| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Verdächtigen Anhang geöffnet (angebl. von ebay)Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
05.04.2016, 19:28
| #1 |
| |  Verdächtigen Anhang geöffnet (angebl. von ebay) Guten Abend, ich bin grade bei Bekannten, die mich um Hilfe gebeten haben. Leider weiß ich allerdings auch nicht so gut bescheid. Das Problem ist folgendes: Sie haben gestern bei einer Mail, die angeblich von ebay kam, den Anhang geöffnet. Sie wissen nicht mehr, um was für eine Datei es sich "angeblich" gehandelt hat, anscheind soll es kein .doc, .zip oder .pdf gewesen sein. Die Datei lies sich wohl auch nicht öffnen, es kam aber eine Meldung, dass man eine bestimmte Software kaufen solle, um die Datei öffnen zu können. Jetzt besteht allerdings die Befürchtung, dass sie sich einen Trojaner/Virus eingefangen haben. Allerdings zeigt das System bisher keine Auffälligkeiten. Das System wurde wohl schon mit Avira AntiVir und einer Software Namens "Trojan Remover 6.9.3" von Simply Super Software gescannt, dabei wurde aber nichts gefunden (In dem Avira Bericht bzw. Erignissen habe ich keine Warnung, Fehler oder Fund gesehen). Auch HijackThis hat nichts auffällige gefunden, wobei ich gesehen habe, dass die Software nicht mehr aktualisiert wird. Deshalb wollte ich Nachfragen, ob ein Experte hier etwas entdeckt. Vielen Dank schonmal frst.txt Code:
ATTFilter Untersuchungsergebnis von Farbar Recovery Scan Tool (FRST) (x64) Version:05-03-2016 01
durchgeführt von Angi (Administrator) auf RV511 (05-04-2016 19:59:46)
Gestartet von C:\Users\Angi\Downloads
Geladene Profile: Angi (Verfügbare Profile: Angi)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Sprache: Deutsch (Deutschland)
Internet Explorer Version 8 (Standard-Browser: FF)
Start-Modus: Normal
Anleitung für Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Prozesse (Nicht auf der Ausnahmeliste) =================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Prozess geschlossen. Die Datei wird nicht verschoben.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
(SEIKO EPSON CORPORATION) C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(SEC) C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\SAMSUNG\SamsungFastStart\SmartRestarter.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe
(SAMSUNG Electronics) C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics) C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe
(Mozilla Corporation) D:\Mozilla Thunderbird\thunderbird.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_197.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_21_0_0_197.exe
==================== Registry (Nicht auf der Ausnahmeliste) ===========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt. Die Datei wird nicht verschoben.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11660904 2010-12-01] (Realtek Semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2817872 2012-04-25] (ELAN Microelectronics Corp.)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [807392 2016-03-18] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1699400 2015-12-17] (APN)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [66328 2016-01-27] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [3716624 2015-08-31] (Simply Super Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2011-06-18]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
==================== Internet (Nicht auf der Ausnahmeliste) ====================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Eintrag entfernt oder auf den Standardwert zurückgesetzt, wenn es sich um einen Registryeintrag handelt.)
Tcpip\..\Interfaces\{1358B422-D1DF-4C7B-BFA4-F86908FBD866}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{37950CD6-7A0C-406B-8FF1-A8F311F162C0}: [DhcpNameServer] 172.20.10.1
Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://samsung.msn.com
HKU\S-1-5-21-902560758-1637908631-278369674-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://avira.search.ask.com/?p2=%5EB0Q%5EYYYYYY%5EYY%5EDE&gct=hp&o=APN11074&apn_ptnrs=%5EB0Q&apn_dtid=%5EYYYYYY%5EYY%5EDE&tpid=AVIRA-V7&apn_dbr=Opera.exe_0_12.16.1860.0&trgb=ALL&apn_uid=CD76E148-A02A-4F06-9D53-302624021548&itbv=12.2.2.663&doi=2013-08-08&psv=
HKU\S-1-5-21-902560758-1637908631-278369674-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://samsung.msn.com
URLSearchHook: HKU\S-1-5-21-902560758-1637908631-278369674-1001 - SearchHook Class - {D8278076-BC68-4484-9233-6E7F1628B56C} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\searchhook.dll (APN LLC.)
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&form=SMSTDF&pc=MASM&src=IE-SearchBox
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-29] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files (x86)\Windows Live\Companion\companioncore.dll [2010-11-10] (Microsoft Corporation)
BHO-x32: W2PBrowser Class -> {AA609D72-8482-4076-8991-8CDAE5B93BCB} -> C:\Program Files\Samsung AnyWeb Print\W2PBrowser.dll [2010-09-17] ()
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-29] (Oracle Corporation)
Toolbar: HKLM - Kein Name - {41564952-412D-5637-00A7-7A786E7484D7} - Keine Datei
Toolbar: HKLM-x32 - Kein Name - {41564952-412D-5637-00A7-7A786E7484D7} - Keine Datei
Toolbar: HKU\S-1-5-21-902560758-1637908631-278369674-1001 -> Kein Name - {41564952-412D-5637-00A7-7A786E7484D7} - Keine Datei
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2013-03-02] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2013-03-02] (Microsoft Corporation)
FireFox:
========
FF ProfilePath: C:\Users\Angi\AppData\Roaming\Mozilla\Firefox\Profiles\dn8pq2kd.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_197.dll [2016-03-24] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll [2016-03-24] ()
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-02-05] (CANON INC.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-29] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Extension: Default - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi [2016-03-20] [ist nicht signiert]
FF HKLM-x32\...\Firefox\Extensions: [{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}] - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension
FF Extension: Default Manager - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DMExtension [2010-12-30] [ist nicht signiert]
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2016-01-05]
CHR HKLM-x32\...\Chrome\Extension: [aaaaacalgebmfelllfiaoknifldpngjh] - C:\ProgramData\AskPartnerNetwork\Toolbar\AVIRA-V7\CRX\ToolbarCR.crx [2016-01-05]
Opera:
=======
StartMenuInternet: (HKLM) Opera - D:\Opera\Opera.exe
==================== Dienste (Nicht auf der Ausnahmeliste) ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [955736 2016-03-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [466504 2016-03-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [466504 2016-03-18] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1424880 2016-03-18] (Avira Operations GmbH & Co. KG)
R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [198216 2015-12-17] (APN LLC.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [260456 2016-01-27] (Avira Operations GmbH & Co. KG)
R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-09-08] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
===================== Treiber (Nicht auf der Ausnahmeliste) ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [154816 2016-03-18] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [133168 2016-03-18] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [69888 2016-03-18] (Avira Operations GmbH & Co. KG)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [23040 2014-07-15] (Apple Inc.) [Datei ist nicht signiert]
S3 rtport; C:\Windows\SysWOW64\drivers\rtport.sys [15144 2011-01-25] (Windows (R) 2003 DDK 3790 provider)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2015-06-10] (Apple, Inc.) [Datei ist nicht signiert]
S3 clwvd; system32\DRIVERS\clwvd.sys [X]
==================== NetSvcs (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Ein Monat: Erstellte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-05 19:59 - 2016-04-05 20:00 - 00014924 _____ C:\Users\Angi\Downloads\FRST.txt
2016-04-05 19:59 - 2016-04-05 19:59 - 00388608 _____ (Trend Micro Inc.) C:\Users\Angi\Downloads\HijackThis.exe
2016-04-05 19:55 - 2016-04-05 19:59 - 00000000 ____D C:\FRST
2016-04-05 19:54 - 2016-04-05 19:54 - 02374144 _____ (Farbar) C:\Users\Angi\Downloads\FRST64.exe
2016-04-04 20:11 - 2016-04-04 20:11 - 00000000 ____D C:\Users\Angi\Documents\Simply Super Software
2016-04-04 20:09 - 2016-04-04 20:09 - 00000000 ____D C:\ProgramData\Simply Super Software
2016-04-04 20:09 - 2016-04-04 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2016-04-04 20:09 - 2016-04-04 20:09 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2016-04-04 20:02 - 2016-04-04 20:03 - 01475080 _____ C:\Users\Angi\Downloads\Trojan Remover - CHIP-Installer.exe
2016-03-20 18:36 - 2016-03-21 13:32 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
==================== Ein Monat: Geänderte Dateien und Ordner ========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Datei/der Ordner verschoben.)
2016-04-05 19:56 - 2009-07-14 06:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-04-05 19:56 - 2009-07-14 06:45 - 00013936 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-04-05 19:39 - 2010-12-31 03:57 - 00699440 _____ C:\Windows\system32\perfh007.dat
2016-04-05 19:39 - 2010-12-31 03:57 - 00149548 _____ C:\Windows\system32\perfc007.dat
2016-04-05 19:39 - 2009-07-14 07:13 - 01619700 _____ C:\Windows\system32\PerfStringBackup.INI
2016-04-05 19:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-04-05 19:34 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-04-05 14:42 - 2012-01-06 19:47 - 00000000 ____D C:\Users\Angi\AppData\Local\CrashDumps
2016-04-04 21:22 - 2012-04-04 20:43 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-04-04 20:11 - 2010-12-30 20:59 - 00000000 ____D C:\ProgramData\Temp
2016-04-03 18:24 - 2013-03-31 15:53 - 00000000 ____D C:\ProgramData\CanonIJPLM
2016-03-24 19:15 - 2012-04-04 20:43 - 00797376 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-03-24 19:15 - 2011-06-18 18:34 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-03-21 13:32 - 2015-06-11 18:26 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-03-18 19:11 - 2013-08-08 09:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2016-03-18 19:09 - 2013-08-08 09:06 - 00154816 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2016-03-18 19:09 - 2013-08-08 09:06 - 00133168 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2016-03-18 19:09 - 2013-08-08 09:06 - 00069888 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
==================== Dateien im Wurzelverzeichnis einiger Verzeichnisse =======
2010-12-30 21:06 - 2010-12-30 21:07 - 0000109 _____ () C:\ProgramData\{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}.log
2010-12-30 21:00 - 2010-12-30 21:00 - 0000113 _____ () C:\ProgramData\{34FBC7C4-CD31-4D93-A428-0E524EAC4586}.log
2010-12-30 21:04 - 2010-12-30 21:04 - 0000105 _____ () C:\ProgramData\{40BF1E83-20EB-11D8-97C5-0009C5020658}.log
2010-12-30 21:00 - 2010-12-30 21:03 - 0000106 _____ () C:\ProgramData\{80E158EA-7181-40FE-A701-301CE6BE64AB}.log
2010-12-30 21:05 - 2010-12-30 21:06 - 0000110 _____ () C:\ProgramData\{CB099890-1D5F-11D5-9EA9-0050BAE317E1}.log
Einige Dateien in TEMP:
====================
C:\Users\Angi\AppData\Local\Temp\AskSLib.dll
C:\Users\Angi\AppData\Local\Temp\avgnt.exe
C:\Users\Angi\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Angi\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Angi\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\Angi\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\Angi\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\Angi\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\Angi\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\Angi\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\Angi\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Angi\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Angi\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Angi\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Angi\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Angi\AppData\Local\Temp\jre-8u31-windows-au.exe
C:\Users\Angi\AppData\Local\Temp\MouseKeyboardCenterx64_1031.exe
C:\Users\Angi\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Angi\AppData\Local\Temp\_is3716.exe
==================== Bamital & volsnap =================
(Es ist kein automatischer Fix für Dateien vorhanden, die an der Verifikation gescheitert sind.)
