Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Log-Analyse und Auswertung (https://www.trojaner-board.de/log-analyse-auswertung/)
-   -   Firefox öfnnet mehrer Tabs, Downloads schlagen fehl, Microsoft Security hat keine Verbindung (https://www.trojaner-board.de/151186-firefox-oefnnet-mehrer-tabs-downloads-schlagen-fehl-microsoft-security-hat-keine-verbindung.html)

slater27 17.03.2014 23:09
Firefox öfnnet mehrer Tabs, Downloads schlagen fehl, Microsoft Security hat keine Verbindung
 
Guten Abend.

Habe mich gerade erst hier registriert und schon fange ich an euch zu quälen :S.
Vorweg muss ich gleich zu beginn gestehen dass ich ein Computerbanause bin. Habe mir hier mal durchgelesen was es zu tun gibt bevor ich ein Problem melde und hoffe, dass ich dem zu genüge nachkomme.

Ich habe seit heute Vormittag das Problem, dass sich permanent neue Tabs im Firefox öffnen. Dachte mir da anfangs noch nichts bis mir dann auffiehl, dass auch häufig downloads fehlschlagen. zudem kommt noch hinzu dass mein Microsoft Security Center nicht mehr standartmößig startet und wenn ich es dann starte, hat es keine Verbindung zu "Viren und Malewarescan".

Auf meinem PC läuft Windows 7 und es ist ein 64bit System. Intel i5 und nutze eine Lan Verbindung. Keine Ahnung ob ich sowas angeben soll, aber schaden wird es hoffentlich nicht. Hier die 3 Log-Files:


defogger_disable by jpshortstuff (23.02.10.1)
Log created at 22:47 on 17/03/2014 (Patrick)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Patrick at 2014-03-17 22:48:49
Running from E:\Benutzer\Patrick\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Flash Player 12 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
ConvertHelper 2.2 (HKLM-x32\...\{27CC6AB1-E72B-4179-AF1A-EAE507EBAF51}_is1) (Version: - DownloadHelper)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version: - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
DDS Thumbnail Viewer (HKLM-x32\...\{2205B8AE-490E-43F2-AB43-C13C2BEC86A7}) (Version: 1.00.000 - )
Definition Update for Microsoft Office 2013 (KB2760587) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BED39C88-768C-4345-BF11-58436C984F2A}) (Version: - Microsoft)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GRID 2 Incl. All DLCs MULTI-8 v.1.0.85.8679 (HKLM-x32\...\GRID 2 Incl. All DLCs MULTI-8 v.1.0.85.8679) (Version: - )
GTR 2 1.0.0.0 (HKLM-x32\...\{D560A981-FEB3-42F0-A61A-13E9528E0C51}_is1) (Version: v1.0.0.0 - 10tacle Studios Publishing AG)
GTR Evolution (HKLM-x32\...\GTR Evolution_1.1.1.2_is1) (Version: - SimBin)
HLSW v1.4.0.2 (HKLM-x32\...\HLSW_is1) (Version: - Stripf Software)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.27.757.1 - Intel Corporation) Hidden
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
KaloMa 5.00beta20100607 (HKLM-x32\...\KaloMa_is1) (Version: - Frank Böpple)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Access MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft DCF MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Excel MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Groove MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Lync MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office 32-bit Components 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Korrekturhilfen 2013 - Deutsch (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Italiano (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Word MUI (German) 2013 (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MoTeC i2 Pro (HKLM-x32\...\{D5ABB8E2-2417-43C2-AB32-911697B5E00A}) (Version: 2.00.0994 - MoTeC)
Mozilla Firefox 27.0.1 (x86 de) (HKLM-x32\...\Mozilla Firefox 27.0.1 (x86 de)) (Version: 27.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 27.0.1 - Mozilla)
NVIDIA 3D Vision Controller-Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 334.89 - NVIDIA Corporation)
NVIDIA 3D Vision Treiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 334.89 - NVIDIA Corporation)
NVIDIA DDS Utilities (HKLM-x32\...\{64963F0E-03F2-4B59-8D1B-1806545E7092}) (Version: 1.0 - )
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Grafiktreiber 334.89 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 334.89 - NVIDIA Corporation)
NVIDIA HD-Audiotreiber 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Photoshop Plug-ins (HKLM-x32\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 8.50 - )
NVIDIA Photoshop Plug-ins 64 bit (HKLM-x32\...\{5E386C5B-CDE7-435A-B5C9-EC73A1B0553A}) (Version: 8.50 - )
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX-Systemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3489 - NVIDIA Corporation) Hidden
NVIDIA Systemsteuerung 334.89 (Version: 334.89 - NVIDIA Corporation) Hidden
NVIDIA Texture Tools 2 - 64 bit (HKLM-x32\...\{65C967FA-29D8-4A5F-99C5-BC9AF1F8F9D2}) (Version: 2.0 - )
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
OTPService (HKLM-x32\...\{B05F7750-8800-4520-9732-9C841246C8E2}_is1) (Version: 1.0.004 - MSI)
Outils de vérification linguistique 2013 de Microsoft Office*- Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.208 - Qualcomm Atheros Communications)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.67.1226.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6823 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}) (Version: 3.0.23.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 3.0.23.0 - Renesas Electronics Corporation) Hidden
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
SkyTest® Trainingssoftware für Fluglotsen-Eignungstests (HKLM-x32\...\SkyTest® Trainingssoftware für Fluglotsen-Eignungstests_is1) (Version: - SkyTest®)
Source SDK Base 2006 (HKLM-x32\...\Steam App 215) (Version: - Valve)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24951 - TeamViewer)
TrackMania United (HKLM-x32\...\Steam App 7200) (Version: - Nadeo)
UltraISO Premium V9.6 (HKLM-x32\...\UltraISO_is1) (Version: - )
Update for Microsoft Access 2013 (KB2768008) 64-Bit Edition (HKLM\...\{90150000-0015-0407-1000-0000000FF1CE}_Office15.PROPLUS_{47F15B72-AB15-4B81-BDB8-28B204596EB7}) (Version: - Microsoft)
Update for Microsoft Access 2013 (KB2827233) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{614E655F-A0ED-435A-8E0C-A81EE4BA7BC7}) (Version: - Microsoft)
Update for Microsoft InfoPath 2013 (KB2837648) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{5E759A69-FA72-4B3C-BE2F-D1194764D31E}) (Version: - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{237834D6-FA98-44E1-8739-ABD56DDADC59}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726954) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{43EB1F58-DAA0-4F61-A4EE-C5651F85A047}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{76CACE05-7A19-4EAC-87D7-5BFF63AF7CDF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2726996) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{79469196-F138-4CF0-8681-F1889D53B56B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2738038) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{FEFF9FF6-FF61-455E-A8CC-3A1311A657AD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760224) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3FF4EA9F-3505-4726-A974-6593A968FFCC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760242) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9406D70B-2D9C-4613-A75A-F35B66BA8AFA}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760267) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA390537-AA88-450F-A240-5FB4648A124A}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760539) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C8D57F4A-0824-4043-89E7-3C6280B67A47}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760553) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{AC4470FB-8011-4F16-B5D4-E0A34DE10C87}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D8B3D175-48B8-413F-8484-4D81E744B51C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2760610) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{526C9E5A-A734-4DC0-B829-ED1CDE793C6B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2767845) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8587E5B1-6279-4396-B9AC-20B334F4FF88}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2768016) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{30C13416-B124-46AB-9E44-96CEFFA893F9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817314) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C809B1D6-BD31-4496-BCFE-4567E0854F5F}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{4FD8F672-3206-469C-B9F0-D6E72F7ACAB2}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{1A789784-5825-4B26-BB57-71FF7D3484CB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817316) 64-Bit Edition (HKLM\...\{90150000-0016-0407-1000-0000000FF1CE}_Office15.PROPLUS_{856D47BC-036C-4692-8702-D6CCA8F428D0}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817490) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CA0554C4-62FE-4F66-BC87-1EE1EAC675EF}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2817626) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F33ABF6A-3007-47E8-8E38-506A18E54641}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2826004) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{B38036CB-BAF6-41D4-8810-FD016453ABB9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827225) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2A286156-257B-4528-9DB5-B4D4D53211BC}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}_Office15.PROPLUS_{B5E3E636-7913-4775-BC9B-E4B56F4ED73B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0409-1000-0000000FF1CE}_Office15.PROPLUS_{92833C80-DC88-4A22-8630-407F810EF57B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}_Office15.PROPLUS_{602346D6-8E2F-4B0E-820A-CD62AC5B0DC9}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827227) 64-Bit Edition (HKLM\...\{90150000-001F-0410-1000-0000000FF1CE}_Office15.PROPLUS_{869B93B9-E75A-44DE-8AC5-A030A7A21FDD}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827230) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F2187E8D-C68A-4655-8551-1932878A5581}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2827239) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{9353CD85-4B19-45C4-8DBA-1391926351F6}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837626) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6EE51F51-57B1-4DC7-96C2-857DB7F0BE93}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837637) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{0A90C645-3F9A-4CF9-BF62-2609602E3DAB}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837638) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{3A48DE63-607B-4FEA-A862-B52669C4433C}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-006E-0407-1000-0000000FF1CE}_Office15.PROPLUS_{34F51E79-0110-4B49-A245-81319F58453E}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2837655) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{C4B559C7-AA71-4B77-ACA3-50BEA8B4241B}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version: - Microsoft)
Update for Microsoft Office 2013 (KB2850066) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{000791D2-642D-418E-A3E9-96E72D8C67B8}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00A1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{05D8C7F6-9A93-4925-B2B3-7D6507AD2FC9}) (Version: - Microsoft)
Update for Microsoft OneNote 2013 (KB2850063) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{CF6FBF49-BE22-4B98-9D7D-CB2A3236BC44}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{DF3798F3-F45C-44DA-83B7-229A9EBC9654}) (Version: - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{DAEE93F9-D258-45E4-AFD3-12AC5ED04693}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6FF949A3-1C3F-41C2-9464-933E885ECB53}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2767850) 64-Bit Edition (HKLM\...\{90150000-0018-0407-1000-0000000FF1CE}_Office15.PROPLUS_{CA014CB4-B26F-4D27-BF26-C994CC3428E5}) (Version: - Microsoft)
Update for Microsoft Project 2013 (KB2727085) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{BBD4F4CE-65D4-4CEB-AE19-E5296A57AA6C}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{2837C624-A972-43CF-BCE5-0AE2EFED72E3}) (Version: - Microsoft)
Update for Microsoft Publisher 2013 (KB2837635) 64-Bit Edition (HKLM\...\{90150000-0019-0407-1000-0000000FF1CE}_Office15.PROPLUS_{E9172003-60C1-447B-9569-7AA9FADE26B0}) (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2817495) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{A3417E9E-5B94-4BFF-AAA4-933B1AE46306}) (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00BA-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AAB7E20E-E896-495E-AD19-1A0EF515DCED}) (Version: - Microsoft)
Update for Microsoft SkyDrive Pro (KB2837652) 64-Bit Edition (HKLM\...\{90150000-00C1-0407-1000-0000000FF1CE}_Office15.PROPLUS_{AAB7E20E-E896-495E-AD19-1A0EF515DCED}) (Version: - Microsoft)
Update for Microsoft Visio 2013 (KB2817306) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{F16E7B82-23FE-4054-AB73-EAE53965251C}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2768338) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D1F1940B-94DF-4DCB-BF82-9530D7FBB1BF}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001A-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-001B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version: - Microsoft)
Update for Microsoft Word 2013 (KB2837647) 64-Bit Edition (HKLM\...\{90150000-012B-0407-1000-0000000FF1CE}_Office15.PROPLUS_{A96FBD56-0376-465E-8A60-7E73B9C51658}) (Version: - Microsoft)
VLC media player 2.1.4 (HKLM\...\VLC media player) (Version: 2.1.4 - VideoLAN)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.01 (64-Bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

