x033c  LanmanWorkstation - ok
01:34:17.0579 0x033c  [ C34411A244029F1C08687F7C752C4563, 4FC1D6156D760AE8138547262B33677118BD9369F4930F5C5F9BAA2FE6E78EA3 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
01:34:17.0595 0x033c  LightScribeService - detected UnsignedFile.Multi.Generic ( 1 )
01:34:17.0595 0x033c  Detect skipped due to KSN trusted
01:34:17.0595 0x033c  LightScribeService - ok
01:34:17.0595 0x033c  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
01:34:17.0642 0x033c  lltdio - ok
01:34:17.0657 0x033c  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
01:34:17.0688 0x033c  lltdsvc - ok
01:34:17.0704 0x033c  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
01:34:17.0735 0x033c  lmhosts - ok
01:34:17.0766 0x033c  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
01:34:17.0782 0x033c  LSI_FC - ok
01:34:17.0798 0x033c  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
01:34:17.0813 0x033c  LSI_SAS - ok
01:34:17.0829 0x033c  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
01:34:17.0829 0x033c  LSI_SAS2 - ok
01:34:17.0844 0x033c  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
01:34:17.0860 0x033c  LSI_SCSI - ok
01:34:17.0876 0x033c  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
01:34:17.0907 0x033c  luafv - ok
01:34:17.0938 0x033c  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
01:34:17.0954 0x033c  Mcx2Svc - ok
01:34:17.0954 0x033c  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
01:34:17.0969 0x033c  megasas - ok
01:34:17.0985 0x033c  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
01:34:18.0000 0x033c  MegaSR - ok
01:34:18.0047 0x033c  Microsoft SharePoint Workspace Audit Service - ok
01:34:18.0063 0x033c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
01:34:18.0110 0x033c  MMCSS - ok
01:34:18.0125 0x033c  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
01:34:18.0156 0x033c  Modem - ok
01:34:18.0172 0x033c  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
01:34:18.0188 0x033c  monitor - ok
01:34:18.0188 0x033c  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
01:34:18.0203 0x033c  mouclass - ok
01:34:18.0219 0x033c  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
01:34:18.0234 0x033c  mouhid - ok
01:34:18.0266 0x033c  [ 67050452C0118BAF2883928E6FCCFE47, 335FC0AEB7B47DCC7CE0CF3F424EB60ACB1327D2FF6515F04D9AC03A10FF1E31 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
01:34:18.0281 0x033c  mountmgr - ok
01:34:18.0297 0x033c  [ 0DE2474F316C515482ABAD3B697F8714, 62862AE7432F5350068E96AD466093359C6CF444EB517AE6D09134FAF78C49F5 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:34:18.0312 0x033c  MozillaMaintenance - ok
01:34:18.0344 0x033c  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
01:34:18.0359 0x033c  mpio - ok
01:34:18.0359 0x033c  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
01:34:18.0406 0x033c  mpsdrv - ok
01:34:18.0437 0x033c  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
01:34:18.0484 0x033c  MpsSvc - ok
01:34:18.0531 0x033c  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
01:34:18.0546 0x033c  MRxDAV - ok
01:34:18.0562 0x033c  [ 73ADDCC406B86E7DA4416691E8E74BDA, 4EC970B9095E6DAA79BF7EFB92DF3F2C0AB0C46739AA36C171A262E05B63CBB5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
01:34:18.0593 0x033c  mrxsmb - ok
01:34:18.0624 0x033c  [ 7C81098FBAF2EAF5B54B939F832B0F61, 999435DF4638ECB136D5BF1B84305A84B215BAB542E4D5301E57D28D507E11B3 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:34:18.0640 0x033c  mrxsmb10 - ok
01:34:18.0640 0x033c  [ ACB763673BCCE6C7B3B8F858C9FE4F1F, CCD49558F8A01A225AEAE60BF299BCA6E9399E39F4F553FABC36CADB164BBBC0 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:34:18.0656 0x033c  mrxsmb20 - ok
01:34:18.0687 0x033c  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
01:34:18.0702 0x033c  msahci - ok
01:34:18.0734 0x033c  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
01:34:18.0749 0x033c  msdsm - ok
01:34:18.0749 0x033c  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
01:34:18.0765 0x033c  MSDTC - ok
01:34:18.0780 0x033c  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
01:34:18.0827 0x033c  Msfs - ok
01:34:18.0827 0x033c  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
01:34:18.0874 0x033c  mshidkmdf - ok
01:34:18.0874 0x033c  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
01:34:18.0890 0x033c  msisadrv - ok
01:34:18.0905 0x033c  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
01:34:18.0952 0x033c  MSiSCSI - ok
01:34:18.0952 0x033c  msiserver - ok
01:34:18.0968 0x033c  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
01:34:18.0999 0x033c  MSKSSRV - ok
01:34:19.0014 0x033c  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
01:34:19.0046 0x033c  MSPCLOCK - ok
01:34:19.0061 0x033c  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
01:34:19.0092 0x033c  MSPQM - ok
01:34:19.0108 0x033c  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
01:34:19.0139 0x033c  MsRPC - ok
01:34:19.0139 0x033c  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
01:34:19.0155 0x033c  mssmbios - ok
01:34:19.0170 0x033c  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
01:34:19.0202 0x033c  MSTEE - ok
01:34:19.0217 0x033c  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
01:34:19.0217 0x033c  MTConfig - ok
01:34:19.0248 0x033c  [ 03B7145C889603537E9FFEABB1AD1089, B3CD93B893D4A2370CBF382366C6F596372857F8711EF6FFF83BFE2B449F424E ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
01:34:19.0264 0x033c  MTsensor - ok
01:34:19.0264 0x033c  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
01:34:19.0280 0x033c  Mup - ok
01:34:19.0311 0x033c  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
01:34:19.0358 0x033c  napagent - ok
01:34:19.0373 0x033c  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
01:34:19.0404 0x033c  NativeWifiP - ok
01:34:19.0451 0x033c  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
01:34:19.0482 0x033c  NDIS - ok
01:34:19.0498 0x033c  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
01:34:19.0529 0x033c  NdisCap - ok
01:34:19.0545 0x033c  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
01:34:19.0576 0x033c  NdisTapi - ok
01:34:19.0592 0x033c  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
01:34:19.0623 0x033c  Ndisuio - ok
01:34:19.0638 0x033c  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
01:34:19.0685 0x033c  NdisWan - ok
01:34:19.0685 0x033c  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
01:34:19.0732 0x033c  NDProxy - ok
01:34:19.0732 0x033c  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
01:34:19.0779 0x033c  NetBIOS - ok
01:34:19.0794 0x033c  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
01:34:19.0826 0x033c  NetBT - ok
01:34:19.0841 0x033c  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] Netlogon        C:\Windows\system32\lsass.exe
01:34:19.0857 0x033c  Netlogon - ok
01:34:19.0888 0x033c  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
01:34:19.0935 0x033c  Netman - ok
01:34:19.0950 0x033c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:34:19.0982 0x033c  NetMsmqActivator - ok
01:34:19.0982 0x033c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:34:19.0997 0x033c  NetPipeActivator - ok
01:34:20.0013 0x033c  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
01:34:20.0060 0x033c  netprofm - ok
01:34:20.0075 0x033c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:34:20.0091 0x033c  NetTcpActivator - ok
01:34:20.0091 0x033c  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:34:20.0106 0x033c  NetTcpPortSharing - ok
01:34:20.0122 0x033c  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
01:34:20.0138 0x033c  nfrd960 - ok
01:34:20.0169 0x033c  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
01:34:20.0184 0x033c  NlaSvc - ok
01:34:20.0200 0x033c  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
01:34:20.0231 0x033c  Npfs - ok
01:34:20.0247 0x033c  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
01:34:20.0294 0x033c  nsi - ok
01:34:20.0294 0x033c  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
01:34:20.0325 0x033c  nsiproxy - ok
01:34:20.0387 0x033c  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
01:34:20.0450 0x033c  Ntfs - ok
01:34:20.0450 0x033c  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
01:34:20.0481 0x033c  Null - ok
01:34:20.0793 0x033c  [ FCBA1C22727939E7CFF9EB08FE9692AB, 081FBF38EA17746C5CF2260AD32B62385D4A075476E30CBB9A2AA080F8AA0CA4 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:34:21.0042 0x033c  nvlddmkm - ok
01:34:21.0089 0x033c  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
01:34:21.0105 0x033c  nvraid - ok
01:34:21.0120 0x033c  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
01:34:21.0136 0x033c  nvstor - ok
01:34:21.0167 0x033c  [ 10C232F6CFFD51D2332898AE7AE0FF23, 92E5452D8467852C22D702ACAFB5DBFD312A8F72A4353B8D0A9C18AEFCE4B2B2 ] nvsvc           C:\Windows\system32\nvvsvc.exe
01:34:21.0198 0x033c  nvsvc - ok
01:34:21.0261 0x033c  [ 4789E020D2617046862D1790FC235FF6, FCFD56DF2CADA830E7B2D4B91D5A9D2FE783B1396CBA124000765168FA5B6574 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
01:34:21.0308 0x033c  nvUpdatusService - ok
01:34:21.0323 0x033c  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
01:34:21.0339 0x033c  nv_agp - ok
01:34:21.0354 0x033c  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
01:34:21.0370 0x033c  ohci1394 - ok
01:34:21.0401 0x033c  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:34:21.0417 0x033c  ose - ok
01:34:21.0604 0x033c  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:34:21.0713 0x033c  osppsvc - ok
01:34:21.0760 0x033c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
01:34:21.0776 0x033c  p2pimsvc - ok
01:34:21.0807 0x033c  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
01:34:21.0822 0x033c  p2psvc - ok
01:34:21.0854 0x033c  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\drivers\parport.sys
01:34:21.0869 0x033c  Parport - ok
01:34:21.0885 0x033c  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
01:34:21.0900 0x033c  partmgr - ok
01:34:21.0932 0x033c  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
01:34:21.0947 0x033c  PcaSvc - ok
01:34:21.0978 0x033c  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
01:34:21.0994 0x033c  pci - ok
01:34:22.0025 0x033c  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
01:34:22.0025 0x033c  pciide - ok
01:34:22.0056 0x033c  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
01:34:22.0072 0x033c  pcmcia - ok
01:34:22.0072 0x033c  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
01:34:22.0088 0x033c  pcw - ok
01:34:22.0119 0x033c  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
01:34:22.0150 0x033c  PEAUTH - ok
01:34:22.0181 0x033c  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
01:34:22.0197 0x033c  PerfHost - ok
01:34:22.0259 0x033c  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
01:34:22.0322 0x033c  pla - ok
01:34:22.0353 0x033c  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
01:34:22.0368 0x033c  PlugPlay - ok
01:34:22.0368 0x033c  PnkBstrA - ok
01:34:22.0400 0x033c  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
01:34:22.0415 0x033c  PNRPAutoReg - ok
01:34:22.0446 0x033c  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
01:34:22.0462 0x033c  PNRPsvc - ok
01:34:22.0493 0x033c  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
01:34:22.0524 0x033c  PolicyAgent - ok
01:34:22.0602 0x033c  [ 4671F353D0DF74C3B0D2D00DE676F56C, 0F75009DD36B2E18212CE855FB7CA7D273E5749D8F2F451655ED81AA5E86BA9F ] postgresql-8.4  c:\postgreSQL\bin\pg_ctl.exe
01:34:22.0602 0x033c  postgresql-8.4 - detected UnsignedFile.Multi.Generic ( 1 )
01:34:22.0602 0x033c  Detect skipped due to KSN trusted
01:34:22.0602 0x033c  postgresql-8.4 - ok
01:34:22.0634 0x033c  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
01:34:22.0665 0x033c  Power - ok
01:34:22.0680 0x033c  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
01:34:22.0727 0x033c  PptpMiniport - ok
01:34:22.0727 0x033c  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
01:34:22.0743 0x033c  Processor - ok
01:34:22.0774 0x033c  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
01:34:22.0790 0x033c  ProfSvc - ok
01:34:22.0805 0x033c  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] ProtectedStorage C:\Windows\system32\lsass.exe
01:34:22.0821 0x033c  ProtectedStorage - ok
01:34:22.0836 0x033c  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
01:34:22.0868 0x033c  Psched - ok
01:34:22.0930 0x033c  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
01:34:22.0977 0x033c  ql2300 - ok
01:34:22.0992 0x033c  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
01:34:23.0008 0x033c  ql40xx - ok
01:34:23.0024 0x033c  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
01:34:23.0039 0x033c  QWAVE - ok
01:34:23.0055 0x033c  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
01:34:23.0070 0x033c  QWAVEdrv - ok
01:34:23.0086 0x033c  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
01:34:23.0117 0x033c  RasAcd - ok
01:34:23.0133 0x033c  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
01:34:23.0164 0x033c  RasAgileVpn - ok
01:34:23.0180 0x033c  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
01:34:23.0211 0x033c  RasAuto - ok
01:34:23.0226 0x033c  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
01:34:23.0258 0x033c  Rasl2tp - ok
01:34:23.0273 0x033c  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
01:34:23.0320 0x033c  RasMan - ok
01:34:23.0351 0x033c  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
01:34:23.0382 0x033c  RasPppoe - ok
01:34:23.0382 0x033c  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
01:34:23.0429 0x033c  RasSstp - ok
01:34:23.0445 0x033c  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
01:34:23.0476 0x033c  rdbss - ok
01:34:23.0492 0x033c  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\drivers\rdpbus.sys
01:34:23.0507 0x033c  rdpbus - ok
01:34:23.0523 0x033c  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
01:34:23.0554 0x033c  RDPCDD - ok
01:34:23.0570 0x033c  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
01:34:23.0601 0x033c  RDPENCDD - ok
01:34:23.0601 0x033c  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
01:34:23.0648 0x033c  RDPREFMP - ok
01:34:23.0663 0x033c  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
01:34:23.0694 0x033c  RDPWD - ok
01:34:23.0694 0x033c  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
01:34:23.0726 0x033c  rdyboost - ok
01:34:23.0741 0x033c  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
01:34:23.0788 0x033c  RemoteAccess - ok
01:34:23.0804 0x033c  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
01:34:23.0835 0x033c  RemoteRegistry - ok
01:34:23.0850 0x033c  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
01:34:23.0882 0x033c  RpcEptMapper - ok
01:34:23.0897 0x033c  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
01:34:23.0897 0x033c  RpcLocator - ok
01:34:23.0928 0x033c  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
01:34:23.0975 0x033c  RpcSs - ok
01:34:23.0991 0x033c  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
01:34:24.0022 0x033c  rspndr - ok
01:34:24.0038 0x033c  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] SamSs           C:\Windows\system32\lsass.exe
01:34:24.0053 0x033c  SamSs - ok
01:34:24.0069 0x033c  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
01:34:24.0069 0x033c  sbp2port - ok
01:34:24.0100 0x033c  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
01:34:24.0131 0x033c  SCardSvr - ok
01:34:24.0147 0x033c  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
01:34:24.0178 0x033c  scfilter - ok
01:34:24.0240 0x033c  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
01:34:24.0272 0x033c  Schedule - ok
01:34:24.0303 0x033c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
01:34:24.0334 0x033c  SCPolicySvc - ok
01:34:24.0350 0x033c  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
01:34:24.0365 0x033c  SDRSVC - ok
01:34:24.0396 0x033c  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
01:34:24.0396 0x033c  secdrv - ok
01:34:24.0412 0x033c  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
01:34:24.0459 0x033c  seclogon - ok
01:34:24.0459 0x033c  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
01:34:24.0506 0x033c  SENS - ok
01:34:24.0506 0x033c  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
01:34:24.0521 0x033c  SensrSvc - ok
01:34:24.0537 0x033c  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
01:34:24.0552 0x033c  Serenum - ok
01:34:24.0568 0x033c  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
01:34:24.0584 0x033c  Serial - ok
01:34:24.0599 0x033c  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
01:34:24.0599 0x033c  sermouse - ok
01:34:24.0630 0x033c  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
01:34:24.0662 0x033c  SessionEnv - ok
01:34:24.0677 0x033c  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