C:\Windows\system32\winlogon.exe => Datei ist digital signiert
C:\Windows\system32\wininit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\wininit.exe => Datei ist digital signiert
C:\Windows\explorer.exe => Datei ist digital signiert
C:\Windows\SysWOW64\explorer.exe => Datei ist digital signiert
C:\Windows\system32\svchost.exe => Datei ist digital signiert
C:\Windows\SysWOW64\svchost.exe => Datei ist digital signiert
C:\Windows\system32\services.exe => Datei ist digital signiert
C:\Windows\system32\User32.dll => Datei ist digital signiert
C:\Windows\SysWOW64\User32.dll => Datei ist digital signiert
C:\Windows\system32\userinit.exe => Datei ist digital signiert
C:\Windows\SysWOW64\userinit.exe => Datei ist digital signiert
C:\Windows\system32\rpcss.dll => Datei ist digital signiert
C:\Windows\system32\dnsapi.dll => Datei ist digital signiert
C:\Windows\SysWOW64\dnsapi.dll => Datei ist digital signiert
C:\Windows\system32\Drivers\volsnap.sys => Datei ist digital signiert
LastRegBack: 2016-04-03 15:37
==================== Ende von FRST.txt ============================
Addition.txt Code:
ATTFilter Zusätzliches Untersuchungsergebnis von Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
durchgeführt von Angi (2016-04-05 20:01:05)
Gestartet von C:\Users\Angi\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2011-06-18 15:47:30)
Start-Modus: Normal
==========================================================
==================== Konten: =============================
Administrator (S-1-5-21-902560758-1637908631-278369674-500 - Administrator - Disabled)
Angi (S-1-5-21-902560758-1637908631-278369674-1001 - Administrator - Enabled) => C:\Users\Angi
Gast (S-1-5-21-902560758-1637908631-278369674-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-902560758-1637908631-278369674-1002 - Limited - Enabled)
==================== Sicherheits-Center ========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er entfernt.)
AV: Avira Antivirus (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Antivirus (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installierte Programme ======================
(Nur Adware-Programme mit dem Zusatz "Hidden" können in die Fixlist aufgenommen werden, um sie sichtbar zu machen. Die Adware-Programme sollten manuell deinstalliert werden.)
„Messenger“ pagalbinė priemonė (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Essentials“ (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Messenger“ (x32 Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Adobe Flash Player 21 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.197 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Atheros)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.16.282 - Avira Operations GmbH & Co. KG)
Avira Launcher (HKLM-x32\...\{3b87484e-d70b-4b4f-ad59-2ae89571e2cf}) (Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG)
Avira Launcher (x32 Version: 1.1.56.9119 - Avira Operations GmbH & Co. KG) Hidden
Avira SearchFree Toolbar (HKLM-x32\...\{41564952-412D-5637-00A7-A758B70C2600}) (Version: 12.38.0.3278 - APN, LLC)
BatteryLifeExtender (HKLM-x32\...\{EA257ECF-5F72-4461-B890-959394DCD087}) (Version: 1.0.10 - Samsung)
Bing Rewards Client Installer (x32 Version: 16.0.345.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.55 - Broadcom Corporation)
Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version: - )
Canon iP2700 series Benutzerregistrierung (HKLM-x32\...\Canon iP2700 series Benutzerregistrierung) (Version: - )
Canon iP2700 series Printer Driver (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_iP2700_series) (Version: - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Complément Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Complemento Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Doplnok programu Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Easy Content Share (HKLM-x32\...\{2DDC70C1-C77A-4D08-89D2-9AB648504533}) (Version: 1.0 - Samsung Electronics Co., LTD)
Easy Display Manager (HKLM-x32\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.2 - Samsung Electronics Co., Ltd.)
Easy Migration (HKLM-x32\...\{AD86049C-3D9C-43E1-BE73-643F57D83D50}) (Version: 1.0.0.5 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM-x32\...\{FCF2085E-ABE5-4AA8-B07C-65BBD56DA243}) (Version: 4.4.6 - Samsung)
Easy SpeedUp Manager (HKLM-x32\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 2.1.1.1 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM-x32\...\{4A331D24-A9E8-484F-835E-1BA7B139689C}) (Version: 4.0.0.4 - Samsung)
EasyFileShare (HKLM-x32\...\{EA76E65F-6679-495A-A8A6-42AD6602ED4C}) (Version: 1.0.11 - Samsung)
EPSON Stylus S20 Series Printer Uninstall (HKLM\...\EPSON Stylus S20 Series) (Version: - SEIKO EPSON Corporation)
ETDWare PS/2-X64 10.7.14.12_WHQL (HKLM\...\Elantech) (Version: 10.7.14.12 - ELAN Microelectronic Corp.)
Fast Start (HKLM-x32\...\{77F45ECD-FAFC-45A8-8896-CFFB139DAAA3}) (Version: 2.2.0.0 - SAMSUNG)
Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.2.929 - Foxit Software Inc.)
Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2202 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.3.1001 - Intel Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Assistent (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Companion (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger kísérő (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Pratilac (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger Suradnik (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 사이트 공유 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 分享元件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger 浏览器插件 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Messenger-kumppani (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Deutsch) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1031) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Color Enhancer (HKLM-x32\...\{7F6F62F0-7884-4CFB-B86C-597A4A6D9C4D}) (Version: 1.0 - Samsung Electronics Co., Ltd.)
Mozilla Firefox 45.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 45.0.1 (x86 de)) (Version: 45.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.0.1.5918 - Mozilla)
Mozilla Thunderbird 11.0.1 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 11.0.1 (x86 de)) (Version: 11.0.1 - Mozilla)
Mozilla Thunderbird 38.6.0 (x86 de) (HKU\S-1-5-21-902560758-1637908631-278369674-1001\...\Mozilla Thunderbird 38.6.0 (x86 de)) (Version: 38.6.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{4286716B-1287-48E7-9078-3DC8248DBA96}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
PhoneShare (HKLM-x32\...\{E31F454E-4813-4C88-B0D3-4BB174993770}) (Version: 1.0.4 - Samsung)
Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pomocnik Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.33.1125.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.)
Samsung AnyWeb Print (HKLM-x32\...\{318DBE01-1E6B-4243-84B0-210391FE789A}) (Version: 1.1.21.0 - Samsung Electronics Co., Ltd.)
Samsung AnyWeb Print (x32 Version: 1.0 - Samsung Electronics Co., Ltd.) Hidden
Samsung Recovery Solution 5 (HKLM-x32\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 5.0.0.8 - Samsung)
Samsung Support Center 1.0 (HKLM-x32\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.1.38 - Samsung)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.01.06.00:16 - Samsung Electronics Co., Ltd.)
Samsung Universal Scan Driver (HKLM-x32\...\Samsung Universal Scan Driver) (Version: 1.2.1.0 - Samsung Electronics Co., Ltd.)
Samsung Update Plus (HKLM-x32\...\{142D8CA7-2C6F-45A7-83E3-099AAFD99133}) (Version: 3.0.0.17 - Samsung Electronics Co., Ltd.)
Spremljevalec Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
SRS Premium Sound Control Panel (HKLM\...\{2998191E-A35E-47E2-BE38-7702C731D722}) (Version: 1.10.1000 - SRS Labs, Inc.)
Trojan Remover 6.9.3 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.3 - Simply Super Software)
User Guide (HKLM-x32\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player 1.1.10 (HKLM-x32\...\VLC media player) (Version: 1.1.10 - VideoLAN)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.7000 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
WinRAR 4.20 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Компаньон Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Помощник на Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden
Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
מסייע Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
==================== Benutzerdefinierte CLSID (Nicht auf der Ausnahmeliste): ==========================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
==================== Geplante Aufgaben (Nicht auf der Ausnahmeliste) =============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
Task: {009F38A9-F62A-474B-AE2B-67EE4080ADDD} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
Task: {1FF1617B-18AA-4264-A5F0-DE329EBCAD12} - System32\Tasks\SUPBackground => C:\Program Files (x86)\Samsung\Samsung Update Plus\SUPBackground.exe [2010-08-27] (Samsung Electronics)
Task: {22BD65CF-D1BE-4A19-B093-AEF00129E9D6} - System32\Tasks\SRS Premium Sound => C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\srspremiumpanel_64.exe [2010-11-29] (SRS Labs, Inc.)
Task: {34DF6C69-4B82-40D8-BD32-FD6935ACF298} - System32\Tasks\WifiManager => C:\Program Files (x86)\Samsung\Easy Display Manager\WifiManager.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {3C7A0DF2-89AD-4C8B-8AE6-14F44BDC4E28} - System32\Tasks\SmartRestarter => C:\Program Files\Samsung\SamsungFastStart\SmartRestarter.exe [2010-08-05] (Samsung Electronics Co., Ltd.)
Task: {456455C1-7E90-4C3D-8310-A60D57051740} - System32\Tasks\EasyDisplayMgr => C:\Program Files (x86)\Samsung\Easy Display Manager\dmhkcore.exe [2010-11-28] (Samsung Electronics Co., Ltd.)
Task: {4BE2BF8D-AD1B-4EFE-AFFC-81E2D106CA93} - System32\Tasks\EasyBatteryManager => C:\Program Files (x86)\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2010-07-20] (SAMSUNG Electronics co., LTD.)
Task: {50C047CE-7A10-4FF2-A2FA-DBDC10AAFFC8} - System32\Tasks\BatteryLifeExtender => C:\Program Files (x86)\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-12-01] (Samsung Electronics. Co. Ltd.)
Task: {51C61342-95FF-4151-B00A-5305C7D81072} - System32\Tasks\advSRS5 => C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\WCScheduler.exe [2010-11-17] (SEC)
Task: {7103B51B-1FF2-466B-B28A-B16054789775} - System32\Tasks\MovieColorEnhancer => C:\Program Files (x86)\Samsung\Movie Color Enhancer\MovieColorEnhancer.exe [2010-08-19] (Samsung Electronics Co., Ltd.)
Task: {9E9400CA-38BC-4B7C-9FC5-AF6D01EC6A58} - System32\Tasks\EasySpeedUpManager => C:\Program Files (x86)\Samsung\EasySpeedUpManager\EasySpeedUpManager2.exe [2010-12-01] (Samsung Electronics)
Task: {D7D1EDA3-6EE6-4EC9-AADE-171E4CC564FB} - System32\Tasks\SamsungSupportCenter => C:\Program Files (x86)\Samsung\Samsung Support Center\SSCKbdHk.exe [2011-09-04] (SAMSUNG Electronics)
Task: {E749C34F-F048-4996-9518-8B962F369096} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-03-24] (Adobe Systems Incorporated)
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird die Aufgabe verschoben. Die Datei, die durch die Aufgabe gestartet wird, wird nicht verschoben.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Verknüpfungen =============================
(Die Einträge können gelistet werden, um sie zurückzusetzen oder zu entfernen.)