==================== Restore Points =========================

12-03-2014 20:56:15 Windows Update
12-03-2014 21:58:14 Windows Update
13-03-2014 17:32:57 Installed MoTeC i2 Pro.
13-03-2014 17:52:31 Windows Update
17-03-2014 09:43:10 Windows Modules Installer
17-03-2014 10:41:47 DirectX wurde installiert
17-03-2014 13:25:37 Windows Update

==================== Scheduled Tasks (whitelisted) =============

Task: {0ADD71A4-93DE-45DD-8593-CEB1811C3362} - System32\Tasks\Microsoft Office 15 Sync Maintenance for Patrick-PC-Patrick Patrick-PC => E:\Program Files\Microsoft Office\Office15\MsoSync.exe [2013-09-10] (Microsoft Corporation)
Task: {983B36C0-7AEE-4374-83C5-FA4BB9062996} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-17] (Adobe Systems Incorporated)
Task: {B51570BD-7BC5-4F7A-A900-7BFE55BA71D6} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-12-21 10:24 - 2014-02-08 18:42 - 00117024 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-12-18 05:12 - 2012-04-12 19:59 - 00252432 _____ () C:\Program Files (x86)\MSI\OTPService\OTPService.exe
2013-12-20 14:29 - 2013-12-20 14:29 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-03-17 09:53 - 2014-02-13 01:52 - 05861376 _____ () C:\{$7093-3599-3146-6724$}\winreg.exe
2012-08-31 16:44 - 2012-08-31 16:44 - 00384128 _____ () C:\Program Files (x86)\Bluetooth Suite\ContactsApi.dll
2012-08-31 16:38 - 2012-08-31 16:38 - 00020992 _____ () C:\Program Files (x86)\Bluetooth Suite\L10n\de-DE\BtTray.de-DE.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-09-13 19:51 - 2013-09-13 19:51 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-02-14 13:52 - 2014-02-14 13:52 - 03578992 _____ () E:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:373E1720

==================== Safe Mode (whitelisted) ===================


==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Atheros AR9271 Wireless Network Adapter
Description: Atheros AR9271 Wireless Network Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Atheros Communications Inc.
Service: athur
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/17/2014 10:48:46 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2014 10:35:21 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe" -Embedding; Beschreibung = Configured Microsoft Office Professional Plus 2013; Fehler = 0x8007043c).

Error: (03/17/2014 10:35:03 PM) (Source: System Restore) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe" -Embedding; Beschreibung = Configured Microsoft Office Professional Plus 2013; Fehler = 0x8007043c).

Error: (03/17/2014 10:31:12 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service) (User: )
Description: Fehler beim Erstellen des neuen Suchindex durch Windows Search. Interner Fehler <4, 0xc0041800, Fehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects>.

Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service) (User: )
Description: Windows Search wird aufgrund eines Problems bei der Indizierung The catalog is corrupt beendet.


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service) (User: )
Description: Vom Suchdienst wurden beschädigte Datendateien im Index {id=4700} erkannt. Vom Dienst wird versucht, dieses Problem durch Neuerstellung des Indexes automatisch zu beheben.


Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)

Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service) (User: )
Description: Der Jet-Eigenschaftenspeicher kann von Windows Search nicht geöffnet werden.


Details:
0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800))

Error: (03/17/2014 10:20:45 PM) (Source: ESENT) (User: )
Description: Windows (4284) Windows: Neue Protokolldatei konnte nicht erstellt werden, weil die Datenbank nicht auf das Protokolllaufwerk schreiben kann. Das Laufwerk ist möglicherweise schreibgeschützt, falsch konfiguriert, beschädigt oder hat zu wenig freien Speicherplatz. Fehler -1811.

Error: (03/17/2014 10:20:45 PM) (Source: ESENT) (User: )
Description: Windows (4284) Windows: Versuch, Datei "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.log" nach "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" zu verschieben, ist mit Systemfehler 2 (0x00000002): "Das System kann die angegebene Datei nicht finden. " fehlgeschlagen. Fehler -1811 (0xfffff8ed) beim Verschieben von Dateien.


System errors:
=============
Error: (03/17/2014 10:46:58 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (03/17/2014 10:46:58 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (03/17/2014 10:46:57 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (03/17/2014 10:46:55 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (03/17/2014 10:46:54 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Microsoft-Netzwerkinspektion" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2

Error: (03/17/2014 10:46:54 PM) (Source: Microsoft Antimalware) (User: )
Description: Vom Echtzeitschutz-Feature von %%860 wurde ein Fehler festgestellt

Feature: %%886

Fehlercode: 0x80070002

Fehlerbeschreibung: Das System kann die angegebene Datei nicht finden.

Grund: %%892

Error: (03/17/2014 10:46:53 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (03/17/2014 10:46:52 PM) (Source: Microsoft-Windows-DNS-Client) (User: NT-AUTORITÄT)
Description: Fehler beim Lesen der Datei für lokale Hosts.

Error: (03/17/2014 10:39:19 PM) (Source: Microsoft Antimalware) (User: )
Description: Beim Aktualisieren der Signaturen wurde von %NT-AUTORITÄT60 ein Fehler festgestellt.

Neue Signaturversion:

Vorherige Signaturversion: 1.167.2092.0

Aktualisierungsquelle: %NT-AUTORITÄT59

Aktualisierungsphase: 4.4.0304.00

Quellpfad: 4.4.0304.01

Signaturtyp: %NT-AUTORITÄT602

Aktualisierungstyp: %NT-AUTORITÄT604

Benutzer: NT-AUTORITÄT\SYSTEM

Aktuelle Modulversion: %NT-AUTORITÄT605

Vorherige Modulversion: %NT-AUTORITÄT606

Fehlercode: %NT-AUTORITÄT607

Fehlerbeschreibung: %NT-AUTORITÄT608

Error: (03/17/2014 10:35:03 PM) (Source: DCOM) (User: )
Description: 1084MSIServer{000C101C-0000-0000-C000-000000000046}


Microsoft Office Sessions:
=========================
Error: (03/17/2014 10:48:46 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2014 10:35:21 PM) (Source: System Restore)(User: )
Description: C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional Plus 20130x8007043c

Error: (03/17/2014 10:35:03 PM) (Source: System Restore)(User: )
Description: C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe Files\Common Files\Microsoft Shared\OFFICE15\Office Setup Controller\Setup.exe" -EmbeddingConfigured Microsoft Office Professional Plus 20130x8007043c

Error: (03/17/2014 10:31:12 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service)(User: )
Description: 40xc0041800Fehler beim Hinzufügen des Projekts: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects

Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service)(User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
The catalog is corrupt

Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service)(User: )
Description:
Details:
Der Inhaltsindexkatalog ist fehlerhaft. (HRESULT : 0xc0041801) (0xc0041801)
4700

Error: (03/17/2014 10:20:45 PM) (Source: Windows Search Service)(User: )
Description:
Details:
0x%08x (0xc0041800 - Die Inhaltsindexdatenbank ist fehlerhaft. (HRESULT : 0xc0041800))

Error: (03/17/2014 10:20:45 PM) (Source: ESENT)(User: )
Description: Windows4284Windows: -1811

Error: (03/17/2014 10:20:45 PM) (Source: ESENT)(User: )
Description: Windows4284Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSStmp.logC:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log-1811 (0xfffff8ed)2 (0x00000002)Das System kann die angegebene Datei nicht finden.