01:34:24.0693 0x033c  sffdisk - ok
01:34:24.0708 0x033c  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
01:34:24.0724 0x033c  sffp_mmc - ok
01:34:24.0724 0x033c  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
01:34:24.0740 0x033c  sffp_sd - ok
01:34:24.0755 0x033c  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
01:34:24.0771 0x033c  sfloppy - ok
01:34:24.0802 0x033c  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
01:34:24.0849 0x033c  SharedAccess - ok
01:34:24.0864 0x033c  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:34:24.0911 0x033c  ShellHWDetection - ok
01:34:24.0911 0x033c  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
01:34:24.0927 0x033c  SiSRaid2 - ok
01:34:24.0942 0x033c  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
01:34:24.0958 0x033c  SiSRaid4 - ok
01:34:24.0958 0x033c  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
01:34:25.0005 0x033c  Smb - ok
01:34:25.0020 0x033c  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
01:34:25.0036 0x033c  SNMPTRAP - ok
01:34:25.0036 0x033c  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
01:34:25.0052 0x033c  spldr - ok
01:34:25.0083 0x033c  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
01:34:25.0114 0x033c  Spooler - ok
01:34:25.0208 0x033c  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
01:34:25.0317 0x033c  sppsvc - ok
01:34:25.0332 0x033c  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
01:34:25.0379 0x033c  sppuinotify - ok
01:34:25.0395 0x033c  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
01:34:25.0410 0x033c  srv - ok
01:34:25.0426 0x033c  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
01:34:25.0457 0x033c  srv2 - ok
01:34:25.0473 0x033c  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
01:34:25.0488 0x033c  srvnet - ok
01:34:25.0504 0x033c  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
01:34:25.0551 0x033c  SSDPSRV - ok
01:34:25.0551 0x033c  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
01:34:25.0582 0x033c  SstpSvc - ok
01:34:25.0644 0x033c  [ 5852D5FADD589643B6C1B5BE9D257A50, 38DC6CEB0AA6AF4FD046A9CF7571E345E52D30471E248E2B99FC6D5622257145 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
01:34:25.0660 0x033c  Steam Client Service - ok
01:34:25.0722 0x033c  [ 5A19667A580B1CE886EAF968B9743F45, 0A9EBE4057A0A6EF4732623794C2416A6BD8B87356DA46652BD92762505F57C7 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
01:34:25.0738 0x033c  Stereo Service - ok
01:34:25.0754 0x033c  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
01:34:25.0769 0x033c  stexstor - ok
01:34:25.0785 0x033c  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
01:34:25.0816 0x033c  stisvc - ok
01:34:25.0832 0x033c  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
01:34:25.0847 0x033c  swenum - ok
01:34:25.0878 0x033c  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
01:34:25.0925 0x033c  swprv - ok
01:34:25.0988 0x033c  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
01:34:26.0034 0x033c  SysMain - ok
01:34:26.0050 0x033c  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:34:26.0081 0x033c  TabletInputService - ok
01:34:26.0097 0x033c  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
01:34:26.0128 0x033c  TapiSrv - ok
01:34:26.0144 0x033c  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
01:34:26.0190 0x033c  TBS - ok
01:34:26.0253 0x033c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
01:34:26.0300 0x033c  Tcpip - ok
01:34:26.0362 0x033c  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
01:34:26.0409 0x033c  TCPIP6 - ok
01:34:26.0424 0x033c  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
01:34:26.0440 0x033c  tcpipreg - ok
01:34:26.0471 0x033c  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
01:34:26.0487 0x033c  TDPIPE - ok
01:34:26.0518 0x033c  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
01:34:26.0534 0x033c  TDTCP - ok
01:34:26.0565 0x033c  [ AA77EB517D2F07A947294F260E3ACA83, B7A5DF3066830C0C2302B059778A67419792058A0D300C471DE40AB245EA7E58 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
01:34:26.0580 0x033c  tdx - ok
01:34:26.0596 0x033c  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
01:34:26.0612 0x033c  TermDD - ok
01:34:26.0643 0x033c  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
01:34:26.0674 0x033c  TermService - ok
01:34:26.0705 0x033c  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
01:34:26.0721 0x033c  Themes - ok
01:34:26.0736 0x033c  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
01:34:26.0768 0x033c  THREADORDER - ok
01:34:26.0783 0x033c  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
01:34:26.0814 0x033c  TrkWks - ok
01:34:26.0861 0x033c  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:34:26.0892 0x033c  TrustedInstaller - ok
01:34:26.0924 0x033c  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
01:34:26.0939 0x033c  tssecsrv - ok
01:34:26.0955 0x033c  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
01:34:26.0970 0x033c  TsUsbFlt - ok
01:34:26.0986 0x033c  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
01:34:26.0986 0x033c  TsUsbGD - ok
01:34:27.0017 0x033c  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
01:34:27.0048 0x033c  tunnel - ok
01:34:27.0064 0x033c  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
01:34:27.0080 0x033c  uagp35 - ok
01:34:27.0095 0x033c  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
01:34:27.0126 0x033c  udfs - ok
01:34:27.0158 0x033c  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
01:34:27.0173 0x033c  UI0Detect - ok
01:34:27.0189 0x033c  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
01:34:27.0189 0x033c  uliagpkx - ok
01:34:27.0204 0x033c  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
01:34:27.0220 0x033c  umbus - ok
01:34:27.0236 0x033c  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
01:34:27.0251 0x033c  UmPass - ok
01:34:27.0282 0x033c  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
01:34:27.0314 0x033c  upnphost - ok
01:34:27.0345 0x033c  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
01:34:27.0360 0x033c  usbccgp - ok
01:34:27.0392 0x033c  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
01:34:27.0407 0x033c  usbcir - ok
01:34:27.0423 0x033c  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
01:34:27.0438 0x033c  usbehci - ok
01:34:27.0485 0x033c  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
01:34:27.0501 0x033c  usbhub - ok
01:34:27.0516 0x033c  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\drivers\usbohci.sys
01:34:27.0516 0x033c  usbohci - ok
01:34:27.0548 0x033c  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
01:34:27.0563 0x033c  usbprint - ok
01:34:27.0563 0x033c  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
01:34:27.0579 0x033c  usbscan - ok
01:34:27.0610 0x033c  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:34:27.0626 0x033c  USBSTOR - ok
01:34:27.0626 0x033c  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
01:34:27.0641 0x033c  usbuhci - ok
01:34:27.0657 0x033c  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
01:34:27.0704 0x033c  UxSms - ok
01:34:27.0704 0x033c  [ 2BC45F4CF55B45BDD650828192F132B8, 4ABBC1DE6B17F7FEE9CB0BEEFEB6C88321826B4D52FBDF8B4B885CEA3CFD24F7 ] VaultSvc        C:\Windows\system32\lsass.exe
01:34:27.0719 0x033c  VaultSvc - ok
01:34:27.0735 0x033c  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
01:34:27.0750 0x033c  vdrvroot - ok
01:34:27.0766 0x033c  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
01:34:27.0813 0x033c  vds - ok
01:34:27.0828 0x033c  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
01:34:27.0844 0x033c  vga - ok
01:34:27.0860 0x033c  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
01:34:27.0891 0x033c  VgaSave - ok
01:34:27.0906 0x033c  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
01:34:27.0922 0x033c  vhdmp - ok
01:34:27.0953 0x033c  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
01:34:27.0953 0x033c  viaide - ok
01:34:27.0969 0x033c  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
01:34:27.0984 0x033c  volmgr - ok
01:34:28.0000 0x033c  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
01:34:28.0016 0x033c  volmgrx - ok
01:34:28.0031 0x033c  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
01:34:28.0047 0x033c  volsnap - ok
01:34:28.0062 0x033c  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
01:34:28.0078 0x033c  vsmraid - ok
01:34:28.0140 0x033c  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
01:34:28.0203 0x033c  VSS - ok
01:34:28.0218 0x033c  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
01:34:28.0234 0x033c  vwifibus - ok
01:34:28.0250 0x033c  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
01:34:28.0296 0x033c  W32Time - ok
01:34:28.0312 0x033c  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
01:34:28.0328 0x033c  WacomPen - ok
01:34:28.0343 0x033c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
01:34:28.0374 0x033c  WANARP - ok
01:34:28.0390 0x033c  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
01:34:28.0421 0x033c  Wanarpv6 - ok
01:34:28.0484 0x033c  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
01:34:28.0530 0x033c  WatAdminSvc - ok
01:34:28.0577 0x033c  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
01:34:28.0624 0x033c  wbengine - ok
01:34:28.0655 0x033c  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
01:34:28.0671 0x033c  WbioSrvc - ok
01:34:28.0702 0x033c  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
01:34:28.0718 0x033c  wcncsvc - ok
01:34:28.0733 0x033c  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:34:28.0749 0x033c  WcsPlugInService - ok
01:34:28.0764 0x033c  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
01:34:28.0780 0x033c  Wd - ok
01:34:28.0811 0x033c  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
01:34:28.0842 0x033c  Wdf01000 - ok
01:34:28.0874 0x033c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
01:34:28.0889 0x033c  WdiServiceHost - ok
01:34:28.0889 0x033c  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
01:34:28.0905 0x033c  WdiSystemHost - ok
01:34:28.0936 0x033c  [ 4E89FC53493704BF835F0300DC201C34, FB3080725E144D93512DED81047D21C0582BC3412250EFF37E039108D7351F53 ] WebClient       C:\Windows\System32\webclnt.dll
01:34:28.0967 0x033c  WebClient - ok
01:34:28.0983 0x033c  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
01:34:29.0030 0x033c  Wecsvc - ok
01:34:29.0045 0x033c  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
01:34:29.0076 0x033c  wercplsupport - ok
01:34:29.0076 0x033c  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
01:34:29.0123 0x033c  WerSvc - ok
01:34:29.0139 0x033c  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
01:34:29.0170 0x033c  WfpLwf - ok
01:34:29.0186 0x033c  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
01:34:29.0186 0x033c  WIMMount - ok
01:34:29.0201 0x033c  WinDefend - ok
01:34:29.0217 0x033c  WinHttpAutoProxySvc - ok
01:34:29.0248 0x033c  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
01:34:29.0295 0x033c  Winmgmt - ok
01:34:29.0357 0x033c  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
01:34:29.0420 0x033c  WinRM - ok
01:34:29.0451 0x033c  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
01:34:29.0466 0x033c  WinUsb - ok
01:34:29.0513 0x033c  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
01:34:29.0560 0x033c  Wlansvc - ok
01:34:29.0560 0x033c  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
01:34:29.0576 0x033c  WmiAcpi - ok
01:34:29.0591 0x033c  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
01:34:29.0607 0x033c  wmiApSrv - ok
01:34:29.0638 0x033c  WMPNetworkSvc - ok
01:34:29.0638 0x033c  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
01:34:29.0654 0x033c  WPCSvc - ok
01:34:29.0669 0x033c  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
01:34:29.0685 0x033c  WPDBusEnum - ok
01:34:29.0700 0x033c  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
01:34:29.0747 0x033c  ws2ifsl - ok
01:34:29.0747 0x033c  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
01:34:29.0763 0x033c  wscsvc - ok
01:34:29.0778 0x033c  WSearch - ok
01:34:29.0872 0x033c  [ 361845875ED8ED13086E7F37265C45DA, A0931DC1E35712036E93BBC3600530C0DA12E94E0D898787C818C526DFF240C2 ] wuauserv        C:\Windows\system32\wuaueng.dll
01:34:29.0934 0x033c  wuauserv - ok
01:34:29.0966 0x033c  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
01:34:29.0981 0x033c  WudfPf - ok
01:34:30.0012 0x033c  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
01:34:30.0028 0x033c  WUDFRd - ok
01:34:30.0059 0x033c  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
01:34:30.0075 0x033c  wudfsvc - ok
01:34:30.0106 0x033c  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
01:34:30.0122 0x033c  WwanSvc - ok
01:34:30.0168 0x033c  [ B3EEACF62445E24FBB2CD4B0FB4DB026, 2E5B6220094C47754233EDA59E6514CE47AC6C6879F367C72B2C02330EABE8E0 ] yukonw7         C:\Windows\system32\DRIVERS\yk62x64.sys
01:34:30.0184 0x033c  yukonw7 - ok
01:34:30.0184 0x033c  ================ Scan global ===============================
01:34:30.0215 0x033c  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
01:34:30.0246 0x033c  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
01:34:30.0262 0x033c  [ FF41063E45C6238CAF48CBE6D0D6FC4B, 9B755EA23E7D2554E3AC3ADFFC4AFF7EB4F4A0F5CD3E6F2300BC98B21474CBC6 ] C:\Windows\system32\winsrv.dll
01:34:30.0293 0x033c  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
01:34:30.0324 0x033c  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
01:34:30.0324 0x033c  [ Global ] - ok
01:34:30.0324 0x033c  ================ Scan MBR ==================================
01:34:30.0340 0x033c  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:34:30.0543 0x033c  \Device\Harddisk0\DR0 - ok
01:34:30.0543 0x033c  ================ Scan VBR ==================================
01:34:30.0543 0x033c  [ 1CB388BC93E57F76D2F36B933DDE7907 ] \Device\Harddisk0\DR0\Partition1
01:34:30.0543 0x033c  \Device\Harddisk0\DR0\Partition1 - ok
01:34:30.0543 0x033c  [ 5DAD4841F9A15EF124BF6DB3BB281701 ] \Device\Harddisk0\DR0\Partition2
01:34:30.0543 0x033c  \Device\Harddisk0\DR0\Partition2 - ok
01:34:30.0543 0x033c  [ A3D6D4A58824A1288984E69394CBFC4A ] \Device\Harddisk0\DR0\Partition3
01:34:30.0558 0x033c  \Device\Harddisk0\DR0\Partition3 - ok
01:34:30.0558 0x033c  ================ Scan generic autorun ======================
01:34:30.0636 0x033c  [ 5668994A6AE925189C7D7F03BFE19C66, 269146783422D06BE2BA5D358D22B03339C102D0D5970894625C9C03BFCCB773 ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
01:34:30.0668 0x033c  avgnt - ok
01:34:30.0730 0x033c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:34:30.0761 0x033c  Sidebar - ok
01:34:30.0761 0x033c  AVG-Secure-Search-Update_JUNE2013_TB - ok
01:34:30.0792 0x033c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:34:30.0808 0x033c  mctadmin - ok
01:34:30.0917 0x033c  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
01:34:30.0995 0x033c  LightScribe Control Panel - ok
01:34:31.0120 0x033c  [ 5353A34090BABE3CD48B70569AF0DD12, A211D0B06DC05BFCBD13EBC71275C644B7616E95485ED8336DEFF257B7AE7E80 ] E:\Steam\steam.exe
01:34:31.0182 0x033c  Steam - ok
01:34:31.0198 0x033c  Object required for P2P: [ 5353A34090BABE3CD48B70569AF0DD12 ] E:\Steam\steam.exe
01:34:33.0694 0x033c  Object send P2P result: true
01:34:33.0788 0x033c  [ 4C8942B8721813E5C8874D47112DCF73, 85869B814417397D92A028CF841FC7B1B41E5D53EFF3470DED664484709C9FBA ] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
01:34:33.0850 0x033c  LightScribe Control Panel - ok
01:34:34.0100 0x033c  [ 15914F30482983E349FF9544B2DCAF11, 457833C665AB340D6DEE6B489947EE2D5202D4C93097C194A9DF196AFE4E4898 ] C:\Program Files\CCleaner\CCleaner64.exe
01:34:34.0287 0x033c  CCleaner Monitoring - ok
01:34:34.0302 0x033c  Object required for P2P: [ 15914F30482983E349FF9544B2DCAF11 ] C:\Program Files\CCleaner\CCleaner64.exe
01:34:36.0830 0x033c  Object send P2P result: true
01:34:36.0876 0x033c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:34:36.0923 0x033c  Sidebar - ok
01:34:36.0923 0x033c  AVG-Secure-Search-Update_JUNE2013_TB - ok
01:34:36.0939 0x033c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:34:36.0954 0x033c  mctadmin - ok
01:34:37.0001 0x033c  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
01:34:37.0032 0x033c  Sidebar - ok
01:34:37.0032 0x033c  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
01:34:37.0064 0x033c  mctadmin - ok
01:34:37.0064 0x033c  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\wsctool.exe ( 15.0.15.106 ), 0x41000 ( enabled : updated )
01:34:37.0064 0x033c  Win FW state via NFP2: enabled ( trusted )
01:34:39.0482 0x033c  ============================================================
01:34:39.0482 0x033c  Scan finished
01:34:39.0482 0x033c  ============================================================
01:34:39.0482 0x117c  Detected object count: 0
01:34:39.0482 0x117c  Actual detected object count: 0
         