==================== Geladene Module (Nicht auf der Ausnahmeliste) ==============
2011-06-18 17:55 - 2008-06-05 01:53 - 00027648 _____ () C:\Windows\System32\spd__l.dll
2013-03-31 15:53 - 2009-09-08 23:12 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
2011-06-18 17:56 - 2010-04-21 01:44 - 00719872 _____ () C:\Windows\system32\SnMinDrv.dll
2010-12-30 21:11 - 2010-07-05 12:42 - 00203776 _____ () C:\Program Files (x86)\Samsung\Movie Color Enhancer\WinCRT.dll
2010-12-30 21:09 - 2006-08-12 05:48 - 00049152 _____ () C:\Program Files (x86)\Samsung\Easy Display Manager\HookDllPS2.dll
2010-12-30 21:16 - 2010-05-07 16:22 - 01636864 _____ () C:\Program Files (x86)\Samsung\Samsung Recovery Solution 5\Resdll.dll
2016-02-23 17:46 - 2016-02-23 17:46 - 00153032 _____ () D:\Mozilla Thunderbird\NSLDAP32V60.dll
2016-02-23 17:46 - 2016-02-23 17:46 - 00022472 _____ () D:\Mozilla Thunderbird\NSLDAPPR32V60.dll
2016-03-24 19:15 - 2016-03-24 19:15 - 19397824 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_197.dll
==================== Alternate Data Streams (Nicht auf der Ausnahmeliste) =========
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird nur der ADS entfernt.)
==================== Abgesicherter Modus (Nicht auf der Ausnahmeliste) ===================
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Der Wert "AlternateShell" wird wiederhergestellt.)
==================== EXE Verknüpfungen (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird der Registryeintrag auf den Standardwert zurückgesetzt oder entfernt.)
==================== Internet Explorer Vertrauenswürdig/Eingeschränkt ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt.)
==================== Hosts Inhalt: ===============================
(Wenn benötigt kann der Hosts: Schalter in die Fixlist aufgenommen werden um die Hosts Datei zurückzusetzen.)
2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
==================== Andere Bereiche ============================
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
HKU\S-1-5-21-902560758-1637908631-278369674-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Angi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall ist aktiviert.
==================== MSCONFIG/TASK MANAGER Deaktivierte Einträge ==
(Aktuell gibt es keinen automatisierten Fix für diesen Bereich.)
==================== Firewall Regeln (Nicht auf der Ausnahmeliste) ===============
(Wenn ein Eintrag in die Fixlist aufgenommen wird, wird er aus der Registry entfernt. Die Datei wird nicht verschoben solange sie nicht separat aufgelistet wird.)
FirewallRules: [{8451DC06-1DF4-482A-B514-F889554AC1D4}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{24EC35D9-9751-4000-AEC7-5C23C0AA80CC}] => (Allow) LPort=2869
FirewallRules: [{B5F06732-6081-407F-9263-219443388DA1}] => (Allow) LPort=1900
FirewallRules: [{133C4F3F-4401-447B-8322-E6E6AF4ED3A5}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{53A33308-7A3D-4CF3-A74B-DA1F4F16144C}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{4689E255-6411-4469-9045-52AEB461E9ED}] => (Allow) C:\Windows\System32\SUPDSvc.exe
FirewallRules: [{B9AFA180-EB9D-452E-AC65-4D4677C611D4}] => (Allow) C:\Windows\System32\SUPDSvc.exe
FirewallRules: [{3C796307-2E4E-44F3-941E-812CACA8AC5C}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{3859D537-0512-41D0-A930-A20CA2E65FBA}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\USDAgent.exe
FirewallRules: [{AD8EAA2E-B5AF-44E3-9A24-938617381D71}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{3ED2C13A-3186-47B8-AD75-DF0C0AFD6FEE}] => (Allow) C:\Program Files (x86)\Samsung\Samsung Universal Scan Driver\ICCUpdater.exe
FirewallRules: [{56206E3E-1CCD-42A1-9C6B-5BAE4F84675D}] => (Allow) D:\Opera\opera.exe
FirewallRules: [{BA544923-09F0-465E-9DCC-CAF6BE8B565D}] => (Allow) D:\Opera\opera.exe
FirewallRules: [{B6CAE2DC-AB44-41B0-943B-770CEE740359}] => (Allow) D:\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{A3C9B779-A8DC-4D16-8121-AB4D92AB00E6}] => (Allow) D:\Opera\pluginwrapper\opera_plugin_wrapper.exe
FirewallRules: [{5D567E6F-5CDC-4C5C-BFBA-D53E3E79E852}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{AC929D86-8775-45B5-AA74-040857DBBDBB}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{62AE9393-0633-4DD4-8FFA-C59B340FC6BE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{325802A0-8073-4618-8A72-DEB07E0988EE}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{8E0FADAF-EDD2-4F77-8568-F9893B03F77E}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{BC8C51D3-3C34-45D1-8F50-13A6BC5C8DBE}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DCDEBD1C-4565-435B-9533-95036F33101F}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{8E199DB6-B283-47BE-A245-52BC02463B1D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A7F0C07F-A627-4F53-A414-B096EA909CA3}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{1160EB55-B3B5-408A-A558-28EEC3EC368E}C:\program files (x86)\askpartnernetwork\toolbar\updater\tbnotifier.exe] => (Block) C:\program files (x86)\askpartnernetwork\toolbar\updater\tbnotifier.exe
FirewallRules: [UDP Query User{5E73C4CC-4B75-4032-9849-EBA47D0FA805}C:\program files (x86)\askpartnernetwork\toolbar\updater\tbnotifier.exe] => (Block) C:\program files (x86)\askpartnernetwork\toolbar\updater\tbnotifier.exe
FirewallRules: [TCP Query User{04B22D45-5BBE-4A39-84A3-EBFC9DB46300}C:\program files (x86)\askpartnernetwork\toolbar\updater\tbnotifier.exe] => (Block) C:\program files (x86)\askpartnernetwork\toolbar\updater\tbnotifier.exe
FirewallRules: [UDP Query User{0C0F92F7-2546-4926-8938-5557508A8427}C:\program files (x86)\askpartnernetwork\toolbar\updater\tbnotifier.exe] => (Block) C:\program files (x86)\askpartnernetwork\toolbar\updater\tbnotifier.exe
==================== Wiederherstellungspunkte =========================
23-03-2016 10:27:08 Windows Update
28-03-2016 18:39:02 Windows Update
03-04-2016 15:36:16 Windows Update
==================== Fehlerhafte Geräte im Gerätemanager =============
==================== Fehlereinträge in der Ereignisanzeige: =========================
Applikationsfehler:
==================
Error: (04/05/2016 02:42:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FoxitReader.exe, Version: 7.2.2.929, Zeitstempel: 0x560a7f54
Name des fehlerhaften Moduls: FoxitReader.exe, Version: 7.2.2.929, Zeitstempel: 0x560a7f54
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002dc4fd
ID des fehlerhaften Prozesses: 0x139c
Startzeit der fehlerhaften Anwendung: 0xFoxitReader.exe0
Pfad der fehlerhaften Anwendung: FoxitReader.exe1
Pfad des fehlerhaften Moduls: FoxitReader.exe2
Berichtskennung: FoxitReader.exe3
Error: (04/04/2016 05:08:19 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FoxitReader.exe, Version: 7.2.2.929, Zeitstempel: 0x560a7f54
Name des fehlerhaften Moduls: FoxitReader.exe, Version: 7.2.2.929, Zeitstempel: 0x560a7f54
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002dc4fd
ID des fehlerhaften Prozesses: 0x1594
Startzeit der fehlerhaften Anwendung: 0xFoxitReader.exe0
Pfad der fehlerhaften Anwendung: FoxitReader.exe1
Pfad des fehlerhaften Moduls: FoxitReader.exe2
Berichtskennung: FoxitReader.exe3
Error: (04/03/2016 07:00:05 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (03/28/2016 05:17:17 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (03/24/2016 07:23:12 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: FoxitReader.exe, Version: 7.2.2.929, Zeitstempel: 0x560a7f54
Name des fehlerhaften Moduls: FoxitReader.exe, Version: 7.2.2.929, Zeitstempel: 0x560a7f54
Ausnahmecode: 0xc0000005
Fehleroffset: 0x002dc4fd
ID des fehlerhaften Prozesses: 0x7d8
Startzeit der fehlerhaften Anwendung: 0xFoxitReader.exe0
Pfad der fehlerhaften Anwendung: FoxitReader.exe1
Pfad des fehlerhaften Moduls: FoxitReader.exe2
Berichtskennung: FoxitReader.exe3
Error: (03/20/2016 08:00:02 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Die Sicherung wurde aufgrund eines Fehlers beim Schreiben am Sicherungsspeicherort "F:\" nicht abgeschlossen. Fehler: "Der Sicherungsort wurde nicht gefunden oder ist ungültig. Überprüfen Sie die Sicherungseinstellungen und den Sicherungsort. (0x81000006)"
Error: (03/18/2016 08:03:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11077
Error: (03/18/2016 08:03:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11077
Error: (03/18/2016 08:03:43 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (03/18/2016 08:03:42 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10047
Systemfehler:
=============
Error: (03/07/2016 07:01:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Error: (02/23/2016 05:24:57 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (11/15/2015 08:12:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {53362C64-A296-4F2D-A2F8-FD984D08340B}
Error: (11/15/2015 06:13:31 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {53362C64-A296-4F2D-A2F8-FD984D08340B}
Error: (11/01/2015 02:42:59 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Das System wurde zuvor am 01.11.2015 um 09:45:53 unerwartet heruntergefahren.
Error: (10/23/2015 05:07:03 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (10/21/2015 01:29:18 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Error: (10/17/2015 04:12:12 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {51FA2736-5DEE-11D4-98E8-006008BF430C}
Error: (10/16/2015 06:33:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Avira Service Host erreicht.
Error: (09/19/2015 08:52:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Windows Live ID Sign-in Assistant" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053
==================== Speicherinformationen ===========================
Prozessor: Intel(R) Core(TM) i3 CPU M 380 @ 2.53GHz
Prozentuale Nutzung des RAM: 47%
Installierter physikalischer RAM: 3892.56 MB
Verfügbarer physikalischer RAM: 2033.65 MB
Summe virtueller Speicher: 7783.31 MB
Verfügbarer virtueller Speicher: 5479.68 MB
==================== Laufwerke ================================
Drive c: (Windows) (Fixed) (Total:111 GB) (Free:63.65 GB) NTFS
Drive d: (Daten) (Fixed) (Total:165.76 GB) (Free:95.86 GB) NTFS
==================== MBR & Partitionstabelle ==================
========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 9E731359)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=165.8 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=21.2 GB) - (Type=27)
==================== Ende von Addition.txt ============================
|
|
10.04.2016, 05:25
| #2 |
| /// TB-Ausbilder /// Anleitungs-Guru  | Verdächtigen Anhang geöffnet (angebl. von ebay) Mein Name ist Jürgen und ich werde Dir bei Deinem Problem behilflich sein. Zusammen schaffen wir das... 