==================== Memory info ===========================

Percentage of memory in use: 12%
Total physical RAM: 16329.78 MB
Available physical RAM: 14262.54 MB
Total Pagefile: 32657.73 MB
Available Pagefile: 30406.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.79 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.69 GB) (Free:48.47 GB) NTFS
Drive e: () (Fixed) (Total:372.61 GB) (Free:85.63 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: 86E2C739)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=112 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 373 GB) (Disk ID: 00000001)
Partition 1: (Not Active) - (Size=373 GB) - (Type=42)

==================== End Of Log ============================




Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Patrick (administrator) on PATRICK-PC on 17-03-2014 22:48:33
Running from E:\Benutzer\Patrick\Downloads
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: hxxp://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Program Files (x86)\MSI\OTPService\OTPService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(TeamViewer GmbH) E:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\{$7093-3599-3146-6724$}\winreg.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\WScript.exe
(Mozilla Corporation) E:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MpCmdRun.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6963272 2013-01-15] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-31] (Atheros Communications)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-08-31] (Qualcomm Atheros)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [RUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [iTunesHelper] - E:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Windows Registry] - C:\{$7093-3599-3146-6724$}\winreg.exe -rundll32 /SYSTEM32 "C:\Windows\System32\taskmgr.exe" "C:\Program Files\Microsoft\Windows"
HKU\S-1-5-21-3464895135-2213791737-1334037653-1000\...\Run: [AdobeBridge] - [X]
HKU\S-1-5-21-3464895135-2213791737-1334037653-1000\...\CurrentVersion\Windows: [Load] C:\{$7093-3599-3146-6724$}\winreg.exe <===== ATTENTION
HKU\S-1-5-21-3464895135-2213791737-1334037653-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
IFEO\avcenter.exe: [Debugger] nsjw.exe
IFEO\avguard.exe: [Debugger] nsjw.exe
IFEO\avp.exe: [Debugger] nsjw.exe
IFEO\bdagent.exe: [Debugger] nsjw.exe
IFEO\ccuac.exe: [Debugger] nsjw.exe
IFEO\ComboFix.exe: [Debugger] nsjw.exe
IFEO\egui.exe: [Debugger] nsjw.exe
IFEO\hijackthis.exe: [Debugger] nsjw.exe
IFEO\keyscrambler.exe: [Debugger] nsjw.exe
IFEO\mbam.exe: [Debugger] nsjw.exe
IFEO\NisSrv.exe: [Debugger] nsjw.exe
IFEO\spybotsd.exe: [Debugger] nsjw.exe
IFEO\wireshark.exe: [Debugger] nsjw.exe
IFEO\zlclient.exe: [Debugger] nsjw.exe
InternetURL: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Registry.url -> 0

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7F8DFD71A9FBCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {4FC8E392-66B7-44FC-8F7D-618CE89C1E88} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10871
SearchScopes: HKCU - {6776F026-253B-48A8-BE22-897FA4886E8B} URL = hxxp://search.findwide.com/serp?guid={666B3E8C-58E8-4170-BD1F-EA97304322A3}&action=default_search&serpv=22&k={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {E8166F43-08B6-4CD6-A9AD-2416AE687F4E} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Hosts: Hosts file not detected in the default directory
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default
FF user.js: detected! => C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\user.js
FF NewTab: user_pref("browser.newtab.url", "");
FF SearchEngineOrder.1: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - E:\PROGRA~4\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - E:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - E:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: DownloadHelper [AU] - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-19]
FF Extension: YouTube High Definition - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-01-26]
FF Extension: Adblock Plus - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-20]
FF StartMenuInternet: FIREFOX.EXE - e:\program files (x86)\mozilla firefox\firefox.exe

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-08-31] (Qualcomm Atheros Commnucations)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
R2 MSI_OTPService; C:\Program Files (x86)\MSI\OTPService\OTPService.exe [252432 2012-04-12] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-20] ()
R2 TeamViewer9; E:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [5341536 2013-12-17] (TeamViewer GmbH)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-31] (Qualcomm Atheros)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
R1 ISODrive; E:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [40464 2009-08-05] (CACE Technologies)
S3 NPF; C:\Windows\SysWOW64\drivers\npf.sys [34064 2009-08-05] (CACE Technologies)
R3 NTIOLib_1_0_T; C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys [14136 2009-10-06] (MSI)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-17 22:48 - 2014-03-17 22:48 - 00000000 ____D () C:\FRST
2014-03-17 22:47 - 2014-03-17 22:47 - 00000000 ___RD () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-03-17 22:47 - 2014-03-17 22:47 - 00000000 _____ () C:\Users\Patrick\defogger_reenable
2014-03-17 14:24 - 2014-03-17 14:35 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Sony
2014-03-17 11:45 - 2014-02-24 16:59 - 12296192 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 09075712 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 01495040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 06041088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-17 11:45 - 2014-02-24 15:01 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-17 11:45 - 2014-02-24 14:39 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-17 11:45 - 2013-12-10 03:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-17 11:45 - 2013-12-10 03:02 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-17 10:48 - 2012-06-16 06:15 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-17 10:48 - 2012-06-16 05:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-17 10:44 - 2014-03-17 10:44 - 00001421 _____ () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-17 09:55 - 2014-03-17 09:55 - 00000519 _____ () C:\Users\Patrick\AppData\Roaming\setting.ini
2014-03-17 09:54 - 2014-03-17 22:48 - 00139456 _____ () C:\Users\Patrick\AppData\Roaming\msconfig.ini
2014-03-17 09:54 - 2014-03-17 10:11 - 00000000 ___HD () C:\{$7093-3599-3146-6724$}
2014-03-17 09:54 - 2014-03-17 09:54 - 07651328 _____ (GetFLV) C:\Users\Patrick\AppData\Roaming\GetFLV.exe
2014-03-17 09:54 - 2014-03-17 09:54 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\tmp
2014-03-17 09:53 - 2014-02-13 01:52 - 05861376 __RSH (Apple Inc.) C:\ProgramData\575533705.exe
2014-03-17 09:47 - 2014-03-17 09:47 - 00000000 ____D () C:\Users\Patrick\Documents\Wondershare Player
2014-03-17 09:46 - 2014-03-17 09:46 - 00000000 ____D () C:\Users\Patrick\Documents\Wondershare Streaming Video Recorder
2014-03-17 09:46 - 2009-08-05 17:30 - 00240248 _____ (CACE Technologies) C:\Windows\SysWOW64\wpcap.dll
2014-03-17 09:46 - 2009-08-05 17:30 - 00240248 _____ (CACE Technologies) C:\Windows\system32\wpcap.dll
2014-03-17 09:46 - 2009-08-05 17:30 - 00088704 _____ (CACE Technologies) C:\Windows\SysWOW64\Packet.dll
2014-03-17 09:46 - 2009-08-05 17:30 - 00088704 _____ (CACE Technologies) C:\Windows\system32\Packet.dll
2014-03-17 09:46 - 2009-08-05 17:30 - 00053299 _____ () C:\Windows\SysWOW64\pthreadVC.dll
2014-03-17 09:46 - 2009-08-05 17:30 - 00053299 _____ () C:\Windows\system32\pthreadVC.dll
2014-03-17 09:46 - 2009-08-05 17:30 - 00040464 _____ (CACE Technologies) C:\Windows\system32\Drivers\npf.sys
2014-03-17 09:46 - 2009-08-05 17:30 - 00034064 _____ (CACE Technologies) C:\Windows\SysWOW64\Drivers\npf.sys
2014-03-15 15:47 - 2014-03-15 15:47 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-03-13 21:41 - 2014-03-13 21:41 - 00000000 ____D () C:\Program Files\MoTeC
2014-03-13 21:39 - 2014-03-13 21:39 - 00000000 ____D () C:\ProgramData\MoTeC
2014-03-13 21:39 - 2014-03-13 21:39 - 00000000 ____D () C:\MoTeC
2014-03-13 18:32 - 2014-03-13 18:32 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Downloaded Installations
2014-03-13 09:15 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 09:15 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 09:15 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 09:15 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 09:14 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 09:14 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 09:14 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 09:14 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-09 20:25 - 2014-03-09 20:25 - 00000000 ____D () C:\Program Files\Logitech
2014-03-09 20:13 - 2014-03-09 20:13 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Logitech
2014-03-09 20:07 - 2014-03-09 20:07 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2014-03-08 15:36 - 2014-03-08 15:36 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2014-03-08 10:32 - 2014-03-08 10:32 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-08 10:32 - 2014-02-08 17:18 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-08 10:31 - 2014-02-08 19:34 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-08 10:31 - 2014-02-08 19:34 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00483104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00408352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00378656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00148528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-05 21:22 - 2014-03-05 21:22 - 00053248 _____ () C:\Windows\SysWOW64\nvTextureToolsUtil.dll
2014-03-04 16:08 - 2014-03-05 21:22 - 00151552 _____ () C:\Windows\SysWOW64\nvRegDev.dll
2014-03-04 16:08 - 2014-03-05 21:22 - 00040960 _____ () C:\Windows\SysWOW64\nvISWOW64.dll
2014-03-04 16:08 - 2014-03-05 21:20 - 00061440 _____ () C:\Windows\SysWOW64\nvPhotoshopUtil.dll
2014-03-04 16:07 - 2002-08-15 10:11 - 00344064 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2014-03-04 16:07 - 2002-01-05 03:40 - 00487424 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll
2014-02-26 23:47 - 2014-02-26 23:49 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grid 2
2014-02-26 15:00 - 2014-02-27 10:58 - 00000000 ____D () C:\ProgramData\Steam
2014-02-26 15:00 - 2014-02-26 15:00 - 00000000 ____D () C:\Users\Patrick\Documents\My Games
2014-02-26 15:00 - 2014-02-26 15:00 - 00000000 ____D () C:\ProgramData\Codemasters
2014-02-26 14:56 - 2014-03-17 11:44 - 00052767 _____ () C:\Windows\DirectX.log
2014-02-24 10:47 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-24 10:47 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-19 10:53 - 2014-03-17 10:52 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\SkyTestATC1
2014-02-19 10:53 - 2008-02-06 19:31 - 01019904 _____ (Conaito) C:\Windows\SysWOW64\EvoVoIP.ocx
2014-02-19 10:53 - 2004-08-04 05:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVBVM50.DLL
2014-02-19 10:53 - 2004-08-04 05:00 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dx8vb.dll
2014-02-19 10:53 - 2002-12-20 15:02 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-02-19 10:53 - 2000-10-02 00:00 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-02-19 10:53 - 2000-05-23 22:45 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2014-02-19 10:53 - 1999-05-07 00:00 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.OCX
2014-02-19 10:53 - 1999-01-25 20:30 - 00026624 _____ (Jan Krumsiek) C:\Windows\SysWOW64\JKJoystick2.ocx
2014-02-19 10:53 - 1998-07-06 00:00 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-02-19 10:53 - 1998-06-24 01:00 - 00609584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2014-02-19 10:53 - 1998-06-24 01:00 - 00108336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWINSCK.OCX
2014-02-18 01:48 - 2014-03-17 09:26 - 00005088 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Patrick-PC-Patrick Patrick-PC
2014-02-15 10:47 - 2014-03-17 22:47 - 00028818 _____ () C:\Windows\setupact.log
2014-02-15 10:47 - 2014-03-17 10:11 - 00002128 _____ () C:\Windows\PFRO.log
2014-02-15 10:47 - 2014-02-15 10:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-15 10:35 - 2014-02-15 10:35 - 00000000 ____D () C:\Windows\system32\log
2014-02-15 10:35 - 2014-02-15 10:35 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\eCyber
2014-02-15 10:34 - 2014-02-15 10:45 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\iSafe