Alt 02.12.2015, 14:47   #6
M-K-D-B
/// TB-Ausbilder
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



Servus,



wir schauen kurz, ob alles ok ist:





Schritt 1
Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).





Schritt 2
Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.







Schritt 3

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.







Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Scan.
  • FRST erstellt nun zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei von AdwCleaner,
  • die Logdatei von MBAM,
  • die Logdatei von JRT,
  • die beiden neuen Logdateien von FRST.
__________________
--> Anitvirus Programm findet Virus aber keine Probleme ?

Alt 05.12.2015, 12:29   #7
M-K-D-B
/// TB-Ausbilder
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



Fehlende Rückmeldung
Dieses Thema wurde aus den Abos gelöscht. Somit bekomme ich keine Benachrichtigung über neue Antworten.
PM an mich falls Du denoch weiter machen willst.

Hinweis: Das Verschwinden der Symptome bedeutet nicht, dass Dein Rechner schon sauber ist.

Jeder andere bitte hier klicken und einen eigenen Thread erstellen!
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 09.12.2015, 02:41   #8
Ossel
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



AdwCleaner:
Code:
ATTFilter
# AdwCleaner v5.024 - Bericht erstellt am 09/12/2015 um 01:53:38
# Aktualisiert am 07/12/2015 von Xplode
# Datenbank : 2015-12-07.3 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Martin - HORTKIND
# Gestartet von : C:\Users\Martin\Downloads\AdwCleaner_5.024.exe
# Option : Löschen
# Unterstützung : hxxp://toolslib.net/forum

***** [ Dienste ] *****


***** [ Ordner ] *****


***** [ Dateien ] *****


***** [ DLLs ] *****


***** [ Verknüpfungen ] *****


***** [ Aufgabenplanung ] *****


***** [ Registrierungsdatenbank ] *****

[-] Schlüssel Gelöscht : HKCU\Software\OCS
[-] Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\7AB5857A57A0687786597A857BFFFFFF
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8036C72171EF4ba46856BF57969F6A36
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89BB7852687BDC34B9A81E01C7FF9173
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\89EA4F1B8FBCDEF47AE328E455E28AA0
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CBC85D72B148084ABE8C2F072F781F4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CC5A38A64D6098468BC8395BA0EFF03
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8DF9A1AC557F56c49B56F6B83E293C15
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97ECFF59EE08D4F47BB1464DEC37DA87
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A8CB937199A57E748B6AC433DA453EE2
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A97C590397DCC454AA8923563BAB10E4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B08932C78B697C244BE7BA3E6FF09B62
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B4E78E12704AFCE408C7FBE501F1AA0A
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C6A54B56C58C82a4688AFB93F42EA17B
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CFA51B44D54927c4E9B7BC1D3FD1E49F
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D14A7F65792054F418578C78367D13F7
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DFE9F0BD163D827438CB6AD6B100EC48
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F0390A76D28822743A68D7F1AB22E6D0
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\F739A19A8327dc64C9A8B641A9E89646
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0A5AC497E6BBC8D45BE8AD6619DA8217
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\158D6D9E3FE81fa428925F22ACB3A965
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\15E6C514FEFC09f45BAFAAE1D7546ED4
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1DB42320A8525634AA089F0BEC86473B
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22468B0D6050b2e46B9C4B67A8F59577
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2251BF05A2F606d43BB064BD63CBD87E
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3255D95681398614190EDF0A4F3F77DB
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3CDF313E9B28c944FBC7579CF4949414
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\71E54748EDD3dc1468548785DC856EDA
[-] Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\754590DD06DE8d249B526503432F99D4

***** [ Internetbrowser ] *****


*************************

:: "Tracing" Schlüssel gelöscht
:: Proxy Einstellungen zurückgesetzt
:: Winsock Einstellungen zurückgesetzt
:: Chrome Richtlinien gelöscht

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [4998 Bytes] ##########
         
MBAM:
Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlaufdatum: 09.12.2015
Suchlaufzeit: 02:04
Protokolldatei: mbam.txt
Administrator: Ja

Version: 2.2.0.1024
Malware-Datenbank: v2015.12.08.05
Rootkit-Datenbank: v2015.12.07.01
Lizenz: Kostenlose Version
Malware-Schutz: Deaktiviert
Schutz vor bösartigen Websites: Deaktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Martin

Suchlauftyp: Bedrohungssuchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 521631
Abgelaufene Zeit: 21 Min., 9 Sek.