 Hinweis:Ich kann Dir niemals eine Garantie geben, dass wir alle schädlichen Dateien finden werden. Eine Formatierung ist meist der schnellere und immer der sicherste Weg, aber auch nur bei wirklicher Malware empfehlenswert. Adware & Co. können wir sehr gut entfernen. Solltest Du Dich für eine Bereinigung entscheiden, arbeite solange mit, bis Du mein clean  bekommst.Los geht's: Schritt 1 Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
|
11.04.2016, 17:34
| #3 |
| | Verdächtigen Anhang geöffnet (angebl. von ebay) Hallo Jürgen,
__________________erst einmal danke für deine Hilfe  Hier ist die Log-Datei vom TDSS-Killer: Code:
ATTFilter 18:30:11.0210 0x1204 TDSS rootkit removing tool 3.1.0.9 Dec 11 2015 22:49:12
18:30:20.0161 0x1204 ============================================================
18:30:20.0161 0x1204 Current date / time: 2016/04/11 18:30:20.0161
18:30:20.0161 0x1204 SystemInfo:
18:30:20.0161 0x1204
18:30:20.0161 0x1204 OS Version: 6.1.7601 ServicePack: 1.0
18:30:20.0161 0x1204 Product type: Workstation
18:30:20.0161 0x1204 ComputerName: RV511
18:30:20.0161 0x1204 UserName: Angi
18:30:20.0161 0x1204 Windows directory: C:\Windows
18:30:20.0161 0x1204 System windows directory: C:\Windows
18:30:20.0162 0x1204 Running under WOW64
18:30:20.0162 0x1204 Processor architecture: Intel x64
18:30:20.0162 0x1204 Number of processors: 4
18:30:20.0162 0x1204 Page size: 0x1000
18:30:20.0162 0x1204 Boot type: Normal boot
18:30:20.0162 0x1204 ============================================================
18:30:20.0555 0x1204 KLMD registered as C:\Windows\system32\drivers\26654892.sys
18:30:20.0971 0x1204 System UUID: {E13852A2-0DBF-B17D-64B2-983CA2AC3747}
18:30:21.0564 0x1204 Drive \Device\Harddisk0\DR0 - Size: 0x4A85D56000 ( 298.09 Gb ), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:30:21.0570 0x1204 ============================================================
18:30:21.0570 0x1204 \Device\Harddisk0\DR0:
18:30:21.0570 0x1204 MBR partitions:
18:30:21.0570 0x1204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
18:30:21.0570 0x1204 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDE00000
18:30:21.0613 0x1204 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xDE33000, BlocksNum 0x14B84000
18:30:21.0613 0x1204 ============================================================
18:30:21.0658 0x1204 C: <-> \Device\Harddisk0\DR0\Partition2
18:30:21.0761 0x1204 D: <-> \Device\Harddisk0\DR0\Partition3
18:30:21.0779 0x1204 ============================================================
18:30:21.0779 0x1204 Initialize success
18:30:21.0779 0x1204 ============================================================
18:31:07.0778 0x144c ============================================================
18:31:07.0778 0x144c Scan started
18:31:07.0778 0x144c Mode: Manual;
18:31:07.0778 0x144c ============================================================
18:31:07.0778 0x144c KSN ping started
18:31:10.0484 0x144c KSN ping finished: true
18:31:15.0462 0x144c ================ Scan system memory ========================
18:31:15.0462 0x144c System memory - ok
18:31:15.0463 0x144c ================ Scan services =============================
18:31:15.0628 0x144c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
18:31:15.0633 0x144c 1394ohci - ok
18:31:15.0698 0x144c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
18:31:15.0704 0x144c ACPI - ok
18:31:15.0744 0x144c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
18:31:15.0745 0x144c AcpiPmi - ok
18:31:15.0923 0x144c [ 28FFB14117CCEDD7D2F124596AA9B785, 8FC482C6444C904B5536979B3354597FD714634EC7372B464118C42AA9DCB58A ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:31:15.0929 0x144c AdobeFlashPlayerUpdateSvc - ok
18:31:15.0988 0x144c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:31:16.0000 0x144c adp94xx - ok
18:31:16.0022 0x144c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:31:16.0030 0x144c adpahci - ok
18:31:16.0078 0x144c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:31:16.0083 0x144c adpu320 - ok
18:31:16.0123 0x144c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:31:16.0125 0x144c AeLookupSvc - ok
18:31:16.0183 0x144c [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\Windows\system32\drivers\afd.sys
18:31:16.0193 0x144c AFD - ok
18:31:16.0247 0x144c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
18:31:16.0249 0x144c agp440 - ok
18:31:16.0283 0x144c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:31:16.0286 0x144c ALG - ok
18:31:16.0334 0x144c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
18:31:16.0335 0x144c aliide - ok
18:31:16.0372 0x144c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
18:31:16.0373 0x144c amdide - ok
18:31:16.0397 0x144c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:31:16.0399 0x144c AmdK8 - ok
18:31:16.0417 0x144c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:31:16.0419 0x144c AmdPPM - ok
18:31:16.0444 0x144c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
18:31:16.0446 0x144c amdsata - ok
18:31:16.0465 0x144c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:31:16.0469 0x144c amdsbs - ok
18:31:16.0496 0x144c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
18:31:16.0497 0x144c amdxata - ok
18:31:16.0657 0x144c [ 37CD9EB03B36D8329F96BA921470DB54, 0CD3BFBA51F84D83E3B208D2BED7CE8E91B447B2037014663EC7CB8E5A925201 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
18:31:16.0675 0x144c AntiVirMailService - ok
18:31:16.0797 0x144c [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:31:16.0806 0x144c AntiVirSchedulerService - ok
18:31:16.0901 0x144c [ 98C06275DB53A1E70AB8CB94013B20D4, 5DE48C829A66B0F4C8119E75D985D63C1020FA318696BD19E44E0A07CD6F1ED0 ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:31:16.0910 0x144c AntiVirService - ok
18:31:17.0032 0x144c [ 1F5CC3C23E10290A3FF9CAA74AA30D07, A4F1F3465A5E0A914EE5A4FEF4A6B639956BA04B7145EF68820BC2A15DEE4162 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:31:17.0059 0x144c AntiVirWebService - ok
18:31:17.0195 0x144c [ 0B639391B2710A610100490D0CAC3650, D0D4B89F26DAAF11DD7D11736708FBE1536FD9770A17FABC0C098D7B213BAAA7 ] APNMCP C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
18:31:17.0200 0x144c APNMCP - ok
18:31:17.0256 0x144c [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
18:31:17.0258 0x144c AppID - ok
18:31:17.0291 0x144c [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:31:17.0293 0x144c AppIDSvc - ok
18:31:17.0383 0x144c [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\Windows\System32\appinfo.dll
18:31:17.0385 0x144c Appinfo - ok
18:31:17.0432 0x144c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:31:17.0435 0x144c arc - ok
18:31:17.0442 0x144c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:31:17.0445 0x144c arcsas - ok
18:31:17.0667 0x144c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
18:31:17.0691 0x144c aspnet_state - ok
18:31:17.0728 0x144c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:31:17.0729 0x144c AsyncMac - ok
18:31:17.0768 0x144c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
18:31:17.0769 0x144c atapi - ok
18:31:17.0851 0x144c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:31:17.0864 0x144c AudioEndpointBuilder - ok
18:31:17.0884 0x144c [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:31:17.0897 0x144c AudioSrv - ok
18:31:17.0986 0x144c [ 742D578C28F6F58B8B576F91A1D8EB4E, 6C49EC198E67CE40728F0C19CB2BDCB59310BA59324F58E4D456DA2C8CC28BA6 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:31:17.0989 0x144c avgntflt - ok
18:31:18.0062 0x144c [ FBC2483AD62FBC8BD76A4254C50874BA, 04398AB0221535DD5D0A1AF6CA107F815CD607E668E2E7887D061FCED7373728 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:31:18.0065 0x144c avipbb - ok
18:31:18.0184 0x144c [ 98BB62ABFD17F284C3C5DE40F8266F3C, CD08C737BE9FC32FF98252FCFFCAE779EC6FAB76BF80F0835ACE71F1E155D70D ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
18:31:18.0191 0x144c Avira.ServiceHost - ok
18:31:18.0252 0x144c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:31:18.0253 0x144c avkmgr - ok
18:31:18.0308 0x144c [ 7FDC860B34BDFFDFCE98622F81F24FA9, 3EF774A7F2EB741633611400161B6D4F642F9357BF6E957E14E70D1645BE6466 ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
18:31:18.0310 0x144c avnetflt - ok
18:31:18.0363 0x144c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:31:18.0366 0x144c AxInstSV - ok
18:31:18.0427 0x144c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:31:18.0437 0x144c b06bdrv - ok
18:31:18.0494 0x144c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:31:18.0500 0x144c b57nd60a - ok
18:31:18.0664 0x144c [ 63DD9C990883709053DD2C427DF0DB6F, 027E45F0A068D7C0A4F22A3BA1097F41369A52F88D233E1F3569E2C301B93180 ] BCM43XX C:\Windows\system32\DRIVERS\bcmwl664.sys
18:31:18.0779 0x144c BCM43XX - ok
18:31:18.0838 0x144c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:31:18.0841 0x144c BDESVC - ok
18:31:18.0892 0x144c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:31:18.0893 0x144c Beep - ok
18:31:18.0962 0x144c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
18:31:18.0978 0x144c BFE - ok
18:31:19.0044 0x144c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
18:31:19.0071 0x144c BITS - ok
18:31:19.0101 0x144c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:31:19.0102 0x144c blbdrive - ok
18:31:19.0174 0x144c [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
18:31:19.0184 0x144c Bonjour Service - ok
18:31:19.0235 0x144c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:31:19.0237 0x144c bowser - ok
18:31:19.0278 0x144c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:31:19.0279 0x144c BrFiltLo - ok
18:31:19.0315 0x144c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:31:19.0316 0x144c BrFiltUp - ok
18:31:19.0382 0x144c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
18:31:19.0385 0x144c Browser - ok
18:31:19.0428 0x144c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:31:19.0434 0x144c Brserid - ok
18:31:19.0459 0x144c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:31:19.0460 0x144c BrSerWdm - ok
18:31:19.0477 0x144c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:31:19.0478 0x144c BrUsbMdm - ok
18:31:19.0482 0x144c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:31:19.0485 0x144c BrUsbSer - ok
18:31:19.0554 0x144c [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
18:31:19.0555 0x144c BthEnum - ok
18:31:19.0560 0x144c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:31:19.0562 0x144c BTHMODEM - ok
18:31:19.0589 0x144c [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
18:31:19.0592 0x144c BthPan - ok
18:31:19.0660 0x144c [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
18:31:19.0672 0x144c BTHPORT - ok
18:31:19.0704 0x144c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:31:19.0706 0x144c bthserv - ok
18:31:19.0747 0x144c [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
18:31:19.0749 0x144c BTHUSB - ok
18:31:19.0832 0x144c [ 72CC5DCC4E67E7927F94801166CFDCDA, 2D86D3B1F0C96CA41283AE30D0856BA5B3D6155609F5EEA930E73C611DE254DC ] BTWAMPFL C:\Windows\system32\DRIVERS\btwampfl.sys
18:31:19.0840 0x144c BTWAMPFL - ok
18:31:19.0879 0x144c [ F6135859A582A7294BA7A3336E08BAA1, DE30457F91C25950C2713CE3A2AE1F1EFFBB068DD3B0BCC87700E7CBAF73C818 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
18:31:19.0882 0x144c btwaudio - ok