==================== One Month Modified Files and Folders =======

2014-03-17 22:48 - 2014-03-17 22:48 - 00000000 ____D () C:\FRST
2014-03-17 22:48 - 2014-03-17 09:54 - 00139456 _____ () C:\Users\Patrick\AppData\Roaming\msconfig.ini
2014-03-17 22:47 - 2014-03-17 22:47 - 00000000 ___RD () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-03-17 22:47 - 2014-03-17 22:47 - 00000000 _____ () C:\Users\Patrick\defogger_reenable
2014-03-17 22:47 - 2014-02-15 10:47 - 00028818 _____ () C:\Windows\setupact.log
2014-03-17 22:47 - 2013-12-18 04:56 - 00000000 ___RD () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-17 22:47 - 2013-12-18 04:56 - 00000000 ____D () C:\Users\Patrick
2014-03-17 22:46 - 2013-12-21 10:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-17 22:39 - 2013-12-18 04:56 - 01744473 _____ () C:\Windows\WindowsUpdate.log
2014-03-17 22:35 - 2013-12-19 12:11 - 00000000 ____D () C:\Users\Patrick\Documents\Outlook-Dateien
2014-03-17 22:33 - 2011-04-12 08:43 - 00703092 _____ () C:\Windows\system32\perfh007.dat
2014-03-17 22:33 - 2011-04-12 08:43 - 00150676 _____ () C:\Windows\system32\perfc007.dat
2014-03-17 22:33 - 2009-07-14 06:13 - 01629572 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-17 14:42 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-17 14:42 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-17 14:36 - 2013-12-19 17:04 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps
2014-03-17 14:35 - 2014-03-17 14:24 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Sony
2014-03-17 13:52 - 2014-01-04 23:13 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\vlc
2014-03-17 11:44 - 2014-02-26 14:56 - 00052767 _____ () C:\Windows\DirectX.log
2014-03-17 11:01 - 2013-12-19 12:57 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-17 11:01 - 2013-12-19 12:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-17 11:01 - 2013-12-19 12:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-17 10:52 - 2014-02-19 10:53 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\SkyTestATC1
2014-03-17 10:44 - 2014-03-17 10:44 - 00001421 _____ () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-17 10:44 - 2013-12-18 04:56 - 00001455 _____ () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-17 10:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-17 10:11 - 2014-03-17 09:54 - 00000000 ___HD () C:\{$7093-3599-3146-6724$}
2014-03-17 10:11 - 2014-02-15 10:47 - 00002128 _____ () C:\Windows\PFRO.log
2014-03-17 09:55 - 2014-03-17 09:55 - 00000519 _____ () C:\Users\Patrick\AppData\Roaming\setting.ini
2014-03-17 09:54 - 2014-03-17 09:54 - 07651328 _____ (GetFLV) C:\Users\Patrick\AppData\Roaming\GetFLV.exe
2014-03-17 09:54 - 2014-03-17 09:54 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\tmp
2014-03-17 09:47 - 2014-03-17 09:47 - 00000000 ____D () C:\Users\Patrick\Documents\Wondershare Player
2014-03-17 09:46 - 2014-03-17 09:46 - 00000000 ____D () C:\Users\Patrick\Documents\Wondershare Streaming Video Recorder
2014-03-17 09:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2014-03-17 09:26 - 2014-02-18 01:48 - 00005088 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Patrick-PC-Patrick Patrick-PC
2014-03-17 09:05 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-15 15:47 - 2014-03-15 15:47 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-03-15 15:47 - 2013-12-18 23:01 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Adobe
2014-03-13 21:41 - 2014-03-13 21:41 - 00000000 ____D () C:\Program Files\MoTeC
2014-03-13 21:39 - 2014-03-13 21:39 - 00000000 ____D () C:\ProgramData\MoTeC
2014-03-13 21:39 - 2014-03-13 21:39 - 00000000 ____D () C:\MoTeC
2014-03-13 21:31 - 2009-07-14 05:45 - 04985656 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 18:52 - 2013-12-19 12:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 18:52 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-03-13 18:32 - 2014-03-13 18:32 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Downloaded Installations
2014-03-13 09:10 - 2014-02-11 15:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 09:10 - 2014-02-11 15:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 13:05 - 2013-12-19 12:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-09 20:25 - 2014-03-09 20:25 - 00000000 ____D () C:\Program Files\Logitech
2014-03-09 20:13 - 2014-03-09 20:13 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Logitech
2014-03-09 20:07 - 2014-03-09 20:07 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2014-03-08 15:36 - 2014-03-08 15:36 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2014-03-08 10:32 - 2014-03-08 10:32 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-08 10:32 - 2013-12-18 05:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-08 10:28 - 2013-12-20 09:36 - 00000000 ____D () C:\ProgramData\Origin
2014-03-05 22:28 - 2013-12-18 05:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-05 22:28 - 2013-12-18 05:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-05 21:22 - 2014-03-05 21:22 - 00053248 _____ () C:\Windows\SysWOW64\nvTextureToolsUtil.dll
2014-03-05 21:22 - 2014-03-04 16:08 - 00151552 _____ () C:\Windows\SysWOW64\nvRegDev.dll
2014-03-05 21:22 - 2014-03-04 16:08 - 00040960 _____ () C:\Windows\SysWOW64\nvISWOW64.dll
2014-03-05 21:20 - 2014-03-04 16:08 - 00061440 _____ () C:\Windows\SysWOW64\nvPhotoshopUtil.dll
2014-02-27 10:58 - 2014-02-26 15:00 - 00000000 ____D () C:\ProgramData\Steam
2014-02-26 23:49 - 2014-02-26 23:47 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grid 2
2014-02-26 15:00 - 2014-02-26 15:00 - 00000000 ____D () C:\Users\Patrick\Documents\My Games
2014-02-26 15:00 - 2014-02-26 15:00 - 00000000 ____D () C:\ProgramData\Codemasters
2014-02-24 16:59 - 2014-03-17 11:45 - 12296192 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 09075712 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 01495040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 06041088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-24 15:01 - 2014-03-17 11:45 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-24 14:39 - 2014-03-17 11:45 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-17 16:55 - 2013-12-21 10:31 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-17 16:55 - 2013-12-21 10:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-02-15 10:47 - 2014-02-15 10:47 - 00000000 _____ () C:\Windows\setuperr.log
2014-02-15 10:45 - 2014-02-15 10:34 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\iSafe
2014-02-15 10:35 - 2014-02-15 10:35 - 00000000 ____D () C:\Windows\system32\log
2014-02-15 10:35 - 2014-02-15 10:35 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\eCyber
2014-02-15 10:25 - 2013-12-19 11:45 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service