Speicher: Aktiviert
Start: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(keine bösartigen Elemente erkannt)

Module: 0
(keine bösartigen Elemente erkannt)

Registrierungsschlüssel: 0
(keine bösartigen Elemente erkannt)

Registrierungswerte: 0
(keine bösartigen Elemente erkannt)

Registrierungsdaten: 0
(keine bösartigen Elemente erkannt)

Ordner: 0
(keine bösartigen Elemente erkannt)

Dateien: 0
(keine bösartigen Elemente erkannt)

Physische Sektoren: 0
(keine bösartigen Elemente erkannt)


(end)
         
JRT:
Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.0.1 (11.24.2015)
Operating System: Windows 7 Home Premium x64 
Ran by Martin (Administrator) on 09.12.2015 at  2:35:51,37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0 




Registry: 0 





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 09.12.2015 at  2:37:37,36
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         
FRST:
Code:
ATTFilter
Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-12-2015
durchgeführt von Martin (Administrator) auf HORTKIND (09-12-2015 02:39:36)
Gestartet von C:\Users\Martin\Downloads
Geladene Profile: Martin & postgres &  (Verfügbare Profile: Martin & Franzi & Martin_2 & UpdatusUser & postgres)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 11 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Prozesse (Nicht auf der Ausnahmeliste) =================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Nicht auf der Ausnahmeliste) ===========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)

HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [803200 2015-12-01] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-1946159566-2597201721-649942275-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe"  /PROMPT /CMPID=JUNE2013_TB
HKU\S-1-5-21-1946159566-2597201721-649942275-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => E:\Steam\steam.exe [3011152 2015-11-10] (Valve Corporation)
HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2741616 2011-03-04] (Hewlett-Packard Company)
HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8461224 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-1946159566-2597201721-649942275-1006-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AVG-Secure-Search-Update_JUNE2013_TB] => "C:\Program Files (x86)\AVG Secure Search\AVG-Secure-Search-Update_JUNE2013_TB.exe"  /PROMPT /CMPID=JUNE2013_TB

==================== Internet (Nicht auf der Ausnahmeliste) ====================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{47F4B598-D74D-4473-AB02-AF9C25D58E8C}: [DhcpNameServer] 192.168.2.1 192.168.2.1
Tcpip\..\Interfaces\{70398351-FC00-42EC-A769-D01F7A60262C}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-1946159566-2597201721-649942275-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1946159566-2597201721-649942275-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-1946159566-2597201721-649942275-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {C40D9CA3-4BF2-45A9-98FD-0B54556E25DA} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=301e5fc1-5779-49b6-ae6c-294ef966bda2&apn_sauid=B4FF7A36-FCAF-43A1-9A41-C9AC28FE6075
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {39B95236-B403-4FFC-865F-632D50ED950A} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=AVR-3&o=APN10395&src=crm&q={searchTerms}&locale=de_DE&apn_ptnrs=^ABT&apn_dtid=^YYYYYY^YY^DE&apn_uid=301e5fc1-5779-49b6-ae6c-294ef966bda2&apn_sauid=B4FF7A36-FCAF-43A1-9A41-C9AC28FE6075
SearchScopes: HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxp://isearch.avg.com/search?cid={AE22BF52-6799-4A0B-A9F8-19CF6F86893C}&mid=ff31abb759e247d0a2f8d16f5effffac-3d5a0b6b088d02546a84e551975de48d0a65403a&lang=de&ds=nr011&pr=sa&d=2013-01-26 18:42:11&v=15.3.0.11&pid=avg&sg=0&sap=dsp&q={searchTerms}
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_31\bin\ssv.dll [2015-02-01] (Oracle Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-01] (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Kein Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> Keine Datei
Toolbar: HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Kein Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} -  Keine Datei
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/flashplayer/current/swflash.cab
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  Keine Datei

FireFox:
========
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_20_0_0_235.dll [2015-12-09] ()
FF Plugin: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_235.dll [2015-12-09] ()
FF Plugin-x32: @esn/esnlaunch,version=1.110.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.110.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=1.132.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.132.0\npesnlaunch.dll [Keine Datei]
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll [2013-02-28] (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [2014-04-10] (EA Digital Illusions CE AB)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [Keine Datei]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-01-18] (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-10-23] (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default\searchplugins\google-images.xml [2014-12-17]
FF SearchPlugin: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default\searchplugins\google-maps.xml [2014-12-17]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14] [ist nicht signiert]

Chrome: 
=======
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Dienste (Nicht auf der Ausnahmeliste) ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [948392 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [466408 2015-12-01] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1418560 2015-12-01] (Avira Operations GmbH & Co. KG)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [Datei ist nicht signiert]
S2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-06-21] ()
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-02-18] (PostgreSQL Global Development Group) [Datei ist nicht signiert]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Treiber (Nicht auf der Ausnahmeliste) ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [162072 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-08-17] (AVG Technologies)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [140448 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2015-09-01] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [75472 2015-12-01] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-12] (DT Soft Ltd)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-10-05] (Malwarebytes Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [8192 2005-03-29] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Ein Monat: Erstellte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-09 02:39 - 2015-12-09 02:39 - 00014818 _____ C:\Users\Martin\Downloads\FRST.txt
2015-12-09 02:39 - 2015-12-09 02:39 - 00000000 ____D C:\Users\Martin\Downloads\FRST-OlderVersion
2015-12-09 02:34 - 2015-12-09 02:34 - 01599336 _____ (Malwarebytes) C:\Users\Martin\Downloads\JRT.exe
2015-12-09 02:04 - 2015-12-09 02:04 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-12-09 02:03 - 2015-12-09 02:03 - 22908888 _____ (Malwarebytes ) C:\Users\Martin\Downloads\mbam-setup-2.2.0.1024.exe
2015-12-09 02:03 - 2015-12-09 02:03 - 00001102 _____ C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2015-12-09 02:03 - 2015-12-09 02:03 - 00000000 ____D C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2015-12-09 02:03 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-12-09 02:03 - 2015-10-05 09:50 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-12-09 02:03 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2015-12-09 01:55 - 2015-12-09 01:55 - 00000000 ____D C:\Users\Martin\AppData\Local\GWX
2015-12-09 01:51 - 2015-12-09 02:00 - 00000000 ____D C:\AdwCleaner
2015-12-09 01:50 - 2015-12-09 01:50 - 01738240 _____ C:\Users\Martin\Downloads\AdwCleaner_5.024.exe
2015-12-02 01:29 - 2015-12-02 01:37 - 00378062 _____ C:\TDSSKiller.3.1.0.7_02.12.2015_01.29.35_log.txt
2015-12-02 01:22 - 2015-12-09 02:39 - 00000000 ____D C:\FRST
2015-12-02 01:21 - 2015-12-09 02:39 - 02369024 _____ (Farbar) C:\Users\Martin\Downloads\FRST64.exe
2015-12-02 01:21 - 2015-12-02 01:21 - 04398264 _____ (Kaspersky Lab ZAO) C:\Users\Martin\Downloads\tdsskiller.exe
2015-12-01 23:01 - 2015-12-01 23:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-11-27 21:09 - 2015-11-28 00:00 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\25Assist
2015-11-27 21:08 - 2015-11-27 21:08 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\WinRAR
2015-11-27 21:07 - 2015-11-27 21:07 - 00000000 ____D C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-27 21:07 - 2015-11-27 21:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2015-11-27 21:07 - 2015-11-27 21:07 - 00000000 ____D C:\Program Files\WinRAR
2015-11-12 22:06 - 2015-11-03 18:55 - 03211264 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-11-10 23:11 - 2015-11-03 23:10 - 00390344 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-11-10 23:11 - 2015-11-03 22:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-11-10 23:11 - 2015-10-31 00:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-11-10 23:11 - 2015-10-31 00:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-11-10 23:11 - 2015-10-31 00:25 - 02886656 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-11-10 23:11 - 2015-10-31 00:25 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-11-10 23:11 - 2015-10-31 00:25 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-11-10 23:11 - 2015-10-31 00:24 - 00585728 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-11-10 23:11 - 2015-10-31 00:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-11-10 23:11 - 2015-10-31 00:12 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-11-10 23:11 - 2015-10-31 00:04 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-11-10 23:11 - 2015-10-30 23:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-11-10 23:11 - 2015-10-30 23:53 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-11-10 23:11 - 2015-10-30 23:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-11-10 23:11 - 2015-10-30 23:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-11-10 23:11 - 2015-10-30 23:46 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-11-10 23:11 - 2015-10-30 23:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-11-10 23:11 - 2015-10-30 23:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-11-10 23:11 - 2015-10-30 23:44 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2015-11-10 23:11 - 2015-10-30 23:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-11-10 23:11 - 2015-10-30 23:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-11-10 23:11 - 2015-10-30 23:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-11-10 23:11 - 2015-10-30 23:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-11-10 23:11 - 2015-10-30 23:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-11-10 23:11 - 2015-10-30 23:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-11-10 23:11 - 2015-10-30 23:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-11-10 23:11 - 2015-10-30 23:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-11-10 23:11 - 2015-10-30 23:32 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-11-10 23:11 - 2015-10-30 23:31 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-11-10 23:11 - 2015-10-30 23:29 - 02126336 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-11-10 23:11 - 2015-10-30 23:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-11-10 23:11 - 2015-10-30 23:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-11-10 23:11 - 2015-10-30 23:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-11-10 23:11 - 2015-10-30 23:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-11-10 23:11 - 2015-10-30 23:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2015-11-10 23:11 - 2015-10-30 23:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-11-10 23:11 - 2015-10-30 23:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2015-11-10 23:11 - 2015-10-30 23:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-11-10 23:11 - 2015-10-30 23:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-11-10 23:11 - 2015-10-30 23:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-11-10 23:11 - 2015-10-30 23:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-11-10 23:11 - 2015-10-30 23:04 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-11-10 23:11 - 2015-10-30 22:53 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-11-10 23:11 - 2015-10-30 22:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-11-10 23:11 - 2015-10-30 22:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 03168768 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 02608128 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-11-10 23:11 - 2015-10-20 19:42 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-11-10 23:11 - 2015-10-20 19:41 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-11-10 23:11 - 2015-10-20 19:41 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-11-10 23:11 - 2015-10-20 19:41 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-11-10 23:11 - 2015-10-20 19:41 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-11-10 23:11 - 2015-10-20 18:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-11-10 23:11 - 2015-10-20 18:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-11-10 23:10 - 2015-10-31 00:46 - 25818624 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-11-10 23:10 - 2015-10-31 00:25 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-11-10 23:10 - 2015-10-31 00:24 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-11-10 23:10 - 2015-10-31 00:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-11-10 23:10 - 2015-10-31 00:13 - 00616960 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-11-10 23:10 - 2015-10-31 00:12 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-11-10 23:10 - 2015-10-31 00:11 - 05990912 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-11-10 23:10 - 2015-10-31 00:11 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-11-10 23:10 - 2015-10-31 00:11 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-11-10 23:10 - 2015-10-31 00:01 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-11-10 23:10 - 2015-10-30 23:49 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-11-10 23:10 - 2015-10-30 23:49 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-11-10 23:10 - 2015-10-30 23:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-11-10 23:10 - 2015-10-30 23:34 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2015-11-10 23:10 - 2015-10-30 23:29 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-11-10 23:10 - 2015-10-30 23:22 - 14457856 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-11-10 23:10 - 2015-10-30 23:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-11-10 23:10 - 2015-10-30 23:17 - 02487808 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-11-10 23:10 - 2015-10-30 22:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-11-10 23:10 - 2015-10-29 18:50 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-11-10 23:10 - 2015-10-29 18:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-11-10 23:10 - 2015-10-29 18:49 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-11-10 23:10 - 2015-10-29 18:49 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-11-10 23:10 - 2015-10-20 02:12 - 05570496 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-11-10 23:10 - 2015-10-20 02:12 - 00154560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-11-10 23:10 - 2015-10-20 02:12 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-11-10 23:10 - 2015-10-20 02:09 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-11-10 23:10 - 2015-10-20 02:06 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 01164800 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00729600 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00344064 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-11-10 23:10 - 2015-10-20 02:05 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-11-10 23:10 - 2015-10-20 02:05 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-11-10 23:10 - 2015-10-20 02:05 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-11-10 23:10 - 2015-10-20 02:04 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-11-10 23:10 - 2015-10-20 02:04 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-11-10 23:10 - 2015-10-20 02:04 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-11-10 23:10 - 2015-10-20 02:00 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-11-10 23:10 - 2015-10-20 01:59 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:53 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-11-10 23:10 - 2015-10-20 01:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-11-10 23:10 - 2015-10-20 01:48 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-11-10 23:10 - 2015-10-20 01:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-11-10 23:10 - 2015-10-20 01:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-11-10 23:10 - 2015-10-20 01:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-11-10 23:10 - 2015-10-20 01:44 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-11-10 23:10 - 2015-10-20 01:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-11-10 23:10 - 2015-10-20 01:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 01:35 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:41 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-11-10 23:10 - 2015-10-20 00:40 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-11-10 23:10 - 2015-10-20 00:40 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-11-10 23:10 - 2015-10-20 00:29 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-11-10 23:10 - 2015-10-20 00:29 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-11-10 23:10 - 2015-10-20 00:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-11-10 23:10 - 2015-10-20 00:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-11-10 23:10 - 2015-10-13 17:41 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2015-11-10 23:10 - 2015-10-13 17:40 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2015-11-10 23:10 - 2015-10-13 05:57 - 00950720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2015-11-10 23:10 - 2015-10-01 19:00 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-11-10 23:10 - 2015-10-01 19:00 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-11-10 23:10 - 2015-10-01 18:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-11-10 23:10 - 2015-09-23 14:15 - 00460776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2015-11-10 23:10 - 2015-09-23 14:15 - 00299632 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2015-11-10 23:10 - 2015-09-23 14:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2015-11-09 21:18 - 2015-12-02 00:07 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2015-11-09 21:18 - 2015-11-09 21:18 - 00002047 _____ C:\Users\Public\Desktop\Acrobat Reader DC.lnk
2015-11-09 21:18 - 2015-11-09 21:18 - 00000000 ____D C:\Program Files (x86)\Adobe