18:31:19.0910 0x144c [ 3DEF2370E414B4E299673558BA171A51, 5A0923D9F941ABD34EC9BEE0EB62A62F135CBF128061239CC6EA0E6752791636 ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
18:31:19.0913 0x144c btwavdt - ok
18:31:19.0987 0x144c [ F0AF04A96CA48B869284B5DC4CDB8CBB, 0C2CB95061FB4673307D7700842BB0A92F7587FA054D8CDD8373053BC211B2D3 ] btwdins C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
18:31:20.0007 0x144c btwdins - ok
18:31:20.0028 0x144c [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap C:\Windows\system32\DRIVERS\btwl2cap.sys
18:31:20.0029 0x144c btwl2cap - ok
18:31:20.0040 0x144c [ 9937E0E4DFC0030560A6DFE9D3A94B39, 0B9CF1932D4534BD7B1F5D7B7BD5FBF9C8D156838D24ABBDE475E79EEF1150F1 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
18:31:20.0040 0x144c btwrchid - ok
18:31:20.0081 0x144c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:31:20.0083 0x144c cdfs - ok
18:31:20.0136 0x144c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\drivers\cdrom.sys
18:31:20.0140 0x144c cdrom - ok
18:31:20.0198 0x144c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
18:31:20.0201 0x144c CertPropSvc - ok
18:31:20.0223 0x144c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:31:20.0224 0x144c circlass - ok
18:31:20.0262 0x144c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
18:31:20.0271 0x144c CLFS - ok
18:31:20.0333 0x144c [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:31:20.0335 0x144c clr_optimization_v2.0.50727_32 - ok
18:31:20.0358 0x0fe4 Object required for P2P: [ 37CD9EB03B36D8329F96BA921470DB54 ] AntiVirMailService
18:31:20.0377 0x144c [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:31:20.0380 0x144c clr_optimization_v2.0.50727_64 - ok
18:31:20.0475 0x144c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:31:20.0529 0x144c clr_optimization_v4.0.30319_32 - ok
18:31:20.0568 0x144c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:31:20.0583 0x144c clr_optimization_v4.0.30319_64 - ok
18:31:20.0596 0x144c clwvd - ok
18:31:20.0639 0x144c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:31:20.0640 0x144c CmBatt - ok
18:31:20.0664 0x144c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
18:31:20.0666 0x144c cmdide - ok
18:31:20.0707 0x144c [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\Windows\system32\Drivers\cng.sys
18:31:20.0715 0x144c CNG - ok
18:31:20.0761 0x144c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:31:20.0762 0x144c Compbatt - ok
18:31:20.0789 0x144c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
18:31:20.0790 0x144c CompositeBus - ok
18:31:20.0804 0x144c COMSysApp - ok
18:31:20.0832 0x144c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:31:20.0833 0x144c crcdisk - ok
18:31:20.0890 0x144c [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:31:20.0894 0x144c CryptSvc - ok
18:31:20.0942 0x144c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:31:20.0954 0x144c DcomLaunch - ok
18:31:21.0027 0x144c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:31:21.0034 0x144c defragsvc - ok
18:31:21.0090 0x144c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:31:21.0092 0x144c DfsC - ok
18:31:21.0150 0x144c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:31:21.0157 0x144c Dhcp - ok
18:31:21.0177 0x144c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:31:21.0178 0x144c discache - ok
18:31:21.0208 0x144c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:31:21.0210 0x144c Disk - ok
18:31:21.0248 0x144c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:31:21.0252 0x144c Dnscache - ok
18:31:21.0307 0x144c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
18:31:21.0312 0x144c dot3svc - ok
18:31:21.0351 0x144c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
18:31:21.0355 0x144c DPS - ok
18:31:21.0389 0x144c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:31:21.0390 0x144c drmkaud - ok
18:31:21.0455 0x144c [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:31:21.0477 0x144c DXGKrnl - ok
18:31:21.0511 0x144c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:31:21.0514 0x144c EapHost - ok
18:31:21.0665 0x144c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:31:21.0738 0x144c ebdrv - ok
18:31:21.0780 0x144c [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\Windows\System32\lsass.exe
18:31:21.0782 0x144c EFS - ok
18:31:21.0858 0x144c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:31:21.0874 0x144c ehRecvr - ok
18:31:21.0905 0x144c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:31:21.0907 0x144c ehSched - ok
18:31:21.0971 0x144c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:31:21.0984 0x144c elxstor - ok
18:31:22.0062 0x144c [ B5581646636759D0DAFA8B008881C079, 0CADE029ABDCDE3A89C0786F1698C93D9A7CC981EFB3761CF243E19E178FF611 ] EPSON_EB_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40STB.EXE
18:31:22.0065 0x144c EPSON_EB_RPCV4_01 - ok
18:31:22.0090 0x144c [ 1E345F2A2D95DA3190596E691CDE9342, 9D1D48F3B749ADA598D155E11E63CD52A4EEABF9BE92A1D997D25D07CF350084 ] EPSON_PM_RPCV4_01 C:\ProgramData\EPSON\EPW!3 SSRP\E_S40RPB.EXE
18:31:22.0092 0x144c EPSON_PM_RPCV4_01 - ok
18:31:22.0124 0x144c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
18:31:22.0125 0x144c ErrDev - ok
18:31:22.0188 0x144c [ 0C8324462B9791A1ECE2A329A7378A55, 715A81FE6DEC6D2DBE132DD5098808B931DF2480BD1F14275924D01BAE337307 ] ETD C:\Windows\system32\DRIVERS\ETD.sys
18:31:22.0194 0x144c ETD - ok
18:31:22.0230 0x0e14 Object required for P2P: [ 98BB62ABFD17F284C3C5DE40F8266F3C ] Avira.ServiceHost
18:31:22.0242 0x144c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:31:22.0251 0x144c EventSystem - ok
18:31:22.0273 0x144c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:31:22.0278 0x144c exfat - ok
18:31:22.0300 0x144c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:31:22.0305 0x144c fastfat - ok
18:31:22.0370 0x144c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
18:31:22.0386 0x144c Fax - ok
18:31:22.0412 0x144c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:31:22.0413 0x144c fdc - ok
18:31:22.0432 0x144c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:31:22.0433 0x144c fdPHost - ok
18:31:22.0459 0x144c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:31:22.0460 0x144c FDResPub - ok
18:31:22.0475 0x144c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:31:22.0477 0x144c FileInfo - ok
18:31:22.0495 0x144c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:31:22.0496 0x144c Filetrace - ok
18:31:22.0515 0x144c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:31:22.0516 0x144c flpydisk - ok
18:31:22.0563 0x144c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:31:22.0569 0x144c FltMgr - ok
18:31:22.0629 0x144c [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\Windows\system32\FntCache.dll
18:31:22.0654 0x144c FontCache - ok
18:31:22.0695 0x144c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:31:22.0696 0x144c FontCache3.0.0.0 - ok
18:31:22.0717 0x144c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:31:22.0719 0x144c FsDepends - ok
18:31:22.0747 0x144c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:31:22.0748 0x144c Fs_Rec - ok
18:31:22.0817 0x144c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:31:22.0821 0x144c fvevol - ok
18:31:22.0869 0x144c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:31:22.0871 0x144c gagp30kx - ok
18:31:22.0927 0x144c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
18:31:22.0944 0x144c gpsvc - ok
18:31:22.0961 0x144c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:31:22.0962 0x144c hcw85cir - ok
18:31:23.0006 0x144c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:31:23.0012 0x144c HdAudAddService - ok
18:31:23.0043 0x144c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
18:31:23.0046 0x144c HDAudBus - ok
18:31:23.0082 0x144c [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
18:31:23.0084 0x144c HECIx64 - ok
18:31:23.0096 0x144c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:31:23.0097 0x144c HidBatt - ok
18:31:23.0126 0x144c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:31:23.0129 0x144c HidBth - ok
18:31:23.0142 0x0fe4 Object send P2P result: true
18:31:23.0143 0x144c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:31:23.0143 0x0fe4 Object required for P2P: [ 0B639391B2710A610100490D0CAC3650 ] APNMCP
18:31:23.0144 0x144c HidIr - ok
18:31:23.0173 0x144c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:31:23.0175 0x144c hidserv - ok
18:31:23.0221 0x144c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:31:23.0222 0x144c HidUsb - ok
18:31:23.0253 0x144c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
18:31:23.0256 0x144c hkmsvc - ok
18:31:23.0297 0x144c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:31:23.0302 0x144c HomeGroupListener - ok
18:31:23.0349 0x144c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:31:23.0354 0x144c HomeGroupProvider - ok
18:31:23.0397 0x144c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
18:31:23.0398 0x144c HpSAMD - ok
18:31:23.0462 0x144c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:31:23.0476 0x144c HTTP - ok
18:31:23.0489 0x144c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:31:23.0490 0x144c hwpolicy - ok
18:31:23.0544 0x144c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:31:23.0547 0x144c i8042prt - ok
18:31:23.0596 0x144c [ A5F72BB0D024E7E463344105BE613AE4, 22B1DED17118C85ACC1F57996FA13428FFE8C96051FAF5212A7E37430F4C62E8 ] iaStor C:\Windows\system32\DRIVERS\iaStor.sys
18:31:23.0606 0x144c iaStor - ok
18:31:23.0656 0x144c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
18:31:23.0665 0x144c iaStorV - ok
18:31:23.0740 0x144c [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:31:23.0760 0x144c idsvc - ok
18:31:24.0099 0x144c [ 677AA5991026A65ADA128C4B59CF2BAD, 013F9D7362960EEE1DB70EE8B90A896EACA0B752924717FD019A6DD3BFF50C00 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
18:31:24.0436 0x144c igfx - ok
18:31:24.0497 0x144c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:31:24.0499 0x144c iirsp - ok
18:31:24.0560 0x144c [ C5B04409186A27409BD069580208A6D3, CAD4B07EB498BBDF730A8362BFDF02CF3A40B28001097CB8DBB5BE20D79581BA ] IJPLMSVC C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
18:31:24.0562 0x144c IJPLMSVC - ok
18:31:24.0620 0x144c [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\Windows\System32\ikeext.dll
18:31:24.0640 0x144c IKEEXT - ok
18:31:24.0686 0x144c [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\Windows\system32\DRIVERS\Impcd.sys
18:31:24.0690 0x144c Impcd - ok
18:31:24.0829 0x144c [ A0C2C3D4C03C4FB896CFC53873784178, 7C2178B72D7B7B8FD9045A40656A4492ACF4527AAA0B7D9CB7881487AAD67D95 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
18:31:24.0908 0x144c IntcAzAudAddService - ok
18:31:24.0965 0x144c [ C6C1F19205DA83C801BE7C25F4E2EE07, AE28686272D0F3789751C8F73BE998026BA80D93539C81DDE148E34A34A9AD0C ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
18:31:24.0972 0x144c IntcDAud - ok
18:31:25.0005 0x0e14 Object send P2P result: true
18:31:25.0018 0x144c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
18:31:25.0019 0x144c intelide - ok
18:31:25.0062 0x144c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:31:25.0064 0x144c intelppm - ok
18:31:25.0093 0x144c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:31:25.0097 0x144c IPBusEnum - ok
18:31:25.0135 0x144c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:31:25.0137 0x144c IpFilterDriver - ok