Files to move or delete:
====================
C:\ProgramData\575533705.exe
C:\Users\Patrick\AppData\Roaming\msconfig.ini


Some content of TEMP:
====================
C:\Users\Patrick\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Patrick\AppData\Local\Temp\NVI2_29.DLL
C:\Users\Patrick\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Patrick\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Patrick\AppData\Local\Temp\nvStInst.exe
C:\Users\Patrick\AppData\Local\Temp\vlc-2.1.3-win64.exe
C:\Users\Patrick\AppData\Local\Temp\vlc-2.1.4-win64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-10 17:13

==================== End Of Log ============================



GMER 2.1.19357 - hxxp://www.gmer.net
Rootkit scan 2014-03-17 22:55:18
Windows 6.1.7601 Service Pack 1 x64
Running: Gmer-19357.exe


---- Registry - GMER 2.1 ----

Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\2cd05a920cc1
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\2cd05a920cc1@c88447117f1f 0x12 0x4C 0xD5 0x99 ...
Reg HKLM\SYSTEM\CurrentControlSet\services\BTHPORT\Parameters\Keys\2cd05a920cc1@28e7cf5050c9 0x81 0xB8 0x1F 0x01 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\2cd05a920cc1 (not active ControlSet)
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\2cd05a920cc1@c88447117f1f 0x12 0x4C 0xD5 0x99 ...
Reg HKLM\SYSTEM\ControlSet002\services\BTHPORT\Parameters\Keys\2cd05a920cc1@28e7cf5050c9 0x81 0xB8 0x1F 0x01 ...

---- EOF - GMER 2.1 ----



Ich bin echt Ratlos und wäre euch sehr verbunden wenn ihr mir da weiterhelfen könnt :/.


Bedanke mich im Vorraus für eure Anstregung und wünsche noch einen schönen Abend.

LG

Slater

cosinus 17.03.2014 23:23
Hi,

Zitat:
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Win7 Ultimate, Office Pro Plus und Photoshop CS6? :wtf:
Ist das ein gewerblich genutztes System?

slater27 17.03.2014 23:36
Hallo.

Nein das ist kein gewerblich genutztes System.

lg

cosinus 17.03.2014 23:40
Aus welcher Quelle sind diese Programme?

slater27 17.03.2014 23:42
Von dem gleichen von dem der PC ist. Habe ihn auf Willhaben.at gekauft.

cosinus 17.03.2014 23:56
Ok, dann hoffen wir mal, dass dir da keine gecrackten Edtitionen angedreht wurden

Dann bitte jetzt Combofix ausführen:

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

slater27 18.03.2014 00:10
Kann die exe leider nicht starten :/.

Ich habe sie im abgesicherten Modus runtergeladen und es kommt im abgesicherten Modus sowie im normalen Modus diese Meldung: E:\Benutzer\Patrick\Downloads\Combofix.exe konnte nicht gefunden werden. Stellen sie sicher, dass Sie den Name richtig eingegeben haben und wiederholen Sie den Vorgang

cosinus 18.03.2014 00:12
1.) wo steht was in der Anleitung von abgesicherten Modus?
2.) in der Anleitung wird gesagt, dass combofix.exe auf den Desktop soll und nicht woanders hin

slater27 18.03.2014 00:23
Habe es jetzt nach 2 maligem neustart geschafft.