==================== Ein Monat: Geänderte Dateien und Ordner ========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)

2015-12-09 02:33 - 2012-04-18 10:47 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-12-09 02:03 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-12-09 02:03 - 2009-07-14 05:45 - 00028944 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-12-09 01:55 - 2011-12-21 23:06 - 00000000 ____D C:\ProgramData\NVIDIA
2015-12-09 01:55 - 2009-07-14 06:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-12-09 00:33 - 2012-04-18 10:47 - 00796864 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-12-09 00:33 - 2012-04-18 10:47 - 00003822 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-12-09 00:33 - 2011-12-23 21:35 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-08 02:37 - 2012-01-02 21:03 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\TS3Client
2015-12-02 01:23 - 2009-07-14 04:20 - 00000000 ____D C:\Windows
2015-12-01 23:01 - 2015-09-27 23:02 - 00001952 _____ C:\Users\Public\Desktop\Avira Antivirus.lnk
2015-12-01 23:00 - 2015-09-27 23:01 - 00162072 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-12-01 23:00 - 2015-09-27 23:01 - 00140448 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-12-01 23:00 - 2015-09-27 23:01 - 00075472 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-11-27 23:26 - 2011-12-26 22:41 - 00233920 _____ C:\Windows\SysWOW64\PnkBstrB.xtr
2015-11-27 23:26 - 2011-12-23 02:37 - 00233920 _____ C:\Windows\SysWOW64\PnkBstrB.exe
2015-11-27 23:26 - 2011-12-23 02:37 - 00233920 _____ C:\Windows\SysWOW64\PnkBstrB.ex0
2015-11-27 22:48 - 2011-12-26 22:41 - 00000000 ____D C:\Users\Martin_2\AppData\Local\PunkBuster
2015-11-27 22:47 - 2012-02-05 18:50 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-11-16 00:10 - 2012-01-02 21:02 - 00000000 ____D C:\Users\Martin_2\AppData\Local\TeamSpeak 3 Client
2015-11-13 03:26 - 2011-04-12 08:43 - 00699432 _____ C:\Windows\system32\perfh007.dat
2015-11-13 03:26 - 2011-04-12 08:43 - 00149572 _____ C:\Windows\system32\perfc007.dat
2015-11-13 03:26 - 2009-07-14 06:13 - 01620684 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-13 03:26 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\inf
2015-11-13 03:20 - 2009-07-14 05:45 - 00366736 _____ C:\Windows\system32\FNTCACHE.DAT
2015-11-12 22:51 - 2009-07-14 04:20 - 00000000 ____D C:\Windows\rescache
2015-11-11 03:20 - 2013-08-15 02:02 - 00000000 ____D C:\Windows\system32\MRT
2015-11-11 03:14 - 2011-12-21 22:47 - 145617392 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-11-11 03:13 - 2012-04-12 17:06 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-11-11 03:06 - 2014-02-28 02:30 - 01594028 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-11-11 03:01 - 2011-04-12 08:55 - 00000000 ____D C:\Program Files\Windows Journal
2015-11-09 21:34 - 2012-01-03 21:29 - 00000000 ____D C:\Users\Martin_2\AppData\Local\Adobe
2015-11-09 21:34 - 2011-12-23 21:35 - 00000000 ____D C:\Users\Martin_2\AppData\Roaming\Adobe
2015-11-09 21:18 - 2014-12-23 22:17 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-11-09 21:18 - 2012-01-03 21:28 - 00000000 ____D C:\ProgramData\Adobe
2015-11-09 20:12 - 2015-11-06 23:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-11-09 20:12 - 2012-12-02 18:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======

2014-12-12 23:49 - 2014-12-12 23:49 - 0007605 _____ () C:\Users\Martin\AppData\Local\Resmon.ResmonCfg

Einige Dateien in TEMP:
====================
C:\Users\Franzi\AppData\Local\temp\avgnt.exe
C:\Users\Martin\AppData\Local\temp\avgnt.exe
C:\Users\Martin_2\AppData\Local\temp\avgnt.exe


==================== Bamital & volsnap =================

(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)

C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert


LastRegBack: 2015-12-07 18:10

==================== Ende von FRST.txt ============================
         
Addition:
Code:
ATTFilter
Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von Martin (2015-12-09 02:40:10)
Gestartet von C:\Users\Martin\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-12-21 20:59:34)
Start-Modus: Normal
==========================================================


==================== Konten: =============================

Administrator (S-1-5-21-1946159566-2597201721-649942275-500 - Administrator - Disabled)
Franzi (S-1-5-21-1946159566-2597201721-649942275-1004 - Limited - Enabled) => C:\Users\Franzi
Gast (S-1-5-21-1946159566-2597201721-649942275-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1946159566-2597201721-649942275-1002 - Limited - Enabled)
Martin (S-1-5-21-1946159566-2597201721-649942275-1000 - Administrator - Enabled) => C:\Users\Martin
Martin_2 (S-1-5-21-1946159566-2597201721-649942275-1005 - Limited - Enabled) => C:\Users\Martin_2
postgres (S-1-5-21-1946159566-2597201721-649942275-1008 - Limited - Enabled) => C:\Users\postgres
UpdatusUser (S-1-5-21-1946159566-2597201721-649942275-1006 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Sicherheits-Center ========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)

AV: Avira Antivirus (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installierte Programme ======================

(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)

Adobe Acrobat Reader DC - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AC0F074E4100}) (Version: 15.009.20079 - Adobe Systems Incorporated)
Adobe Flash Player 20 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 20.0.0.228 - Adobe Systems Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.235 - Adobe Systems Incorporated)
America's Army: Proving Grounds Beta (HKLM-x32\...\Steam App 203290) (Version:  - )
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.15.125 - Avira Operations GmbH & Co. KG)
Avira SearchFree Toolbar plus Web Protection Updater (HKU\S-1-5-21-1946159566-2597201721-649942275-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.3.0.23930 - Ask.com) <==== ACHTUNG
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Die Siedler - Aufbruch der Kulturen (HKLM-x32\...\SADK) (Version:  - )
dm-Fotowelt (HKLM-x32\...\dm-Fotowelt) (Version: 5.1.7 - CEWE Stiftung u Co. KGaA)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Europa Universalis IV (HKLM-x32\...\Steam App 236850) (Version:  - Paradox Development Studio)
Free Audio CD Burner version 2.0.33.525 (HKLM-x32\...\Free Audio CD Burner_is1) (Version: 2.0.33.525 - DVDVideoSoft Ltd.)
Free YouTube to MP3 Converter version 3.12.59.525 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.59.525 - DVDVideoSoft Ltd.)
HP Deskjet 2050 J510 series - Grundlegende Software für das Gerät (HKLM\...\{54B0845F-5540-4492-9939-CD8880ABABF0}) (Version: 22.50.231.0 - Hewlett-Packard Co.)
HP Deskjet 2050 J510 series Hilfe (HKLM-x32\...\{7A3DF2E2-CF13-44FB-A93E-F71D5381DB3F}) (Version: 140.0.61.61 - Hewlett Packard)
Java 8 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418031F0}) (Version: 8.0.310 - Oracle Corporation)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Malwarebytes Anti-Malware Version 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mein CEWE FOTOBUCH (HKLM-x32\...\Mein CEWE FOTOBUCH) (Version: 5.1.3 - CEWE Stiftung u Co. KGaA)
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 42.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 42.0 (x86 de)) (Version: 42.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Controller-Treiber 306.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 306.23 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 311.06 - NVIDIA Corporation)
NVIDIA Grafiktreiber 311.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.06 - NVIDIA Corporation)
NVIDIA PhysX-Systemsoftware 9.12.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.0604 - NVIDIA Corporation)
NVIDIA Update 1.11.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.11.3 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Origin (HKLM-x32\...\Origin) (Version: 8.5.2.23 - Electronic Arts, Inc.)
PokerStars.eu (HKLM-x32\...\PokerStars.eu) (Version:  - PokerStars.eu)
PostgreSQL 8.4 (HKLM-x32\...\PostgreSQL 8.4) (Version: 8.4 - PostgreSQL Global Development Group)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sid Meier's Civilization: Beyond Earth (HKLM-x32\...\Steam App 65980) (Version:  - Firaxis Games)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
Warcraft III (HKLM-x32\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-1946159566-2597201721-649942275-1000\...\Warcraft III) (Version:  - )
Warcraft III: All Products (HKU\S-1-5-21-1946159566-2597201721-649942275-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Warcraft III) (Version:  - )
WinRAR 5.30 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version:  - Wargaming.net)

==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)


==================== Wiederherstellungspunkte =========================

09-11-2015 20:49:33 Geplanter Prüfpunkt
11-11-2015 02:58:37 Windows Update
13-11-2015 03:00:19 Windows Update
27-11-2015 20:55:29 Geplanter Prüfpunkt
07-12-2015 18:17:32 Geplanter Prüfpunkt
09-12-2015 02:35:54 JRT Pre-Junkware Removal

==================== Hosts Inhalt: ===============================

(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)

2009-07-14 03:34 - 2014-12-16 00:11 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

Task: {40A1B172-BFC3-447A-A94B-6BE59EF6D54C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-09] (Adobe Systems Incorporated)
Task: {5F988119-92A6-4FE0-AC1D-59F8B228526B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated)
Task: {6E54DBE4-2439-456B-A0D5-C6DC8B2DD6A1} - System32\Tasks\HpWebReg.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HpWebReg.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {AFC2E1DD-36A9-4AA5-8DF2-6BF723AA7FE4} - System32\Tasks\{3AAF5C2C-095A-4AF7-8577-6B2E77592076} => Iexplore.exe hxxp://ui.skype.com/ui/0/6.1.0.129.272/de/abandoninstall?page=tsProgressBar
Task: {BB1B2AB9-47E5-4641-AE8F-BA210B6BA02C} - System32\Tasks\HP Deskjet 2050 J510 series.exe => C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\HP Deskjet 2050 J510 series.exe [2010-11-16] (Hewlett-Packard Co.)
Task: {D77A1060-02D8-41C4-8CF2-7080D4D161CD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Verknüpfungen =============================

(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)

==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============

2011-12-23 02:37 - 2014-06-21 02:14 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2015-02-06 15:15 - 2014-02-18 09:11 - 00172032 _____ () c:\postgreSQL\bin\LIBPQ.dll
2015-02-06 15:16 - 2012-08-14 14:19 - 00999424 _____ () c:\postgreSQL\bin\libxml2.dll

==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)


==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)


==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)


==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)


==================== Andere Bereiche ============================

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

HKU\S-1-5-21-1946159566-2597201721-649942275-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1946159566-2597201721-649942275-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1946159566-2597201721-649942275-1004-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Franzi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-1946159566-2597201721-649942275-1005-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Control Panel\Desktop\\Wallpaper -> C:\Users\Martin_2\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.2.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist deaktiviert.