18:31:25.0195 0x144c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:31:25.0210 0x144c iphlpsvc - ok
18:31:25.0244 0x144c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
18:31:25.0246 0x144c IPMIDRV - ok
18:31:25.0264 0x144c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:31:25.0266 0x144c IPNAT - ok
18:31:25.0304 0x144c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:31:25.0306 0x144c IRENUM - ok
18:31:25.0334 0x144c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
18:31:25.0335 0x144c isapnp - ok
18:31:25.0359 0x144c [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
18:31:25.0364 0x144c iScsiPrt - ok
18:31:25.0407 0x144c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
18:31:25.0409 0x144c kbdclass - ok
18:31:25.0443 0x144c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
18:31:25.0444 0x144c kbdhid - ok
18:31:25.0463 0x144c [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\Windows\system32\lsass.exe
18:31:25.0465 0x144c KeyIso - ok
18:31:25.0500 0x144c [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:31:25.0502 0x144c KSecDD - ok
18:31:25.0541 0x144c [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:31:25.0545 0x144c KSecPkg - ok
18:31:25.0578 0x144c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:31:25.0579 0x144c ksthunk - ok
18:31:25.0620 0x144c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:31:25.0629 0x144c KtmRm - ok
18:31:25.0693 0x144c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
18:31:25.0699 0x144c LanmanServer - ok
18:31:25.0739 0x144c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:31:25.0742 0x144c LanmanWorkstation - ok
18:31:25.0769 0x144c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:31:25.0771 0x144c lltdio - ok
18:31:25.0802 0x144c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:31:25.0810 0x144c lltdsvc - ok
18:31:25.0822 0x144c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:31:25.0823 0x144c lmhosts - ok
18:31:25.0893 0x0fe4 Object send P2P result: true
18:31:25.0932 0x144c [ 23D990150D56B670A62B21B9ABDD45EE, BB9DBC0D02474976420321162C3AB1FDF975FA0494B1030488B03BC98A65F888 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
18:31:25.0939 0x144c LMS - ok
18:31:25.0973 0x144c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:31:25.0976 0x144c LSI_FC - ok
18:31:25.0995 0x144c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:31:25.0998 0x144c LSI_SAS - ok
18:31:26.0007 0x144c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:31:26.0009 0x144c LSI_SAS2 - ok
18:31:26.0024 0x144c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:31:26.0027 0x144c LSI_SCSI - ok
18:31:26.0051 0x144c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:31:26.0054 0x144c luafv - ok
18:31:26.0110 0x144c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:31:26.0113 0x144c Mcx2Svc - ok
18:31:26.0130 0x144c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:31:26.0131 0x144c megasas - ok
18:31:26.0158 0x144c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:31:26.0165 0x144c MegaSR - ok
18:31:26.0202 0x144c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:31:26.0204 0x144c MMCSS - ok
18:31:26.0217 0x144c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:31:26.0218 0x144c Modem - ok
18:31:26.0258 0x144c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:31:26.0259 0x144c monitor - ok
18:31:26.0304 0x144c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:31:26.0306 0x144c mouclass - ok
18:31:26.0334 0x144c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:31:26.0335 0x144c mouhid - ok
18:31:26.0378 0x144c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:31:26.0380 0x144c mountmgr - ok
18:31:26.0429 0x144c [ A43F5F2D3D71A902502D61E71A18C265, 9685DABFF80EFFFD28B9B12696BF4821F30989C8441EA0AA3FF0F03ED799AD9D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
18:31:26.0432 0x144c MozillaMaintenance - ok
18:31:26.0458 0x144c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
18:31:26.0461 0x144c mpio - ok
18:31:26.0472 0x144c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:31:26.0474 0x144c mpsdrv - ok
18:31:26.0538 0x144c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
18:31:26.0557 0x144c MpsSvc - ok
18:31:26.0594 0x144c [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:31:26.0597 0x144c MRxDAV - ok
18:31:26.0637 0x144c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:31:26.0641 0x144c mrxsmb - ok
18:31:26.0673 0x144c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:31:26.0681 0x144c mrxsmb10 - ok
18:31:26.0697 0x144c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:31:26.0700 0x144c mrxsmb20 - ok
18:31:26.0727 0x144c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
18:31:26.0729 0x144c msahci - ok
18:31:26.0744 0x144c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
18:31:26.0747 0x144c msdsm - ok
18:31:26.0770 0x144c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:31:26.0775 0x144c MSDTC - ok
18:31:26.0808 0x144c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:31:26.0810 0x144c Msfs - ok
18:31:26.0831 0x144c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:31:26.0831 0x144c mshidkmdf - ok
18:31:26.0849 0x144c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
18:31:26.0849 0x144c msisadrv - ok
18:31:26.0894 0x144c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:31:26.0898 0x144c MSiSCSI - ok
18:31:26.0902 0x144c msiserver - ok
18:31:26.0934 0x144c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:31:26.0935 0x144c MSKSSRV - ok
18:31:26.0939 0x144c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:31:26.0940 0x144c MSPCLOCK - ok
18:31:26.0951 0x144c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:31:26.0951 0x144c MSPQM - ok
18:31:26.0997 0x144c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:31:27.0005 0x144c MsRPC - ok
18:31:27.0035 0x144c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
18:31:27.0036 0x144c mssmbios - ok
18:31:27.0054 0x144c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:31:27.0054 0x144c MSTEE - ok
18:31:27.0061 0x144c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:31:27.0062 0x144c MTConfig - ok
18:31:27.0085 0x144c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:31:27.0086 0x144c Mup - ok
18:31:27.0133 0x144c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
18:31:27.0144 0x144c napagent - ok
18:31:27.0197 0x144c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:31:27.0203 0x144c NativeWifiP - ok
18:31:27.0276 0x144c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
18:31:27.0303 0x144c NDIS - ok
18:31:27.0324 0x144c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:31:27.0326 0x144c NdisCap - ok
18:31:27.0354 0x144c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:31:27.0356 0x144c NdisTapi - ok
18:31:27.0402 0x144c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:31:27.0404 0x144c Ndisuio - ok
18:31:27.0446 0x144c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:31:27.0450 0x144c NdisWan - ok
18:31:27.0486 0x144c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:31:27.0489 0x144c NDProxy - ok
18:31:27.0525 0x144c [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys
18:31:27.0526 0x144c Netaapl - ok
18:31:27.0544 0x144c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:31:27.0546 0x144c NetBIOS - ok
18:31:27.0584 0x144c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:31:27.0590 0x144c NetBT - ok
18:31:27.0604 0x144c [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\Windows\system32\lsass.exe
18:31:27.0607 0x144c Netlogon - ok
18:31:27.0647 0x144c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:31:27.0655 0x144c Netman - ok
18:31:27.0699 0x144c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:31:27.0718 0x144c NetMsmqActivator - ok
18:31:27.0728 0x144c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:31:27.0731 0x144c NetPipeActivator - ok
18:31:27.0757 0x144c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:31:27.0767 0x144c netprofm - ok
18:31:27.0787 0x144c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:31:27.0790 0x144c NetTcpActivator - ok
18:31:27.0797 0x144c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:31:27.0800 0x144c NetTcpPortSharing - ok
18:31:27.0821 0x144c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:31:27.0823 0x144c nfrd960 - ok
18:31:27.0846 0x144c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
18:31:27.0853 0x144c NlaSvc - ok
18:31:27.0870 0x144c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:31:27.0872 0x144c Npfs - ok
18:31:27.0892 0x144c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:31:27.0894 0x144c nsi - ok
18:31:27.0912 0x144c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:31:27.0913 0x144c nsiproxy - ok
18:31:27.0998 0x144c [ E453ACF4E7D44E5530B5D5F2B9CA8563, 85EEBCBB3187A21282619A0264C10E9E52EFE4387F3425D3D279EF460DA3AD06 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:31:28.0043 0x144c Ntfs - ok
18:31:28.0066 0x144c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:31:28.0067 0x144c Null - ok
18:31:28.0102 0x144c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
18:31:28.0105 0x144c nvraid - ok
18:31:28.0130 0x144c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
18:31:28.0133 0x144c nvstor - ok
18:31:28.0167 0x144c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
18:31:28.0170 0x144c nv_agp - ok
18:31:28.0201 0x144c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
18:31:28.0203 0x144c ohci1394 - ok
18:31:28.0245 0x144c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:31:28.0253 0x144c p2pimsvc - ok
18:31:28.0274 0x144c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:31:28.0285 0x144c p2psvc - ok
18:31:28.0316 0x144c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:31:28.0318 0x144c Parport - ok
18:31:28.0348 0x144c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:31:28.0350 0x144c partmgr - ok
18:31:28.0366 0x144c [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
18:31:28.0371 0x144c PcaSvc - ok
18:31:28.0401 0x144c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
18:31:28.0405 0x144c pci - ok
18:31:28.0431 0x144c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
18:31:28.0432 0x144c pciide - ok
18:31:28.0459 0x144c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:31:28.0464 0x144c pcmcia - ok
18:31:28.0485 0x144c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:31:28.0486 0x144c pcw - ok
18:31:28.0515 0x144c [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:31:28.0529 0x144c PEAUTH - ok
18:31:28.0601 0x144c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:31:28.0603 0x144c PerfHost - ok
18:31:28.0680 0x144c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
18:31:28.0712 0x144c pla - ok
18:31:28.0754 0x144c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:31:28.0766 0x144c PlugPlay - ok
18:31:28.0794 0x144c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:31:28.0796 0x144c PNRPAutoReg - ok
18:31:28.0834 0x144c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:31:28.0842 0x144c PNRPsvc - ok
18:31:28.0894 0x144c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:31:28.0905 0x144c PolicyAgent - ok
18:31:28.0969 0x144c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:31:28.0974 0x144c Power - ok
18:31:29.0020 0x144c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:31:29.0022 0x144c PptpMiniport - ok