Code:
ComboFix 14-03-16.01 - Patrick 18.03.2014  0:17.1.4 - x64
Microsoft Windows 7 Ultimate  6.1.7601.1.1252.49.1031.18.16330.14505 [GMT 1:00]
ausgeführt von:: e:\benutzer\Patrick\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((  Weitere Löschungen  ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\575533705.exe
c:\users\Patrick\AppData\Roaming\GetFLV.exe
c:\users\Patrick\AppData\Roaming\msconfig.ini
c:\windows\SysWow64\drivers\npf.sys
c:\windows\SysWow64\Packet.dll
c:\windows\SysWow64\pthreadVC.dll
c:\windows\SysWow64\wpcap.dll
.
.
(((((((((((((((((((((((((((((((((((((((  Treiber/Dienste  )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Service_NPF
.
.
(((((((((((((((((((((((  Dateien erstellt von 2014-02-17 bis 2014-03-17  ))))))))))))))))))))))))))))))
.
.
2014-03-17 21:48 . 2014-03-17 21:48        --------        d-----w-        C:\FRST
2014-03-17 13:24 . 2014-03-17 13:35        --------        d-----w-        c:\users\Patrick\AppData\Roaming\Sony
2014-03-17 09:48 . 2012-06-16 05:15        911360        ----a-w-        c:\windows\system32\jscript.dll
2014-03-17 08:54 . 2014-03-17 08:54        --------        d-----w-        c:\users\Patrick\AppData\Roaming\tmp
2014-03-17 08:54 . 2014-03-17 09:11        --------        d-----w-        C:\{$7093-3599-3146-6724$}
2014-03-17 08:46 . 2009-08-05 16:30        40464        ----a-w-        c:\windows\system32\drivers\npf.sys
2014-03-17 08:46 . 2009-08-05 16:30        88704        ----a-w-        c:\windows\system32\Packet.dll
2014-03-17 08:46 . 2009-08-05 16:30        53299        ----a-w-        c:\windows\system32\pthreadVC.dll
2014-03-17 08:46 . 2009-08-05 16:30        240248        ----a-w-        c:\windows\system32\wpcap.dll
2014-03-16 13:02 . 2014-02-06 09:01        10536864        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{1E11548B-52D5-49D9-BCB1-AA5D80B71B20}\mpengine.dll
2014-03-15 14:47 . 2014-03-15 14:47        --------        d-----w-        c:\users\Patrick\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-03-15 10:27 . 2014-02-06 09:01        10536864        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-03-14 09:10 . 2014-02-20 08:34        1031560        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{C1C87E9E-7CFD-47FE-B66F-93FA92B9B733}\gapaengine.dll
2014-03-13 20:41 . 2014-03-13 20:41        --------        d-----w-        c:\program files\MoTeC
2014-03-13 20:39 . 2014-03-13 20:39        --------        d-----w-        c:\programdata\MoTeC
2014-03-13 20:39 . 2014-03-13 20:39        --------        d-----w-        C:\MoTeC
2014-03-13 17:32 . 2014-03-13 17:32        --------        d-----w-        c:\users\Patrick\AppData\Local\Downloaded Installations
2014-03-13 08:15 . 2014-01-29 02:32        484864        ----a-w-        c:\windows\system32\wer.dll
2014-03-13 08:15 . 2014-01-29 02:06        381440        ----a-w-        c:\windows\SysWow64\wer.dll
2014-03-13 08:15 . 2014-01-28 02:32        228864        ----a-w-        c:\windows\system32\wwansvc.dll
2014-03-13 08:15 . 2014-02-07 01:23        3156480        ----a-w-        c:\windows\system32\win32k.sys
2014-03-13 08:14 . 2014-02-04 02:32        624128        ----a-w-        c:\windows\system32\qedit.dll
2014-03-13 08:14 . 2014-02-04 02:04        509440        ----a-w-        c:\windows\SysWow64\qedit.dll
2014-03-13 08:14 . 2014-02-04 02:32        1424384        ----a-w-        c:\windows\system32\WindowsCodecs.dll
2014-03-13 08:14 . 2014-02-04 02:04        1230336        ----a-w-        c:\windows\SysWow64\WindowsCodecs.dll
2014-03-09 19:25 . 2014-03-09 19:25        --------        d-----w-        c:\program files\Logitech
2014-03-09 19:13 . 2014-03-09 19:13        --------        d-----w-        c:\users\Patrick\AppData\Local\Logitech
2014-03-09 19:07 . 2014-03-09 19:07        --------        d-----w-        c:\program files\Common Files\Logitech
2014-03-08 14:36 . 2014-03-08 14:36        98304        ----a-w-        c:\windows\SysWow64\CmdLineExt.dll
2014-03-08 09:32 . 2014-03-08 09:32        --------        d-----w-        c:\program files (x86)\AGEIA Technologies
2014-03-08 09:32 . 2014-02-08 16:18        599840        ----a-w-        c:\windows\SysWow64\nvStreaming.exe
2014-03-05 20:22 . 2014-03-05 20:22        53248        ----a-w-        c:\windows\SysWow64\nvTextureToolsUtil.dll
2014-03-05 20:09 . 2014-03-05 20:09        311428        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\setup.dll
2014-03-05 20:09 . 2014-03-05 20:09        188548        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iGdi.dll
2014-03-05 20:09 . 2003-11-10 17:14        729088        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iKernel.dll
2014-03-05 20:09 . 2003-11-10 17:13        69715        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\ctor.dll
2014-03-05 20:09 . 2003-11-10 17:12        266240        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iscript.dll
2014-03-05 20:09 . 2003-11-10 17:12        192512        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\iuser.dll
2014-03-05 20:09 . 2003-11-10 17:11        5632        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\09\01\Intel32\DotNetInstaller.exe
2014-03-04 15:08 . 2014-03-05 20:22        151552        ----a-w-        c:\windows\SysWow64\nvRegDev.dll
2014-03-04 15:08 . 2014-03-05 20:22        40960        ----a-w-        c:\windows\SysWow64\nvISWOW64.dll
2014-03-04 15:08 . 2014-03-05 20:20        61440        ----a-w-        c:\windows\SysWow64\nvPhotoshopUtil.dll
2014-03-04 15:07 . 2002-08-15 09:11        344064        ----a-r-        c:\windows\SysWow64\msvcr70.dll
2014-03-04 15:07 . 2002-01-05 02:40        487424        ----a-r-        c:\windows\SysWow64\msvcp70.dll
2014-03-04 15:07 . 2014-03-04 15:07        282756        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\setup.dll
2014-03-04 15:07 . 2014-03-04 15:07        163972        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iGdi.dll
2014-03-04 15:07 . 2002-12-05 13:12        692224        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iKernel.dll
2014-03-04 15:07 . 2002-12-05 13:10        155648        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iuser.dll
2014-03-04 15:07 . 2002-12-02 14:22        5632        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\DotNetInstaller.exe
2014-03-04 15:07 . 2002-12-02 12:33        57344        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\ctor.dll
2014-03-04 15:07 . 2002-12-02 12:33        237568        ----a-w-        c:\program files (x86)\Common Files\InstallShield\Professional\RunTime\0701\Intel32\iscript.dll
2014-02-26 14:00 . 2014-02-26 14:00        --------        d-----w-        c:\programdata\Codemasters
2014-02-26 14:00 . 2014-02-27 09:58        --------        d-----w-        c:\programdata\Steam
2014-02-24 09:47 . 2014-02-08 18:34        1885472        ----a-w-        c:\windows\system32\nvdispco6433489.dll
2014-02-24 09:47 . 2014-02-08 18:34        1515296        ----a-w-        c:\windows\system32\nvdispgenco6433489.dll
2014-02-19 09:53 . 2014-03-17 09:52        --------        d-----w-        c:\users\Patrick\AppData\Roaming\SkyTestATC1
2014-02-19 09:53 . 2008-02-06 18:31        1019904        ----a-w-        c:\windows\SysWow64\EvoVoIP.ocx
2014-02-19 09:53 . 2004-08-04 04:00        1227264        ----a-w-        c:\windows\SysWow64\dx8vb.dll
2014-02-19 09:53 . 2000-10-01 23:00        125712        ----a-w-        c:\windows\SysWow64\VB6DE.DLL
2014-02-19 09:53 . 2000-05-23 21:45        118784        ----a-w-        c:\windows\SysWow64\MSSTDFMT.DLL
2014-02-19 09:53 . 1998-07-05 23:00        158208        ----a-w-        c:\windows\SysWow64\MSCMCDE.DLL
2014-02-19 09:53 . 2004-08-04 04:00        1355776        ----a-w-        c:\windows\SysWow64\MSVBVM50.DLL
2014-02-19 09:53 . 2002-12-20 14:02        1066176        ----a-w-        c:\windows\SysWow64\MSCOMCTL.OCX
2014-02-19 09:53 . 1999-05-06 23:00        140288        ----a-w-        c:\windows\SysWow64\comdlg32.OCX
2014-02-19 09:53 . 1999-01-25 19:30        26624        ----a-w-        c:\windows\SysWow64\JKJoystick2.ocx
2014-02-19 09:53 . 1998-06-24 00:00        609584        ----a-w-        c:\windows\SysWow64\COMCTL32.OCX
2014-02-19 09:53 . 1998-06-24 00:00        108336        ----a-w-        c:\windows\SysWow64\MSWINSCK.OCX
.
.
.
((((((((((((((((((((((((((((((((((((  Find3M Bericht  ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-03-17 10:01 . 2013-12-19 11:57        71048        ----a-w-        c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-03-17 10:01 . 2013-12-19 11:57        692616        ----a-w-        c:\windows\SysWow64\FlashPlayerApp.exe
2014-02-20 08:34 . 2014-01-23 17:18        1031560        ------w-        c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
2014-02-17 15:55 . 2013-12-21 09:31        88567024        ----a-w-        c:\windows\system32\MRT.exe
2014-02-10 21:30 . 2014-02-10 21:30        119808        ----a-r-        c:\users\Patrick\AppData\Roaming\Microsoft\Installer\{CCF298AF-9CE1-4B26-B251-486E98A34789}\icons.exe
2014-02-08 18:34 . 2014-01-08 14:31        947296        ----a-w-        c:\windows\system32\nvumdshimx.dll
2014-02-08 18:34 . 2014-01-08 14:31        18257576        ----a-w-        c:\windows\system32\nvwgf2umx.dll
2014-02-08 18:34 . 2014-01-08 14:31        17715784        ----a-w-        c:\windows\system32\nvd3dumx.dll
2014-02-08 18:34 . 2014-01-08 14:31        15740232        ----a-w-        c:\windows\SysWow64\nvwgf2um.dll
2014-02-08 18:34 . 2014-01-08 14:31        2713728        ----a-w-        c:\windows\SysWow64\nvapi.dll
2014-02-08 18:34 . 2014-01-08 14:31        14669032        ----a-w-        c:\windows\SysWow64\nvd3dum.dll
2014-02-08 18:34 . 2013-12-21 09:24        61216        ----a-w-        c:\windows\system32\OpenCL.dll
2014-02-08 18:34 . 2013-12-21 09:24        53024        ----a-w-        c:\windows\SysWow64\OpenCL.dll
2014-02-08 18:34 . 2013-12-21 09:24        3090184        ----a-w-        c:\windows\system32\nvapi64.dll
2014-02-08 17:42 . 2013-12-21 09:24        6712608        ----a-w-        c:\windows\system32\nvcpl.dll
2014-02-08 17:42 . 2013-12-21 09:24        3498272        ----a-w-        c:\windows\system32\nvsvc64.dll
2014-02-08 17:42 . 2013-12-21 09:24        923936        ----a-w-        c:\windows\system32\nvvsvc.exe
2014-02-08 17:42 . 2013-12-21 09:24        63776        ----a-w-        c:\windows\system32\nvshext.dll
2014-02-08 17:42 . 2013-12-21 09:24        386336        ----a-w-        c:\windows\system32\nvmctray.dll
2014-02-08 17:42 . 2013-12-21 09:24        2559776        ----a-w-        c:\windows\system32\nvsvcr.dll
2014-02-05 17:52 . 2013-12-21 09:24        3573739        ----a-w-        c:\windows\system32\nvcoproc.bin
2014-01-21 02:53 . 2013-12-21 09:25        1048152        ----a-w-        c:\windows\SysWow64\nvspcap.dll
2014-01-21 02:53 . 2013-12-21 09:25        1179576        ----a-w-        c:\windows\system32\nvspcap64.dll
2014-01-19 07:33 . 2010-11-21 03:27        270496        ------w-        c:\windows\system32\MpSigStub.exe
2013-12-27 18:42 . 2014-01-23 17:30        39200        ----a-w-        c:\windows\system32\drivers\nvvad64v.sys
2013-12-27 18:42 . 2014-01-23 17:30        33056        ----a-w-        c:\windows\SysWow64\nvaudcap32v.dll
2013-12-27 18:42 . 2013-12-21 09:24        35104        ----a-w-        c:\windows\system32\nvaudcap64v.dll
2013-12-24 23:09 . 2014-02-13 04:37        1987584        ----a-w-        c:\windows\SysWow64\d3d10warp.dll
2013-12-24 22:48 . 2014-02-13 04:37        2565120        ----a-w-        c:\windows\system32\d3d10warp.dll
2013-12-20 13:29 . 2013-12-20 13:29        281872        ----a-w-        c:\windows\SysWow64\PnkBstrB.exe
2013-12-20 13:29 . 2013-12-20 13:29        281872        ----a-w-        c:\windows\SysWow64\PnkBstrB.ex0
2013-12-20 13:29 . 2013-12-20 13:29        76888        ----a-w-        c:\windows\SysWow64\PnkBstrA.exe
2013-12-19 20:33 . 2014-01-08 14:31        1884448        ----a-w-        c:\windows\system32\nvdispco6433221.dll
2013-12-19 20:33 . 2014-01-08 14:31        1511712        ----a-w-        c:\windows\system32\nvdispgenco6433221.dll