==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==

(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)

MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============

(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)

FirewallRules: [{4D4DAEB3-50B6-4AFB-9089-49E140718FFC}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{6A87580C-6250-4A10-A786-386801CCD9F0}] => (Allow) C:\Program Files\HP\HP Deskjet 2050 J510 series\Bin\USBSetup.exe
FirewallRules: [{D32DF0ED-DABF-49FC-8CE8-153A5DE53E8F}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{2B1AB722-4096-496E-8F7B-5A5763151F1C}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{BA924145-3367-433F-B9B1-E5538F994E65}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{71384331-E5FF-4A44-9473-A040ADB041AB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{AC60C9F0-5C7F-4C60-80AF-A823F70D063C}E:\warcraft iii\war3.exe] => (Allow) E:\warcraft iii\war3.exe
FirewallRules: [UDP Query User{5FD8D355-CC2C-426E-BD8C-F8E8E50DFC95}E:\warcraft iii\war3.exe] => (Allow) E:\warcraft iii\war3.exe
FirewallRules: [{B9437D32-A009-494B-8CB2-9B15648DC51A}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{FEB4C588-588E-4DC1-9561-FBD1D2DDEB7B}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{1E0EB67B-7F4A-4BF9-BA34-2248B5B5D934}] => (Allow) E:\Diablo III\Diablo III.exe
FirewallRules: [{BAC7A7FF-EC53-4D74-976C-DDF004FD770D}] => (Allow) E:\Diablo III\Diablo III.exe
FirewallRules: [TCP Query User{0DFF146F-3969-40B8-8D8A-AF215E9DD3AF}E:\world_of_tanks\worldoftanks.exe] => (Allow) E:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{D818B4D1-4447-4386-9EF2-04E6B2F54040}E:\world_of_tanks\worldoftanks.exe] => (Allow) E:\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{BD2F3E3A-6202-4065-8010-90C20D862ECB}E:\world_of_tanks\wotlauncher.exe] => (Allow) E:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{8353764E-2D3B-42C2-93DC-D8A9E0570A2B}E:\world_of_tanks\wotlauncher.exe] => (Allow) E:\world_of_tanks\wotlauncher.exe
FirewallRules: [{1BD99672-03CD-476F-AF3F-DFC66BAC234E}] => (Allow) E:\StarCraft II\StarCraft II.exe
FirewallRules: [{661FC810-267C-4C3E-BBAE-0FE0BDC1C3AA}] => (Allow) E:\StarCraft II\StarCraft II.exe
FirewallRules: [{E37A7749-137E-4FD3-9971-3289C284650B}] => (Allow) E:\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [{71ABFE45-F5EC-44CB-B038-181866A891BE}] => (Allow) E:\StarCraft II\StarCraft II Public Test.exe
FirewallRules: [TCP Query User{77A39096-3684-4E52-BD38-FF925CB275D8}E:\starcraft ii\versions\base24944\sc2.exe] => (Allow) E:\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [UDP Query User{6B97C22F-3F5B-4578-BB70-7162E48030C1}E:\starcraft ii\versions\base24944\sc2.exe] => (Allow) E:\starcraft ii\versions\base24944\sc2.exe
FirewallRules: [{52360F0A-803F-43A0-A997-37A29A94CAC3}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{354F0C22-5D91-4858-9AD2-1F8137AAB27E}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{9BB0F549-145F-493B-A9DB-9ACD8B246876}E:\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) E:\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [UDP Query User{BF2FFAE4-5400-4947-9DEA-8C3F824A0F64}E:\steam\steamapps\common\europa universalis iv\eu4.exe] => (Allow) E:\steam\steamapps\common\europa universalis iv\eu4.exe
FirewallRules: [{765600F6-7F53-4262-8842-3E3AC844B5BB}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{3B840478-C2A0-4507-ACF7-38DA949BB274}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{EB44CFA7-CC1E-431B-A107-819428E7DE8B}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{D877DCEB-3CD5-409E-972F-5AB9266E8BB6}] => (Allow) E:\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{7EACA803-C806-493E-ADBD-62881207F774}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{D26484FA-D4A8-4E30-8F09-CFAA653A6376}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe
FirewallRules: [{171CC73E-4337-445F-B758-F148D8357B7C}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{8848C9DC-8840-4D48-84B8-6E078A1217EC}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [TCP Query User{2D9E1F6D-B1AE-480C-B54D-8165990D5FB0}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [UDP Query User{7772A721-EB86-419B-A833-FE9DA6CC2ABF}C:\programdata\battle.net\agent\agent.2880\agent.exe] => (Allow) C:\programdata\battle.net\agent\agent.2880\agent.exe
FirewallRules: [TCP Query User{0DD20770-675C-4B22-8FD5-E33F897B09D8}E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [UDP Query User{176B0B1A-DFEC-4C20-A604-2598FA4A55DF}E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe] => (Allow) E:\steam\steamapps\common\america's army\aapg\binaries\win32\aagame.exe
FirewallRules: [{3BC3A213-D2E6-42CC-B4F3-1DD4086386A0}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{8306151D-1726-4126-98E1-D269460F4207}] => (Allow) E:\Steam\bin\steamwebhelper.exe
FirewallRules: [{C94727CC-BA27-45FD-8D9C-18C32B4CF201}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{1D98E21C-C1D3-4745-9C8A-CA7AEB893677}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.3286\Agent.exe
FirewallRules: [{DBE9B1F7-8340-4BD1-A89E-A3BE6DB1D9CF}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{127EC0A1-2047-4213-8801-4539AA529213}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization V\Launcher.exe
FirewallRules: [{0D099624-D553-435C-AEC6-D5B30CF9C3B0}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{80B4ACDC-4381-4828-A3D7-AC3447DD7CDD}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_DX11.exe
FirewallRules: [{4E5BF445-DFAA-4D71-9C72-4F8221C1EA2A}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{CED86F52-4553-4674-B73E-6166342DFAC5}] => (Allow) E:\Steam\SteamApps\common\Sid Meier's Civilization Beyond Earth\CivilizationBE_Mantle.exe
FirewallRules: [{C61F78F6-F8DB-48CD-8772-41CD6EF7D049}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{C00F5169-10C9-42B0-AC09-9960712384FD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{2A479E5E-D00A-45DF-A305-BD0B8A363611}] => (Allow) LPort=5432
FirewallRules: [{9192585E-D207-4C1B-9953-5D09A54893E5}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{87A0EC8A-3BDE-4421-B4DE-54C172CD0D68}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win32\dota2.exe
FirewallRules: [{09F078DF-C6F8-4E16-800B-79F9ABD72FB8}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{7660A974-1AC3-456D-9765-48747D39000A}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\AALauncher32.exe
FirewallRules: [{00CA72EE-76E2-440A-AAFF-08F1F3FE3EED}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{765E56CB-6FAA-45E6-A8A8-E540472428A2}] => (Allow) E:\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe
FirewallRules: [{0514B855-93F0-4123-86E9-4FEB713C61F1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D8FF3575-D4A0-42EE-8C40-FBD6166A5CB7}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A29973C5-59F7-4916-A428-59AD081E0525}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [{1DA23919-688F-411A-88E5-BDE68E00D391}] => (Allow) E:\Steam\SteamApps\common\America's Army\AAPG\Binaries\Win32\AALauncher32.exe
FirewallRules: [TCP Query User{B0F9CDD7-628C-4AC0-89E8-04D8BFE3CD2A}C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe] => (Allow) C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe
FirewallRules: [UDP Query User{11AB80CB-6110-46AE-8271-637CE3E35A52}C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe] => (Allow) C:\users\martin_2\appdata\roaming\25assist\armyops\system\armyops.exe

==================== Fehlerhafte Geräte im Gerätemanager =============

Name: Standardtastatur (PS/2)
Description: Standardtastatur (PS/2)
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardtastaturen)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Fehlereinträge in der Ereignisanzeige: =========================

Applikationsfehler:
==================
Error: (12/09/2015 01:55:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/09/2015 01:55:29 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-12-09 01:55:29 CETFATAL:  the database system is starting up

Error: (12/08/2015 10:33:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/08/2015 10:33:19 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-12-08 22:33:19 CETFATAL:  the database system is starting up

Error: (12/07/2015 05:45:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/07/2015 05:45:29 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-12-07 17:45:29 CETFATAL:  the database system is starting up

Error: (12/06/2015 10:17:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/06/2015 10:16:50 PM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-12-06 22:16:50 CETFATAL:  the database system is starting up

Error: (12/04/2015 12:11:20 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (12/04/2015 12:10:55 AM) (Source: PostgreSQL) (EventID: 0) (User: )
Description: 2015-12-04 00:10:55 CETFATAL:  the database system is starting up


Systemfehler:
=============
Error: (12/09/2015 02:36:15 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "NVIDIA Display Driver Service" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/09/2015 01:57:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "NVIDIA Update Service Daemon" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (12/09/2015 01:57:50 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "nvUpdatusService" konnte sich nicht als ".\UpdatusUser" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1330

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (12/09/2015 01:54:09 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Der Versuch des Dienststeuerungs-Managers, nach dem unerwarteten Beenden des Dienstes "Windows Search" Korrekturmaßnahmen (Neustart des Diensts) durchzuführen, ist fehlgeschlagen. Fehler: 
%%1056

Error: (12/09/2015 01:53:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Software Protection" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/09/2015 01:53:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Modules Installer" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 120000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/09/2015 01:53:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Search" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/09/2015 01:53:37 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Der Dienst "Windows Media Player-Netzwerkfreigabedienst" wurde unerwartet beendet. Dies ist bereits 1 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 30000 Millisekunden durchgeführt: Neustart des Diensts.

Error: (12/09/2015 01:53:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "postgresql-8.4 - PostgreSQL Server 8.4" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.

Error: (12/09/2015 01:53:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Dienst "PnkBstrA" wurde unerwartet beendet. Dies ist bereits 1 Mal passiert.


CodeIntegrity:
===================================
  Date: 2014-12-16 00:10:42.684
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.

  Date: 2014-12-16 00:10:42.637
  Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.


==================== Speicherinformationen =========================== 

Prozessor: Intel(R) Core(TM)2 Quad CPU Q9300 @ 2.50GHz
Prozentuale Nutzung des RAM: 31%
Installierter physikalischer RAM: 4094.85 MB
Verfügbarer physikalischer RAM: 2804.31 MB
Summe virtueller Speicher: 8187.91 MB
Verfügbarer virtueller Speicher: 6461.66 MB

==================== Laufwerke ================================

Drive c: () (Fixed) (Total:270.35 GB) (Free:179.12 GB) NTFS
Drive d: (CIVILIZATION5) (CDROM) (Total:3.02 GB) (Free:0 GB) CDFS
Drive e: (Volume) (Fixed) (Total:195.31 GB) (Free:90.57 GB) NTFS

==================== MBR & Partitionstabelle ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 194F194F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=270.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)

==================== Ende von Addition.txt ============================
         

Alt 09.12.2015, 17:59   #9
M-K-D-B
/// TB-Ausbilder
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



Servus,




Hinweis: Der Suchlauf mit ESET kann länger dauern.





Schritt 1
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument


Code:
ATTFilter
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.







Schritt 2
Downloade dir die passende Version von HitmanPro auf deinen Desktop: HitmanPro - 32 Bit | HitmanPro - 64 Bit.
  • Starte die HitmanPro.exe
  • Klicke auf
  • Entferne den Haken bei
  • Klicke auf
    und
  • Akzeptiere die Lizenzbedingungen und klicke auf
  • Klicke auf

    und auf
  • Wenn der Scan beendet wurde, nichts löschen lassen etc. sondern wähle unten links auf der Button-Leiste
    und speichere die Logdatei auf Deinem Desktop.
  • Schließe HitmanPro und poste mir das Log.

 







Schritt 3

ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset








Schritt 4
  • Starte die FRST.exe erneut. Setze einen Haken vor Addition.txt und drücke auf Untersuchen.
  • FRST erstellt wieder zwei Logdateien (FRST.txt und Addition.txt).
  • Poste mir beide Logdateien mit deiner nächsten Antwort.






Bitte poste mit deiner nächsten Antwort
  • die Logdatei des FRST-Fix,
  • die Logdatei von HitmanPro,
  • die Logdatei von ESET,
  • die beiden neuen Logdateien von FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 10.12.2015, 11:22   #10
Ossel
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



Werde heute abend schauen das ich es durchführe.

Alt 10.12.2015, 20:46   #11
M-K-D-B
/// TB-Ausbilder
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



Ok.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 11.12.2015, 18:37   #12
Ossel
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



FRST-Fix:

Code:
ATTFilter
Entferungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-12-2015
durchgeführt von Martin (2015-12-11 18:22:59) Run:1
Gestartet von C:\Users\Martin\Downloads
Geladene Profile: Martin & postgres (Verfügbare Profile: Martin & Franzi & Martin_2 & UpdatusUser & postgres)
Start-Modus: Normal
==============================================

fixlist Inhalt:
*****************
start
CloseProcesses:
RemoveProxy:
CMD: ipconfig /flushdns
CMD: netsh winsock reset
EmptyTemp:
end
         
*****************

Prozess erfolgreich geschlossen.

========= RemoveProxy: =========

HKU\S-1-5-21-1946159566-2597201721-649942275-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => Wert erfolgreich entfernt
HKU\S-1-5-21-1946159566-2597201721-649942275-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => Wert erfolgreich entfernt


========= Ende von RemoveProxy: =========


=========  ipconfig /flushdns =========


Windows-IP-Konfiguration

Der DNS-Aufl�sungscache wurde geleert.

========= Ende von CMD: =========


=========  netsh winsock reset =========


Der Winsock-Katalog wurde zur�ckgesetzt.
Sie m�ssen den Computer neu starten, um den Vorgang abzuschlie�en.


========= Ende von CMD: =========

EmptyTemp: => 153 MB temporäre Dateien entfernt.


Das System musste neu gestartet werden.