18:31:29.0042 0x144c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:31:29.0043 0x144c Processor - ok
18:31:29.0080 0x144c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
18:31:29.0085 0x144c ProfSvc - ok
18:31:29.0101 0x144c [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\Windows\system32\lsass.exe
18:31:29.0103 0x144c ProtectedStorage - ok
18:31:29.0140 0x144c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:31:29.0143 0x144c Psched - ok
18:31:29.0199 0x144c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:31:29.0239 0x144c ql2300 - ok
18:31:29.0273 0x144c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:31:29.0276 0x144c ql40xx - ok
18:31:29.0315 0x144c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:31:29.0322 0x144c QWAVE - ok
18:31:29.0335 0x144c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:31:29.0336 0x144c QWAVEdrv - ok
18:31:29.0357 0x144c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:31:29.0357 0x144c RasAcd - ok
18:31:29.0403 0x144c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:31:29.0405 0x144c RasAgileVpn - ok
18:31:29.0416 0x144c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:31:29.0420 0x144c RasAuto - ok
18:31:29.0457 0x144c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:31:29.0460 0x144c Rasl2tp - ok
18:31:29.0505 0x144c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
18:31:29.0514 0x144c RasMan - ok
18:31:29.0537 0x144c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:31:29.0540 0x144c RasPppoe - ok
18:31:29.0553 0x144c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:31:29.0555 0x144c RasSstp - ok
18:31:29.0603 0x144c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:31:29.0610 0x144c rdbss - ok
18:31:29.0630 0x144c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:31:29.0631 0x144c rdpbus - ok
18:31:29.0647 0x144c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:31:29.0648 0x144c RDPCDD - ok
18:31:29.0667 0x144c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:31:29.0668 0x144c RDPENCDD - ok
18:31:29.0683 0x144c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:31:29.0684 0x144c RDPREFMP - ok
18:31:29.0717 0x144c [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:31:29.0723 0x144c RDPWD - ok
18:31:29.0766 0x144c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:31:29.0770 0x144c rdyboost - ok
18:31:29.0799 0x144c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:31:29.0803 0x144c RemoteAccess - ok
18:31:29.0830 0x144c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:31:29.0834 0x144c RemoteRegistry - ok
18:31:29.0877 0x144c [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
18:31:29.0880 0x144c RFCOMM - ok
18:31:29.0896 0x144c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:31:29.0899 0x144c RpcEptMapper - ok
18:31:29.0925 0x144c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:31:29.0926 0x144c RpcLocator - ok
18:31:29.0969 0x144c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
18:31:29.0981 0x144c RpcSs - ok
18:31:30.0016 0x144c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:31:30.0018 0x144c rspndr - ok
18:31:30.0063 0x144c [ BFE0EF0C4C15820698F50AD73AF5E35F, 7F25EA295A6F3244DDEC5E9053C05010A21A8B35DFF084A2A4F6B798B9C77DDA ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:31:30.0072 0x144c RTL8167 - ok
18:31:30.0139 0x144c [ 4CA0DBA9E224473D664C25E411F5A3BD, 71423A66165782EFB4DB7BE6CE48DDB463D9F65FD0F266D333A6558791D158E5 ] rtport C:\Windows\SysWOW64\drivers\rtport.sys
18:31:30.0140 0x144c rtport - ok
18:31:30.0175 0x144c [ 62DB6CC4B0818F1B5F3441241B098F12, 7A53B3FBA3F82EDE6FA688E531FBE7EC9E1AE329090C0AFE0DCD64F65BD90F21 ] SABI C:\Windows\system32\Drivers\SABI.sys
18:31:30.0176 0x144c SABI - ok
18:31:30.0188 0x144c [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\Windows\system32\lsass.exe
18:31:30.0190 0x144c SamSs - ok
18:31:30.0226 0x144c [ D641337B75B9A9D5AE10687AA1097755, 1495654D9090FDE04EF8605D1C8A4B0ACA1A50A4E0A992DE2F049CB8413E860C ] Samsung UPD Service C:\Windows\System32\SUPDSvc.exe
18:31:30.0230 0x144c Samsung UPD Service - ok
18:31:30.0267 0x144c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
18:31:30.0270 0x144c sbp2port - ok
18:31:30.0295 0x144c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:31:30.0300 0x144c SCardSvr - ok
18:31:30.0338 0x144c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:31:30.0339 0x144c scfilter - ok
18:31:30.0403 0x144c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
18:31:30.0426 0x144c Schedule - ok
18:31:30.0458 0x144c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:31:30.0460 0x144c SCPolicySvc - ok
18:31:30.0492 0x144c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:31:30.0497 0x144c SDRSVC - ok
18:31:30.0536 0x144c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:31:30.0538 0x144c secdrv - ok
18:31:30.0576 0x144c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
18:31:30.0578 0x144c seclogon - ok
18:31:30.0602 0x144c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:31:30.0606 0x144c SENS - ok
18:31:30.0623 0x144c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:31:30.0625 0x144c SensrSvc - ok
18:31:30.0643 0x144c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:31:30.0644 0x144c Serenum - ok
18:31:30.0677 0x144c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:31:30.0680 0x144c Serial - ok
18:31:30.0705 0x144c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:31:30.0706 0x144c sermouse - ok
18:31:30.0750 0x144c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
18:31:30.0755 0x144c SessionEnv - ok
18:31:30.0784 0x144c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
18:31:30.0786 0x144c sffdisk - ok
18:31:30.0802 0x144c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
18:31:30.0804 0x144c sffp_mmc - ok
18:31:30.0835 0x144c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
18:31:30.0837 0x144c sffp_sd - ok
18:31:30.0858 0x144c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:31:30.0860 0x144c sfloppy - ok
18:31:30.0891 0x144c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:31:30.0900 0x144c SharedAccess - ok
18:31:30.0948 0x144c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:31:30.0957 0x144c ShellHWDetection - ok
18:31:30.0985 0x144c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:31:30.0986 0x144c SiSRaid2 - ok
18:31:31.0003 0x144c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:31:31.0005 0x144c SiSRaid4 - ok
18:31:31.0034 0x144c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:31:31.0036 0x144c Smb - ok
18:31:31.0098 0x144c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:31:31.0101 0x144c SNMPTRAP - ok
18:31:31.0128 0x144c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:31:31.0129 0x144c spldr - ok
18:31:31.0179 0x144c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
18:31:31.0192 0x144c Spooler - ok
18:31:31.0354 0x144c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
18:31:31.0434 0x144c sppsvc - ok
18:31:31.0460 0x144c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:31:31.0464 0x144c sppuinotify - ok
18:31:31.0503 0x144c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:31:31.0512 0x144c srv - ok
18:31:31.0531 0x144c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:31:31.0539 0x144c srv2 - ok
18:31:31.0552 0x144c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:31:31.0557 0x144c srvnet - ok
18:31:31.0590 0x144c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:31:31.0595 0x144c SSDPSRV - ok
18:31:31.0612 0x144c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:31:31.0615 0x144c SstpSvc - ok
18:31:31.0642 0x144c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:31:31.0643 0x144c stexstor - ok
18:31:31.0682 0x144c [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
18:31:31.0684 0x144c StillCam - ok
18:31:31.0738 0x144c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
18:31:31.0752 0x144c stisvc - ok
18:31:31.0783 0x144c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
18:31:31.0784 0x144c swenum - ok
18:31:31.0819 0x144c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:31:31.0833 0x144c swprv - ok
18:31:31.0919 0x144c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
18:31:31.0957 0x144c SysMain - ok
18:31:31.0997 0x144c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:31:32.0000 0x144c TabletInputService - ok
18:31:32.0025 0x144c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
18:31:32.0035 0x144c TapiSrv - ok
18:31:32.0057 0x144c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:31:32.0060 0x144c TBS - ok
18:31:32.0163 0x144c [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:31:32.0210 0x144c Tcpip - ok
18:31:32.0270 0x144c [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:31:32.0305 0x144c TCPIP6 - ok
18:31:32.0352 0x144c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:31:32.0354 0x144c tcpipreg - ok
18:31:32.0380 0x144c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:31:32.0381 0x144c TDPIPE - ok
18:31:32.0417 0x144c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:31:32.0418 0x144c TDTCP - ok
18:31:32.0463 0x144c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:31:32.0466 0x144c tdx - ok
18:31:32.0494 0x144c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
18:31:32.0495 0x144c TermDD - ok
18:31:32.0560 0x144c [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
18:31:32.0574 0x144c TermService - ok
18:31:32.0600 0x144c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:31:32.0603 0x144c Themes - ok
18:31:32.0613 0x144c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:31:32.0616 0x144c THREADORDER - ok
18:31:32.0635 0x144c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:31:32.0639 0x144c TrkWks - ok
18:31:32.0686 0x144c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:31:32.0691 0x144c TrustedInstaller - ok
18:31:32.0726 0x144c [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:31:32.0728 0x144c tssecsrv - ok
18:31:32.0793 0x144c [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
18:31:32.0795 0x144c TsUsbFlt - ok
18:31:32.0850 0x144c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:31:32.0852 0x144c tunnel - ok
18:31:32.0887 0x144c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:31:32.0888 0x144c uagp35 - ok
18:31:32.0931 0x144c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:31:32.0937 0x144c udfs - ok
18:31:32.0968 0x144c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:31:32.0970 0x144c UI0Detect - ok
18:31:33.0000 0x144c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
18:31:33.0002 0x144c uliagpkx - ok
18:31:33.0033 0x144c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
18:31:33.0034 0x144c umbus - ok
18:31:33.0051 0x144c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:31:33.0051 0x144c UmPass - ok
18:31:33.0275 0x144c [ CBDEE152D73200EE49031A26310B9D3E, 92E22235446F8DB3BFE97EDE7DE7D33F43EAC5957C5B41ACCEC4EBFD19BFF819 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
18:31:33.0336 0x144c UNS - ok
18:31:33.0364 0x144c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:31:33.0372 0x144c upnphost - ok
18:31:33.0408 0x144c [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
18:31:33.0409 0x144c USBAAPL64 - ok
18:31:33.0443 0x144c [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:31:33.0445 0x144c usbccgp - ok
18:31:33.0480 0x144c [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\Windows\system32\drivers\usbcir.sys