2013-12-19 09:50 . 2013-12-19 09:50        9728        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        9728        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        5632        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        5632        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        5632        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        5632        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        4096        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        4096        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        3584        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        3584        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        3072        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        3072        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        3072        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        2560        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        2560        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        10752        ---ha-w-        c:\windows\SysWow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        10752        ---ha-w-        c:\windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2013-12-19 09:50 . 2013-12-19 09:50        648192        ----a-w-        c:\windows\system32\d3d10level9.dll
2013-12-19 09:50 . 2013-12-19 09:50        604160        ----a-w-        c:\windows\SysWow64\d3d10level9.dll
2013-12-19 09:50 . 2013-12-19 09:50        522752        ----a-w-        c:\windows\system32\XpsGdiConverter.dll
2013-12-19 09:50 . 2013-12-19 09:50        364544        ----a-w-        c:\windows\SysWow64\XpsGdiConverter.dll
2013-12-19 09:50 . 2013-12-19 09:50        363008        ----a-w-        c:\windows\system32\dxgi.dll
2013-12-19 09:50 . 2013-12-19 09:50        333312        ----a-w-        c:\windows\system32\d3d10_1core.dll
2013-12-19 09:50 . 2013-12-19 09:50        296960        ----a-w-        c:\windows\system32\d3d10core.dll
2013-12-19 09:50 . 2013-12-19 09:50        293376        ----a-w-        c:\windows\SysWow64\dxgi.dll
2013-12-19 09:50 . 2013-12-19 09:50        2776576        ----a-w-        c:\windows\system32\msmpeg2vdec.dll
2013-12-19 09:50 . 2013-12-19 09:50        249856        ----a-w-        c:\windows\SysWow64\d3d10_1core.dll
2013-12-19 09:50 . 2013-12-19 09:50        245248        ----a-w-        c:\windows\system32\WindowsCodecsExt.dll
2013-12-19 09:50 . 2013-12-19 09:50        2284544        ----a-w-        c:\windows\SysWow64\msmpeg2vdec.dll
2013-12-19 09:50 . 2013-12-19 09:50        221184        ----a-w-        c:\windows\system32\UIAnimation.dll
2013-12-19 09:50 . 2013-12-19 09:50        220160        ----a-w-        c:\windows\SysWow64\d3d10core.dll
2013-12-19 09:50 . 2013-12-19 09:50        207872        ----a-w-        c:\windows\SysWow64\WindowsCodecsExt.dll
2013-12-19 09:50 . 2013-12-19 09:50        194560        ----a-w-        c:\windows\system32\d3d10_1.dll
2013-12-19 09:50 . 2013-12-19 09:50        187392        ----a-w-        c:\windows\SysWow64\UIAnimation.dll
2013-12-19 09:50 . 2013-12-19 09:50        1682432        ----a-w-        c:\windows\system32\XpsPrint.dll
2013-12-19 09:50 . 2013-12-19 09:50        161792        ----a-w-        c:\windows\SysWow64\d3d10_1.dll
2013-12-19 09:50 . 2013-12-19 09:50        1238528        ----a-w-        c:\windows\system32\d3d10.dll
2013-12-19 09:50 . 2013-12-19 09:50        1175552        ----a-w-        c:\windows\system32\FntCache.dll
2013-12-19 09:50 . 2013-12-19 09:50        1158144        ----a-w-        c:\windows\SysWow64\XpsPrint.dll
2013-12-19 09:50 . 2013-12-19 09:50        1080832        ----a-w-        c:\windows\SysWow64\d3d10.dll
2013-12-19 09:50 . 2013-12-19 09:50        1887232        ----a-w-        c:\windows\system32\d3d11.dll
2013-12-19 09:50 . 2013-12-19 09:50        1505280        ----a-w-        c:\windows\SysWow64\d3d11.dll
2013-12-18 20:09 . 2014-01-15 10:16        96168        ----a-w-        c:\windows\SysWow64\WindowsAccessBridge-32.dll
.
.
((((((((((((((((((((((((((((  Autostartpunkte der Registrierung  ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2013-11-02 11:35        1727176        ----a-w-        c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2013-11-02 11:35        1727176        ----a-w-        c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2013-11-02 11:35        1727176        ----a-w-        c:\progra~2\MICROS~2\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2012-05-20 291648]
"RUSB3MON"="c:\program files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe" [2011-09-20 115048]
"iTunesHelper"="e:\program files (x86)\iTunes\iTunesHelper.exe" [2013-11-01 152392]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-13 59720]
"AdobeCS6ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" [2012-03-09 1073312]
"Windows Registry"="c:\{$7093-3599-3146-6724$}\winreg.exe" [2014-02-13 5861376]
.
c:\users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Windows Registry.url [2014-3-18 54]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows nt\currentversion\windows]
"Load"=c:\{$7093-3599-3146-6724$}\winreg.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\avcenter.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\avguard.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\avp.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\bdagent.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\ccuac.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\ComboFix.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\egui.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\hijackthis.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\keyscrambler.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\mbam.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\MpCmdRun.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\MSASCui.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\MsMpEng.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\msseces.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\spybotsd.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\wireshark.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\image file execution options\zlclient.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
R3 ATHDFU;Qualcomm Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 athur;Atheros AR9271 Wireless Network Adapter Service;c:\windows\system32\DRIVERS\athurx.sys;c:\windows\SYSNATIVE\DRIVERS\athurx.sys [x]
R3 cpuz135;cpuz135;c:\windows\TEMP\cpuz135\cpuz135_x64.sys;c:\windows\TEMP\cpuz135\cpuz135_x64.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
R3 MSICDSetup;MSICDSetup;d:\cdriver64.sys;d:\CDriver64.sys [x]
R3 NisSrv;Microsoft-Netzwerkinspektion;c:\program files\Microsoft Security Client\NisSrv.exe;c:\program files\Microsoft Security Client\NisSrv.exe [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;d:\ntiolib_x64.sys;d:\NTIOLib_X64.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows-Aktivierungstechnologieservice;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 iusb3hcs;Intel(R) USB 3.0 Hostcontroller-Switchtreiber;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x]
S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x]
S2 MSI_OTPService;MSI_OTPService;c:\program files (x86)\MSI\OTPService\OTPService.exe;c:\program files (x86)\MSI\OTPService\OTPService.exe [x]
S2 NisDrv;Microsoft Network Inspection System;c:\windows\system32\DRIVERS\NisDrvWFP.sys;c:\windows\SYSNATIVE\DRIVERS\NisDrvWFP.sys [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;e:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;e:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S3 AthBTPort;Qualcomm Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 btath_avdt;Qualcomm Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
S3 BTATH_BUS;Qualcomm Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 iusb3hub;Intel(R) USB 3.0-Hubtreiber;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel(R) USB 3.0 eXtensible-Hostcontrollertreiber;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_T;NTIOLib_1_0_T;c:\program files (x86)\MSI\OTPService\NTIOLib_X64.sys;c:\program files (x86)\MSI\OTPService\NTIOLib_X64.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 rusb3hub;Renesas Electronics USB 3.0 Hub Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3hub.sys [x]
S3 rusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver (Version 3.0);c:\windows\system32\DRIVERS\rusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\rusb3xhc.sys [x]
.
.
--- Andere Dienste/Treiber im Speicher ---
.
*NewlyCreated* - WS2IFSL
.
Inhalt des "geplante Tasks" Ordners
.
2014-03-17 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-19 10:01]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2013-01-15 6963272]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-01-21 2234144]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2013-10-23 1266912]
"BtvStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2012-08-31 127616]
"BtTray"="c:\program files (x86)\Bluetooth Suite\BtTray.exe" [2012-08-31 764544]
"Start WingMan Profiler"="c:\program files\Logitech\Gaming Software\LWEMon.exe" [2010-06-14 190536]
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdagent.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccuac.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ComboFix.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hijackthis.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\keyscrambler.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbam.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wireshark.exe]
"Debugger"=nsjw.exe
.
[HKEY_LOCAL_MACHINE\software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zlclient.exe]
"Debugger"=nsjw.exe
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = about:blank
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: Nach Microsoft E&xcel exportieren - e:\progra~4\MICROS~1\Office15\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files (x86)\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\
FF - user.js: browser.newtab.url -
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
WebBrowser-{E8166F43-08B6-4CD6-A9AD-2416AE687F4E} - (no file)
AddRemove-PunkBusterSvc - e:\program files (x86)\Origin Games\Battlefield 4\pbsvc.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_12_0_0_77_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.12"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_12_0_0_77.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avcenter.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avguard.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avp.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bdagent.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ccuac.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ComboFix.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hijackthis.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\keyscrambler.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mbam.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MsMpEng.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spybotsd.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winreg.exe]
@Denied: (A C D 2 3) (Everyone)
"DisableExceptionChainValidation"=""
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wireshark.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zlclient.exe]
@Denied: (A C D 2 3) (Everyone)
"Debugger"="nsjw.exe"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Weitere laufende Prozesse ------------------------
.
c:\program files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\users\Patrick\AppData\Roaming\GetFLV.exe
c:\windows\SysWOW64\WScript.exe
.
**************************************************************************
.
Zeit der Fertigstellung: 2014-03-18  00:21:10 - PC wurde neu gestartet
ComboFix-quarantined-files.txt  2014-03-17 23:21
.
Vor Suchlauf: 11 Verzeichnis(se), 51.923.591.168 Bytes frei
Nach Suchlauf: 15 Verzeichnis(se), 51.674.439.680 Bytes frei
.
- - End Of File - - DE2446B351A174CFB58543BAE12E6D58
A36C5E4F47E84449FF07ED3517B43A31
Vielen dank schon jetzt