==== Ende von Fixlog 18:23:11 ====
         
HitmanPro:

Code:
ATTFilter
HitmanPro 3.7.10.251
www.hitmanpro.com

   Computer name . . . . : HORTKIND
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : Hortkind\Martin
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2015-12-11 18:31:01
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 5m 27s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 0
   Traces  . . . . . . . : 92

   Objects scanned . . . : 2.017.790
   Files scanned . . . . : 56.587
   Remnants scanned  . . : 487.579 files / 1.473.624 keys

Suspicious files ____________________________________________________________

   C:\Users\Martin\AppData\Local\PunkBuster\BF3\pb\dll\wc002286.dll
      Size . . . . . . . : 942.907 bytes
      Age  . . . . . . . : 1426.7 days (2012-01-15 01:43:42)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 151573760160ED491B4528616FF16C058966B9555B73E804AF1CD60B3F8EB33D
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
      Size . . . . . . . : 942.907 bytes
      Age  . . . . . . . : 1426.7 days (2012-01-15 01:43:42)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 151573760160ED491B4528616FF16C058966B9555B73E804AF1CD60B3F8EB33D
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin\AppData\Local\PunkBuster\BF3\pb\pbclold.dll
      Size . . . . . . . : 951.497 bytes
      Age  . . . . . . . : 1426.7 days (2012-01-15 01:39:27)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 43358BBCEC1EBE7927CA3B0A3DCA0597D5E8584F0FCBE987B8126A0C12D73A2B
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys
      Size . . . . . . . : 139.688 bytes
      Age  . . . . . . . : 1426.7 days (2012-01-15 01:39:47)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 643818A644C5A07C59DFACE042F53ACF33FAE290276555B3688066C40A024FB2
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin\Downloads\FRST64.exe
      Size . . . . . . . : 2.369.024 bytes
      Age  . . . . . . . : 2.7 days (2015-12-09 02:39:26)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : DD61D2EA4C8059F67734E11221DED682276773D0361CB530D346E4C01C0A0176
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Martin\Downloads\FRST64.exe
          0.9s C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\5ftby32f.default\datareporting\archived\2015-12\1449624772249.1ef9583a-4807-40bc-b9cd-cda943a19bb8.main.jsonlz4

   C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbcl.dll
      Size . . . . . . . : 930.024 bytes
      Age  . . . . . . . : 13.8 days (2015-11-27 22:48:51)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 13B3D879B8F163A8378CDD83EB290403BBA3708E7004380EF6645C39DE868FE1
      Fuzzy  . . . . . . : 30.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
         Program contains PE structure anomalies. This is not typical for most programs.
      Forensic Cluster
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbcl.db
         -0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\
         -0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\
         -0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbclgame.cfg
         -0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbcl.db
          0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbcl.dll
          0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbag.dll
          0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\scrnshot\
          0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\dll\
          0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\htm\
         11.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\PnkBstrB.exe
         13.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D47DBD2F9E3365FBBE008D71FB06716F_4DD1053BCC726DA41115FFF4C7D6E9CC
         13.5s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D47DBD2F9E3365FBBE008D71FB06716F_4DD1053BCC726DA41115FFF4C7D6E9CC
         13.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4DD39726D4B55AC3B4119B35A893323C_D9FA1A7D52109971837F7989B56BFE53
         13.7s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4DD39726D4B55AC3B4119B35A893323C_D9FA1A7D52109971837F7989B56BFE53
         20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\PnkBstrK.sys

   C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\PnkBstrK.sys
      Size . . . . . . . : 139.136 bytes
      Age  . . . . . . . : 13.8 days (2015-11-27 22:49:12)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 79CAD9D90619FEAECABBFD635AA54B9932345BC59656FAFA9169871ED28D299E
      RSA Key Size . . . : 1024
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 23.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.
      Forensic Cluster
         -20.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbcl.db
         -20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\
         -20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\
         -20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbclgame.cfg
         -20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbcl.db
         -20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbcl.dll
         -20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\pbag.dll
         -20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\scrnshot\
         -20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\dll\
         -20.7s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\htm\
         -9.1s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\PnkBstrB.exe
         -7.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\D47DBD2F9E3365FBBE008D71FB06716F_4DD1053BCC726DA41115FFF4C7D6E9CC
         -7.2s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\D47DBD2F9E3365FBBE008D71FB06716F_4DD1053BCC726DA41115FFF4C7D6E9CC
         -7.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\4DD39726D4B55AC3B4119B35A893323C_D9FA1A7D52109971837F7989B56BFE53
         -7.0s C:\Windows\SysWOW64\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\4DD39726D4B55AC3B4119B35A893323C_D9FA1A7D52109971837F7989B56BFE53
          0.0s C:\Users\Martin_2\AppData\Local\PunkBuster\AAO\pb\PnkBstrK.sys

   C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002286.dll
      Size . . . . . . . : 942.907 bytes
      Age  . . . . . . . : 1438.8 days (2012-01-02 22:18:25)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 151573760160ED491B4528616FF16C058966B9555B73E804AF1CD60B3F8EB33D
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002287.dll
      Size . . . . . . . : 948.113 bytes
      Age  . . . . . . . : 1416.7 days (2012-01-25 00:33:07)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 1BE27031845D80D6803C15BCE2EBE1276C0CA17F3BD47FDA8EAD97DBF5A517AF
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002288.dll
      Size . . . . . . . : 948.118 bytes
      Age  . . . . . . . : 1411.7 days (2012-01-30 00:37:53)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 3192353354FE593051B33886088D4C312ACB9A653D874281B2EBF131B80415CB
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002292.dll
      Size . . . . . . . : 956.681 bytes
      Age  . . . . . . . : 1317.9 days (2012-05-02 20:07:16)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 7218A15A9890CE82EB25F7AB5AC7AA60B4E3055C5574B70A6CABA4274D6DE493
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002317.dll
      Size . . . . . . . : 949.613 bytes
      Age  . . . . . . . : 1171.9 days (2012-09-25 20:03:19)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 15059F09B1D62DEA6B5D22EF9E0D062411C167378D870AE339AAB50B0BDC7FC0
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002325.dll
      Size . . . . . . . : 959.376 bytes
      Age  . . . . . . . : 1021.1 days (2013-02-23 16:10:17)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : A85592ACDCFDA7C0293504A5F5279C2654ACC0E6D2398ED8958F6E03F05DCEB5
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\dll\wc002331.dll
      Size . . . . . . . : 963.480 bytes
      Age  . . . . . . . : 580.9 days (2014-05-09 21:39:31)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
      Size . . . . . . . : 963.480 bytes
      Age  . . . . . . . : 580.8 days (2014-05-09 23:11:21)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\pbclold.dll
      Size . . . . . . . : 963.480 bytes
      Age  . . . . . . . : 1445.8 days (2011-12-26 22:41:48)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin_2\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys
      Size . . . . . . . : 139.032 bytes
      Age  . . . . . . . : 1445.8 days (2011-12-26 22:42:10)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 0CA9D48C9E3D938121A73EBE6EA3FBE19A9AE017EEDA066A22CF254A688A98C2
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin_2\AppData\Local\PunkBuster\PG\pb\dll\wc002341.dll
      Size . . . . . . . : 965.880 bytes
      Age  . . . . . . . : 538.7 days (2014-06-21 02:14:14)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 9D84C917D9E747EDCBB23A765E2D70C8AE9E629556BB19613136B4C7598062BE
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin_2\AppData\Local\PunkBuster\PG\pb\pbcl.dll
      Size . . . . . . . : 965.880 bytes
      Age  . . . . . . . : 396.8 days (2014-11-09 22:51:16)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 9D84C917D9E747EDCBB23A765E2D70C8AE9E629556BB19613136B4C7598062BE
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin_2\AppData\Local\PunkBuster\PG\pb\pbclold.dll
      Size . . . . . . . : 965.880 bytes
      Age  . . . . . . . : 538.7 days (2014-06-21 01:02:28)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 9D84C917D9E747EDCBB23A765E2D70C8AE9E629556BB19613136B4C7598062BE
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin_2\AppData\Local\PunkBuster\PG\pb\PnkBstrK.sys
      Size . . . . . . . : 140.160 bytes
      Age  . . . . . . . : 538.7 days (2014-06-21 01:02:40)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : C5FF96EF8AC37C5B02579173DBA6BC9E8148381BC9817C426600968A7BAAF168
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\wc002243.dll
      Size . . . . . . . : 930.024 bytes
      Age  . . . . . . . : 13.8 days (2015-11-27 22:43:52)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 13B3D879B8F163A8378CDD83EB290403BBA3708E7004380EF6645C39DE868FE1
      Fuzzy  . . . . . . : 30.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
         Program contains PE structure anomalies. This is not typical for most programs.
      Forensic Cluster
         -1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\
         -1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\splash.bmp
         -1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AA.key
         -1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\sso.public.rsa.key
         -1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pbag.bin
         -1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\RunServer.bat
         -1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\RunServerTournament.bat
         -1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Config\
         -1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Config\AceKilla.txt
         -1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AdditionalCredits.txt
         -1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyOpsGlossary.txt
         -1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyOpsReadMe.txt
         -1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\credits.txt
         -1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\creditsarmy.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_Acog_4x.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_ACOG_Reflex.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_Harris_Bipod.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_heatshield.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_Ironsight.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M203A1_Grenade.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M4qd_suppressor.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M583A1_Flare.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M68_Aimpoint.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_NONE.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\overview.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Config\Poland.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Weapon_AKS74U.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Weapon_M4A1.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AntiPoke.ini
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Build.ini
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Default.ini
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\DefUnrealEd.ini
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\DefUser.ini
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Distribution.ini
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\FanSites.ini
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Help.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\KeyBindings.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Links.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\maap71.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\maap720.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\maap721.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Partners.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\server.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Services.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\tournament.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\tours.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UPlaylists.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\WeaponMods.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyGameEULA.rtf
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\PunkBusterEULA.rtf
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\libandromeda.so
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\DtC6dal.dat
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\DtC6dl.dat
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt16M9bs.dat
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt16M9fs.dat
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt8S9bs.dat
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt8S9fs.dat
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\aa.sdk.key.data
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\aa.sdk.rsa.data
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP.int
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Interface.int
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Vehicles.int
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ALAudio.int
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Core.int
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\D3DDrv.int
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Editor.int
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Engine.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IpDrv.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Setup.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Skins.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\SoftDrv.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Startup.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UnrealEd.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UWeb.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Vehicles.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Window.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\WinDrv.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\XInterface.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\CivDoc_3P.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\CivDoc_3P.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\COGGruntMesh.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\DI-oc3entver.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\DI-oc3entver.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\DocF_Nurse.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\DocM_Labcoat.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\George_FlakVest.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SF_3P.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierF_Infantry_ClassB.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_Infantry_ClassB.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_Instr_AA.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_Pilot.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_SF_RBA_AdvMarksman.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_SF_RBA_Rifleman.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_SF_RBA_Saw.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\UT-Ref-maya.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\CivDocFemale_3P.map
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\CivDoc_3P.map
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\COGGruntMesh.map
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\DI-oc3entver.map
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\SF_3P.map
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\SoldierM_Infantry_ClassB.map
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\UT-Ref-maya.map
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Packages.MD5
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AA25Characters.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_AI.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Characters.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Effects.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Game.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Gameplay.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Interface.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Inventory.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Objects.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Script.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Security.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_UI.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Vehicles.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Andromeda.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AntiPoke.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Core.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Editor.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Engine.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Fire.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Gameplay.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IpDrv.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\mAApFriend.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\mAApKActor.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\SpankyCameraTextureClient.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\TriggerLightReset.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UnrealEd.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UTelnet.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\XInterface.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\BugSubmit.URL
         -0.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyOps.exe
         -0.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\BugReport.exe
         -0.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Server.exe
         -0.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Interface.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Utils.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Vehicles.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ALAudio.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Andromeda.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Core.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\D3DDrv.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\DBGHELP.DLL
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\defOpenAL32.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Editor.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Engine.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Fire.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\GSMSLibrary.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IFC23.DLL
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ImpersonatorLib_rd.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IpDrv.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\libandromeda.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\libgmp.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\msvcp71.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\msvcr71.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ogg.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbag.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbcl.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\vorbis.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\vorbisfile.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\wa001371.dll
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\wc002243.dll
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Window.dll
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\WinDrv.dll
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\XInterface.dll
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Save\
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\scrnshot\
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\htm\
          1.2s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbclgame.cfg