18:31:33.0482 0x144c usbcir - ok
18:31:33.0505 0x144c [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\Windows\system32\drivers\usbehci.sys
18:31:33.0507 0x144c usbehci - ok
18:31:33.0542 0x144c [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:31:33.0549 0x144c usbhub - ok
18:31:33.0569 0x144c [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\Windows\system32\drivers\usbohci.sys
18:31:33.0570 0x144c usbohci - ok
18:31:33.0593 0x144c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:31:33.0594 0x144c usbprint - ok
18:31:33.0628 0x144c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:31:33.0631 0x144c USBSTOR - ok
18:31:33.0661 0x144c [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
18:31:33.0662 0x144c usbuhci - ok
18:31:33.0701 0x144c [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
18:31:33.0705 0x144c usbvideo - ok
18:31:33.0729 0x144c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:31:33.0731 0x144c UxSms - ok
18:31:33.0738 0x144c [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\Windows\system32\lsass.exe
18:31:33.0739 0x144c VaultSvc - ok
18:31:33.0766 0x144c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
18:31:33.0767 0x144c vdrvroot - ok
18:31:33.0819 0x144c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
18:31:33.0833 0x144c vds - ok
18:31:33.0873 0x144c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:31:33.0874 0x144c vga - ok
18:31:33.0886 0x144c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:31:33.0887 0x144c VgaSave - ok
18:31:33.0920 0x144c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
18:31:33.0924 0x144c vhdmp - ok
18:31:33.0954 0x144c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
18:31:33.0955 0x144c viaide - ok
18:31:33.0992 0x144c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
18:31:33.0994 0x144c volmgr - ok
18:31:34.0033 0x144c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:31:34.0041 0x144c volmgrx - ok
18:31:34.0064 0x144c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
18:31:34.0070 0x144c volsnap - ok
18:31:34.0104 0x144c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:31:34.0110 0x144c vsmraid - ok
18:31:34.0189 0x144c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
18:31:34.0224 0x144c VSS - ok
18:31:34.0239 0x144c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:31:34.0240 0x144c vwifibus - ok
18:31:34.0267 0x144c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:31:34.0268 0x144c vwififlt - ok
18:31:34.0301 0x144c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:31:34.0313 0x144c W32Time - ok
18:31:34.0338 0x144c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:31:34.0339 0x144c WacomPen - ok
18:31:34.0391 0x144c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:31:34.0393 0x144c WANARP - ok
18:31:34.0399 0x144c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:31:34.0401 0x144c Wanarpv6 - ok
18:31:34.0477 0x144c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
18:31:34.0518 0x144c wbengine - ok
18:31:34.0559 0x144c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:31:34.0565 0x144c WbioSrvc - ok
18:31:34.0606 0x144c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:31:34.0615 0x144c wcncsvc - ok
18:31:34.0632 0x144c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:31:34.0634 0x144c WcsPlugInService - ok
18:31:34.0659 0x144c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:31:34.0661 0x144c Wd - ok
18:31:34.0728 0x144c [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:31:34.0754 0x144c Wdf01000 - ok
18:31:34.0768 0x144c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:31:34.0771 0x144c WdiServiceHost - ok
18:31:34.0777 0x144c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:31:34.0781 0x144c WdiSystemHost - ok
18:31:34.0820 0x144c [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\Windows\System32\webclnt.dll
18:31:34.0827 0x144c WebClient - ok
18:31:34.0847 0x144c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:31:34.0854 0x144c Wecsvc - ok
18:31:34.0885 0x144c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:31:34.0888 0x144c wercplsupport - ok
18:31:34.0925 0x144c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:31:34.0930 0x144c WerSvc - ok
18:31:34.0960 0x144c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:31:34.0961 0x144c WfpLwf - ok
18:31:34.0975 0x144c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:31:34.0977 0x144c WIMMount - ok
18:31:35.0010 0x144c WinDefend - ok
18:31:35.0032 0x144c WinHttpAutoProxySvc - ok
18:31:35.0098 0x144c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:31:35.0104 0x144c Winmgmt - ok
18:31:35.0204 0x144c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
18:31:35.0252 0x144c WinRM - ok
18:31:35.0311 0x144c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
18:31:35.0312 0x144c WinUsb - ok
18:31:35.0362 0x144c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:31:35.0382 0x144c Wlansvc - ok
18:31:35.0456 0x144c [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
18:31:35.0458 0x144c wlcrasvc - ok
18:31:35.0568 0x144c [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
18:31:35.0623 0x144c wlidsvc - ok
18:31:35.0659 0x144c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
18:31:35.0660 0x144c WmiAcpi - ok
18:31:35.0694 0x144c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:31:35.0699 0x144c wmiApSrv - ok
18:31:35.0725 0x144c WMPNetworkSvc - ok
18:31:35.0749 0x144c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:31:35.0751 0x144c WPCSvc - ok
18:31:35.0789 0x144c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:31:35.0793 0x144c WPDBusEnum - ok
18:31:35.0829 0x144c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:31:35.0830 0x144c ws2ifsl - ok
18:31:35.0852 0x144c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
18:31:35.0855 0x144c wscsvc - ok
18:31:35.0860 0x144c WSearch - ok
18:31:35.0969 0x144c [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
18:31:36.0024 0x144c wuauserv - ok
18:31:36.0061 0x144c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:31:36.0063 0x144c WudfPf - ok
18:31:36.0094 0x144c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
18:31:36.0098 0x144c WUDFRd - ok
18:31:36.0132 0x144c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:31:36.0136 0x144c wudfsvc - ok
18:31:36.0166 0x144c [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:31:36.0173 0x144c WwanSvc - ok
18:31:36.0203 0x144c ================ Scan global ===============================
18:31:36.0235 0x144c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:31:36.0272 0x144c [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
18:31:36.0286 0x144c [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\Windows\system32\winsrv.dll
18:31:36.0322 0x144c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:31:36.0360 0x144c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:31:36.0367 0x144c [ Global ] - ok
18:31:36.0369 0x144c ================ Scan MBR ==================================
18:31:36.0381 0x144c [ 2E5DEBB2116B3417023E0D6562D7ED07 ] \Device\Harddisk0\DR0
18:31:36.0675 0x144c \Device\Harddisk0\DR0 - ok
18:31:36.0676 0x144c ================ Scan VBR ==================================
18:31:36.0678 0x144c [ 703B8AC6B5FE574C87C48C3485F56A04 ] \Device\Harddisk0\DR0\Partition1
18:31:36.0680 0x144c \Device\Harddisk0\DR0\Partition1 - ok
18:31:36.0683 0x144c [ 2ACD98E94FE080042798A6D19513FAC9 ] \Device\Harddisk0\DR0\Partition2
18:31:36.0685 0x144c \Device\Harddisk0\DR0\Partition2 - ok
18:31:36.0708 0x144c [ 3C69160F19880C1F9CD2D29290D20586 ] \Device\Harddisk0\DR0\Partition3
18:31:36.0710 0x144c \Device\Harddisk0\DR0\Partition3 - ok
18:31:36.0710 0x144c ================ Scan generic autorun ======================
18:31:37.0097 0x144c [ FF01BF4D9C1D6AB832E0A788E75CC330, 64B2D68947000B3970AA97AC548791220BF5BF12B4D7F39C6BB3E373BB42BD3E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
18:31:37.0438 0x144c RtHDVCpl - ok
18:31:37.0455 0x144c ETDCtrl - ok
18:31:37.0564 0x144c [ 1CE11C53E562D5F7EAFCF47E0E696516, 4E8264DB3CA9B2344905BC2CAE6A9E73190A3CCF3D154B3CBDAF4F73F8FCD64B ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
18:31:37.0582 0x144c avgnt - ok
18:31:37.0740 0x144c [ BCD38B6829D070527B869614EB1C1E30, 5E5054C01EE331BA8B2921D9CBB642090E70A6C92402F0F601D445D448F117E4 ] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
18:31:37.0778 0x144c ApnTBMon - ok
18:31:37.0821 0x144c [ 82CC8F77E9EC61C6B4D48DD4D5CA78E7, 51F3072F9AB9C6B8FF62731834530870A517F3099D1E94E8E2F953484B7A04FE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
18:31:37.0823 0x144c APSDaemon - ok
18:31:37.0873 0x144c [ 86069F4F421FB355C41FD734500E477F, CB4CE22C3298280B033105875079A373D7E1ADEA15F0F71A2095CCA50CF7E5A5 ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
18:31:37.0875 0x144c Avira SystrayStartTrigger - ok
18:31:38.0052 0x144c [ 54DF749F4F7F6A2BD7CD624523229BE3, 88BBD73B136AEE81AFE2052F2855959BCFC09E53434B17EBC62DC2BB2529D08D ] C:\Program Files (x86)\Trojan Remover\Trjscan.exe
18:31:38.0122 0x144c TrojanScanner - ok
18:31:38.0216 0x144c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:31:38.0242 0x144c Sidebar - ok
18:31:38.0264 0x144c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:31:38.0267 0x144c mctadmin - ok
18:31:38.0298 0x144c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
18:31:38.0323 0x144c Sidebar - ok
18:31:38.0331 0x144c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
18:31:38.0334 0x144c mctadmin - ok
18:31:38.0336 0x144c Waiting for KSN requests completion. In queue: 281
18:31:39.0336 0x144c Waiting for KSN requests completion. In queue: 281
18:31:40.0337 0x144c Waiting for KSN requests completion. In queue: 281
18:31:41.0114 0x14b8 Object required for P2P: [ BCD38B6829D070527B869614EB1C1E30 ] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
18:31:41.0337 0x144c Waiting for KSN requests completion. In queue: 8
18:31:42.0337 0x144c Waiting for KSN requests completion. In queue: 8
18:31:43.0337 0x144c Waiting for KSN requests completion. In queue: 8
18:31:43.0850 0x14b8 Object send P2P result: true
18:31:44.0348 0x144c AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.16.273 ), 0x41000 ( enabled : updated )
18:31:44.0403 0x144c Win FW state via NFP2: enabled ( trusted )
18:31:47.0106 0x144c ============================================================
18:31:47.0106 0x144c Scan finished
18:31:47.0106 0x144c ============================================================
18:31:47.0119 0x1240 Detected object count: 0
18:31:47.0119 0x1240 Actual detected object count: 0
18:32:03.0318 0x028c Deinitialize success
|
|
11.04.2016, 21:35
| #4 |
| /// TB-Ausbilder /// Anleitungs-Guru | Verdächtigen Anhang geöffnet (angebl. von ebay) Scan bitte wiederholen mit den richtigen Einstellungen!
__________________ Gruß deeprybka  Lob, Kritik, Wünsche? Spende fürs trojaner-board? _______________________________________________ „Neminem laede, immo omnes, quantum potes, iuva.“ Arthur Schopenhauer |
|
| Themen zu Verdächtigen Anhang geöffnet (angebl. von ebay) |
| antivir, antivirus, avira, bonjour, canon, desktop, dnsapi.dll, ebay, fehler, firefox, flash player, helper, hijack, hijackthis, home, installation, mozilla, problem, prozesse, realtek, registry, rundll, software, super, svchost.exe, system, trojaner/virus, warnung, windows, wrapper |
Linear-Darstellung