   C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbcl.dll
      Size . . . . . . . : 930.024 bytes
      Age  . . . . . . . : 13.8 days (2015-11-27 22:43:52)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 13B3D879B8F163A8378CDD83EB290403BBA3708E7004380EF6645C39DE868FE1
      Fuzzy  . . . . . . : 30.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
         Program contains PE structure anomalies. This is not typical for most programs.
      Forensic Cluster
         -1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\
         -1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\splash.bmp
         -1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AA.key
         -1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\sso.public.rsa.key
         -1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pbag.bin
         -1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\RunServer.bat
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\RunServerTournament.bat
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Config\
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Config\AceKilla.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AdditionalCredits.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyOpsGlossary.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyOpsReadMe.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\credits.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\creditsarmy.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_Acog_4x.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_ACOG_Reflex.txt
         -1.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_Harris_Bipod.txt
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_heatshield.txt
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_Ironsight.txt
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M203A1_Grenade.txt
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M4qd_suppressor.txt
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M583A1_Flare.txt
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_M68_Aimpoint.txt
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Mod_NONE.txt
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\overview.txt
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Config\Poland.txt
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Weapon_AKS74U.txt
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Descriptions\Weapon_M4A1.txt
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AntiPoke.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Build.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Default.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\DefUnrealEd.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\DefUser.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Distribution.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\FanSites.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Help.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\KeyBindings.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Links.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\maap71.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\maap720.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\maap721.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Partners.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\server.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Services.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\tournament.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\tours.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UPlaylists.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\WeaponMods.ini
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyGameEULA.rtf
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\PunkBusterEULA.rtf
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\libandromeda.so
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\DtC6dal.dat
         -1.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\DtC6dl.dat
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt16M9bs.dat
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt16M9fs.dat
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt8S9bs.dat
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Wt8S9fs.dat
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\aa.sdk.key.data
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\aa.sdk.rsa.data
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Interface.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Vehicles.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ALAudio.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Core.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\D3DDrv.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Editor.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Engine.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IpDrv.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Setup.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Skins.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\SoftDrv.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Startup.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UnrealEd.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UWeb.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Vehicles.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Window.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\WinDrv.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\XInterface.int
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\CivDoc_3P.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\CivDoc_3P.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\COGGruntMesh.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\DI-oc3entver.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\DI-oc3entver.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\DocF_Nurse.lad
         -0.9s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\DocM_Labcoat.lad
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\George_FlakVest.lad
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SF_3P.lad
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierF_Infantry_ClassB.lad
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_Infantry_ClassB.lad
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_Instr_AA.lad
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_Pilot.lad
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_SF_RBA_AdvMarksman.lad
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_SF_RBA_Rifleman.lad
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\SoldierM_SF_RBA_Saw.lad
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Controllers\UT-Ref-maya.lad
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\CivDocFemale_3P.map
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\CivDoc_3P.map
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\COGGruntMesh.map
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\DI-oc3entver.map
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\SF_3P.map
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\SoldierM_Infantry_ClassB.map
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\LipSincData\Mappings\UT-Ref-maya.map
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Packages.MD5
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AA25Characters.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_AI.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Characters.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Effects.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Game.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Gameplay.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Interface.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Inventory.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Objects.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Script.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Security.u
         -0.8s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_UI.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Vehicles.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Andromeda.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AntiPoke.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Core.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Editor.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Engine.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Fire.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Gameplay.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IpDrv.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\mAApFriend.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\mAApKActor.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\SpankyCameraTextureClient.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\TriggerLightReset.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UnrealEd.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\UTelnet.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\XInterface.u
         -0.7s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\BugSubmit.URL
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ArmyOps.exe
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\BugReport.exe
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Server.exe
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Interface.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Utils.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\AGP_Vehicles.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ALAudio.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Andromeda.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Core.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\D3DDrv.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\DBGHELP.DLL
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\defOpenAL32.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Editor.dll
         -0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Engine.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Fire.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\GSMSLibrary.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IFC23.DLL
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ImpersonatorLib_rd.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\IpDrv.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\libandromeda.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\libgmp.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\msvcp71.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\msvcr71.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\ogg.dll
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\
         -0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbag.dll
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbcl.dll
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\vorbis.dll
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\vorbisfile.dll
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\wa001371.dll
          0.0s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\dll\wc002243.dll
          0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Window.dll
          0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\WinDrv.dll
          0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\XInterface.dll
          0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\Save\
          0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\scrnshot\
          0.1s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\htm\
          1.3s C:\Users\Martin_2\AppData\Roaming\25Assist\armyops\System\pb\pbclgame.cfg


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\06B42F08F6F40FA4F83EA94EF9F03F63\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\06FCEE940712E4B4C8A7362CD8D249A1\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\085CE460BADC1D14EA94D8A62E517577\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0B2690283E07C9B4085B3B794202E7F7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\12D3738E79C70C74E9D808E162BD6691\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\189F6D048E923EA48B11D15B30CDAC81\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1F0968491626AD249A2A6CBAC4DE352D\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\22A78C977EC431247B2ECECC374DFE13\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2CAC1D959B4188B4F8E8C251A25DA9DB\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\33990057697C62f47BB9FFD59CB4AEEB\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\41BF64DDE5C2457478691CB0675759BA\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\42F5B13BF4BAD8D409578286A354E360\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4374E71C5355C4B4AACC93BBBF40E99F\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4410C9B6FF0094C418865CD2B243B258\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\45B0A4620F799834C82DE0BD4E90E40B\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4859A93046C917F408248F3C16F75E77\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4A3D29BA507550f4F87F6F33D42B24D6\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\4E28C30B25E21BF4C9418857AEB2AF7C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\50390A9E27AD04A4698BF297EF564973\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5D5D3B13CCBA08C479F107E50BD81C8A\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\65655A3C1C3738748BE6470495D534FC\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\661134B612233374391C95E8AC373BA3\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\734F787B99D52824EAB6CA1A89F801F7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\73A172B6C18A3594A9FA363311A187A3\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7A0CF0C6A9F9B8642A392A1896DCCCF2\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7CE43E6BAE0DC0B43883C669D8DCE8B1\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7D7860B78D7B6F64887AFCB83061837A\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7EC46CC5C43127A45A99762BF7A9C9E5\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFDE7BEC9977ac46B41B0A2BF7D88CD\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8011A895DAAC4CC45AF1397E3CE9CA16\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\81EE804DA9066C64A859E01A38075C59\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\879DDA62492E58A40898AD146BBB572E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88761D7BAC02ccc428CD5EF352BB933C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CB53AD495D2C5443B95C9EE29E47902\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8F85A4D374D5bf245B8722C062C2D00E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9516FC331A505934FA76C22DCFFEC47E\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98B242210207F2D48AF879D69C381D08\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98FD652EB4839214E97B69DD8EEA1D29\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A08449608E3Ca1f4ABF236256A256754\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A431C8F3F57D7844B89242F5F7A5F62C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A66E2D84F93A9E94FBA6AB3524D85958\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AA27FE018F87f5e4F97F31C09E7C5370\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AC049320EE27170499EC0B6124142ED7\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B448F401EF39C8346BF7BE9B8D1C7060\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5211271DD585A740AA28576B137D09D\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B58469E2C54833741B90BAD9CE5A1159\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B6DA77032731EEE40B463A325128D613\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCC2BCA248E19F74F9AEDE4D1EFEFBC9\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C70C6F53DEE245249956FC291D801A71\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C7C0052DD04CBC84C81C0AC586485E50\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C879DCC3D00BE8E4282F02F1735E78DF\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\C9FBD8E8A2691564FA012512BCC3748C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CB3AEBFFA9E907145906294AB669B1F2\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE142BFA81B72674892EB318BD603CB0\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE90A73A5D5A01a43A2EDCCF04BA9487\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D03E28F842DF79F4DA05A3B6B86B095C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D05B2B3F5629f9d41A7E57FB534168CA\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D158B0E5D051EA046B8E08BF6B004842\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D45A81F48EF19334EABB33FF8871C4F5\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D538E650623CB2C43AD5FBF587227D55\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D8D06C15BF8AFCD449EFF90B935AEF7C\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DB1AE396B3BBfe940922C55C6EEF740A\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDF3C3F412F4F954F9F2723C62C65C25\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DDF89DEE0C7E9A5448382117C4436818\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E55AA93871A0fde4490A708053AC6501\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E954A03F45EC92B419A55A0D4815C0A3\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E97C12D46BF588241856422D760336B4\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EA1332016439DD54C840C7D45CFB2705\ (AskBar)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EFBB6B0872B0DBB4D912A0F52986399D\ (AskBar)
         

Alt 11.12.2015, 20:38   #13
M-K-D-B
/// TB-Ausbilder
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



Servus,


gut gemacht.


Fehlen noch die Logdateien von ESET und FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Alt 11.12.2015, 20:46   #14
Ossel
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5c09cf3d64543e4a973da84a0a988fa1
# end=init
# utc_time=2015-12-11 05:39:04
# local_time=2015-12-11 06:39:04 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 27155
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=5c09cf3d64543e4a973da84a0a988fa1
# end=updated
# utc_time=2015-12-11 05:43:15
# local_time=2015-12-11 06:43:15 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=5c09cf3d64543e4a973da84a0a988fa1
# engine=27155
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-12-11 07:36:46
# local_time=2015-12-11 08:36:46 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 65436 201492456 0 0
# scanned=295015
# found=0
# cleaned=0
# scan_time=6811
         

Alt 11.12.2015, 20:47   #15
M-K-D-B
/// TB-Ausbilder
 
Anitvirus Programm findet Virus aber keine Probleme ? - Standard

Anitvirus Programm findet Virus aber keine Probleme ?



Fehlt nur noch FRST.
__________________
Grüße aus Bayern
M-K-D-B

______________________________________

Das Trojaner-Board unterstützen

Antwort

Themen zu Anitvirus Programm findet Virus aber keine Probleme ?
ansicht, archiv, archive, auswertung, bestanden, converter, dankeschön, dateien, forum, frage, fragen, fund, hinweis, infizierte, namen, probleme, programm, sache, seite, seiten, software, suche, tmp, virus, warnung



Ähnliche Themen: Anitvirus Programm findet Virus aber keine Probleme ?


  1. Datenträger ist 100% ausgelastet, aber keine Probleme auffindbar!
    Plagegeister aller Art und deren Bekämpfung - 14.04.2015 (12)
  2. Virus aber Programm findet nichts
    Log-Analyse und Auswertung - 02.04.2015 (3)
  3. Windows 7 Bluescreen beim Start aber im Betrieb keine Probleme
    Netzwerk und Hardware - 30.07.2014 (7)
  4. BKA- Trojaner aber keine Symptome oder Probleme?
    Plagegeister aller Art und deren Bekämpfung - 05.02.2014 (3)
  5. Anitvirus meldet ein Virus; URL;Mal (Windos\System32\wscript.exe
    Plagegeister aller Art und deren Bekämpfung - 21.12.2013 (8)
  6. Das eingebaute Modem in meinem Laptop funktioniert nicht mehr, WLAN hat aber keine Probleme.
    Netzwerk und Hardware - 16.07.2013 (12)
  7. Malwarebytes findet Trojan.inject - Rechner zeigt aber keine Probleme
    Plagegeister aller Art und deren Bekämpfung - 28.05.2013 (23)
  8. Trojan.Win32.infect.fexk, Malware findet nichts, bis jetzt auch keine Probleme
    Plagegeister aller Art und deren Bekämpfung - 07.03.2013 (1)
  9. Trojaner an Bord oder nicht? html/malicious.pdf.gen gefunden - aber bisher keine Probleme
    Plagegeister aller Art und deren Bekämpfung - 27.03.2012 (37)
  10. Keine Probleme, aber unsicher bezüglich Hijack File
    Log-Analyse und Auswertung - 14.12.2010 (4)
  11. AVIRA findet Virus, aber bekommt ihn nicht weg...
    Antiviren-, Firewall- und andere Schutzprogramme - 12.03.2010 (7)
  12. antivirus programm findet virus nicht :S?
    Log-Analyse und Auswertung - 15.03.2009 (4)
  13. AntiVir findet Virus oder unerwünschtes Programm TR/Agent.105720
    Plagegeister aller Art und deren Bekämpfung - 25.02.2009 (3)
  14. Viele Probleme aber Keine Ahnung!
    Log-Analyse und Auswertung - 08.12.2007 (1)
  15. HILFE !! keine ahnung mein antivir findet watt aber kann nix machen !!!
    Log-Analyse und Auswertung - 15.12.2005 (1)
  16. I-Net-Verbindung steht, aber findet keine Seite
    Plagegeister aller Art und deren Bekämpfung - 30.12.2004 (8)
  17. Virus auf PC aber keiner findet was??!!
    Plagegeister aller Art und deren Bekämpfung - 03.10.2004 (7)

Zum Thema Anitvirus Programm findet Virus aber keine Probleme ? - Hallo an alle in diesem Forum und an das Team was alle HIlfeanfragen bearbeitet. Ersteinmal dankeschön für die prompte und schnelle HIlfe bei Fragen und Problemen. Aber zu meiner Sache - Anitvirus Programm findet Virus aber keine Probleme ?...
Archiv
Du betrachtest: Anitvirus Programm findet Virus aber keine Probleme ? auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.