Edit: Ahh...verdammt. soll ich es nochmal machen?

cosinus 18.03.2014 00:25
Dein System sieht aus als wär es im Eimer :balla:

Bitte mal mit MBAR fortfahren

Malwarebytes Anti-Rootkit (MBAR)

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

slater27 18.03.2014 00:26
Ich kann aber nur im abgesicherten Modus runterladen :/

cosinus 18.03.2014 00:28
Ist ja egal. Dann lädst es von da runter, startest es um zu updaten machst aber den eigentlich scan im normalen Modus.

slater27 18.03.2014 00:48
Ok.

Habe das gemacht

Code:
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

System is currently in a safe mode

Account is Administrative

Internet Explorer version: 8.0.7601.17514

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 3.417000 GHz
Memory total: 17123012608, free: 15768895488

Downloaded database version: v2014.03.17.09
Downloaded database version: v2014.02.20.01
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 8.0.7601.17514

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 3.417000 GHz
Memory total: 17123012608, free: 15577694208

=======================================
Initializing...
------------ Kernel report ------------
    03/18/2014 00:36:09
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\??\E:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\rusb3xhc.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\btath_bus.sys
\SystemRoot\system32\drivers\WmBEnum.sys
\SystemRoot\system32\drivers\WmXlCore.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\MBfilt64.sys
\SystemRoot\system32\DRIVERS\rusb3hub.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\btath_rcp.sys
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\system32\DRIVERS\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\system32\drivers\WmVirHid.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\gdi32.dll
\Windows\System32\msctf.dll
\Windows\System32\nsi.dll
\Windows\System32\usp10.dll
\Windows\System32\lpk.dll
\Windows\System32\wininet.dll
\Windows\System32\psapi.dll
\Windows\System32\shlwapi.dll
\Windows\System32\iertutil.dll
\Windows\System32\imm32.dll
\Windows\System32\urlmon.dll
\Windows\System32\comdlg32.dll
\Windows\System32\setupapi.dll
\Windows\System32\shell32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\oleaut32.dll
\Windows\System32\user32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\difxapi.dll
\Windows\System32\advapi32.dll
\Windows\System32\imagehlp.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\sechost.dll
\Windows\System32\kernel32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\normaliz.dll
\Windows\System32\ws2_32.dll
\Windows\System32\ole32.dll
\Windows\System32\devobj.dll
\Windows\System32\crypt32.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\comctl32.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800cfa2060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
Lower Device Object: 0xfffffa800cd99060
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800cfa1060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xfffffa800c9ee060
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800cfa1060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800cfa1b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800cfa1060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800c9ee060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 86E2C739

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 234231808

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 120034123776 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-234421648-234441648)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800cfa2060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800cfa2b90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800cfa2060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800cd99060, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1

Partition information:

    Partition 0 type is Dynamic (0x42)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 781420657

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 400088457216 bytes
Sector size: 512 bytes

Done!
Infected: C:\ProgramData\575533705.exe --> [Trojan.Agent]
Infected: C:\Users\Patrick\AppData\Roaming\msconfig.ini --> [Trojan.Agent]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load --> [Trojan.Agent]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avcenter.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avguard.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ccuac.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ComboFix.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\hijackthis.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\keyscrambler.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\mbam.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MpCmdRun.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCui.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\msseces.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\spybotsd.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\wireshark.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\zlclient.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE|Debugger --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BDAGENT.EXE|Debugger --> [Security.Hijack]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\EGUI.EXE|Debugger --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avcenter.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avguard.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ccuac.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ComboFix.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\hijackthis.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\keyscrambler.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\mbam.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MpCmdRun.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCui.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\msseces.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\spybotsd.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\wireshark.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\zlclient.exe --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE|Debugger --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BDAGENT.EXE|Debugger --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\EGUI.EXE|Debugger --> [Security.Hijack]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Windows Registry --> [Trojan.Agent]
Infected: C:\{$7093-3599-3146-6724$} --> [Trojan.Agent.BCM]
Infected: C:\{$7093-3599-3146-6724$}\winreg.exe --> [Trojan.Agent.BCM]
Infected: HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WINREG.EXE --> [Trojan.Agent.BCM]
Infected: HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WINREG.EXE --> [Trojan.Agent.BCM]
Infected: HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load --> [Trojan.Agent.BCM]
Infected: C:\{$7093-3599-3146-6724$}\winreg.exe --> [Trojan.Agent.BCM]
Scan finished
Creating System Restore point...
Cleaning up...
Removal scheduling successful. System shutdown needed.
System shutdown occurred
=======================================


---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.07.0.1009

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 8.0.7601.17514

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, E:\ DRIVE_FIXED
CPU speed: 3.417000 GHz
Memory total: 17123012608, free: 15372111872

Initializing...
======================
------------ Kernel report ------------
    03/18/2014 00:43:24
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\drivers\imofugc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\system32\DRIVERS\iusb3hcs.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\system32\DRIVERS\MpFilter.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\DRIVERS\cdrom.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\ws2ifsl.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\??\E:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\iusb3xhc.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\HECIx64.sys
\SystemRoot\system32\drivers\usbehci.sys
\SystemRoot\system32\drivers\USBPORT.SYS
\SystemRoot\system32\DRIVERS\Rt64win7.sys
\SystemRoot\system32\DRIVERS\rusb3xhc.sys
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\DRIVERS\ks.sys
\SystemRoot\system32\DRIVERS\btath_bus.sys
\SystemRoot\system32\drivers\WmBEnum.sys
\SystemRoot\system32\drivers\WmXlCore.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\DRIVERS\iusb3hub.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\system32\drivers\MBfilt64.sys
\SystemRoot\system32\DRIVERS\rusb3hub.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\DRIVERS\btfilter.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\DRIVERS\NisDrvWFP.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\system32\DRIVERS\rfcomm.sys
\SystemRoot\system32\drivers\BthEnum.sys
\SystemRoot\system32\DRIVERS\bthpan.sys
\SystemRoot\system32\DRIVERS\btath_rcp.sys
\SystemRoot\system32\drivers\btath_avdt.sys
\SystemRoot\system32\drivers\btath_a2dp.sys
\SystemRoot\system32\DRIVERS\btath_hcrp.sys
\SystemRoot\system32\DRIVERS\btath_flt.sys
\SystemRoot\system32\DRIVERS\btath_lwflt.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys
\SystemRoot\system32\drivers\WmVirHid.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
\Windows\System32\autochk.exe
\Windows\System32\advapi32.dll
\Windows\System32\comdlg32.dll
\Windows\System32\Wldap32.dll
\Windows\System32\wininet.dll
\Windows\System32\sechost.dll
\Windows\System32\ws2_32.dll
\Windows\System32\msvcrt.dll
\Windows\System32\user32.dll
\Windows\System32\clbcatq.dll
\Windows\System32\imagehlp.dll
\Windows\System32\usp10.dll
\Windows\System32\psapi.dll
\Windows\System32\nsi.dll
\Windows\System32\lpk.dll
\Windows\System32\rpcrt4.dll
\Windows\System32\imm32.dll
\Windows\System32\shell32.dll
\Windows\System32\oleaut32.dll
\Windows\System32\msctf.dll
\Windows\System32\setupapi.dll
\Windows\System32\shlwapi.dll
\Windows\System32\normaliz.dll
\Windows\System32\ole32.dll
\Windows\System32\iertutil.dll
\Windows\System32\gdi32.dll
\Windows\System32\kernel32.dll
\Windows\System32\difxapi.dll
\Windows\System32\urlmon.dll
\Windows\System32\wintrust.dll
\Windows\System32\cfgmgr32.dll
\Windows\System32\crypt32.dll
\Windows\System32\comctl32.dll
\Windows\System32\KernelBase.dll
\Windows\System32\devobj.dll
\Windows\System32\msasn1.dll
\Windows\SysWOW64\normaliz.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa800cf9b060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP1T0L0-1\
Lower Device Object: 0xfffffa800cb4d060
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa800cf9a060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\
Lower Device Object: 0xfffffa800c9cd060
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa800cf9a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800cf9ab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800cf9a060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800c9cd060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Done!
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 86E2C739

Partition information:

    Partition 0 type is Primary (0x7)
    Partition is ACTIVE.
    Partition starts at LBA: 2048  Numsec = 204800
    Partition file system is NTFS
    Partition is bootable

    Partition 1 type is Primary (0x7)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 206848  Numsec = 234231808

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 120034123776 bytes
Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-2047-234421648-234441648)...
Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa800cf9b060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa800cf9bb90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa800cf9b060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa800cb4d060, DeviceName: \Device\Ide\IdeDeviceP1T0L0-1\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: 1

Partition information:

    Partition 0 type is Dynamic (0x42)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 63  Numsec = 781420657

    Partition 1 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 2 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

    Partition 3 type is Empty (0x0)
    Partition is NOT ACTIVE.
    Partition starts at LBA: 0  Numsec = 0

Disk Size: 400088457216 bytes
Sector size: 512 bytes

Done!
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-0-0-2048-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removal finished

cosinus 18.03.2014 00:53
Falsches Log. Bitte das richtige posten

Zitat:
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

slater27 18.03.2014 00:59
Code:
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.03.17.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Patrick :: PATRICK-PC [administrator]

18.03.2014 00:36:12
mbar-log-2014-03-18 (00-36-12).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 243288
Time elapsed: 3 minute(s), 16 second(s)

Memory Processes Detected: 1
C:\{$7093-3599-3146-6724$}\winreg.exe (Trojan.Agent.BCM) -> 2368 -> Delete on reboot.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 32
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avcenter.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avguard.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ccuac.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ComboFix.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\hijackthis.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\keyscrambler.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\mbam.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MpCmdRun.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCui.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\msseces.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\spybotsd.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\wireshark.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\zlclient.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avcenter.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\avguard.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ccuac.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\ComboFix.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\hijackthis.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\keyscrambler.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\mbam.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MpCmdRun.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MSASCui.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\MsMpEng.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\msseces.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\spybotsd.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\wireshark.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\zlclient.exe (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE (Security.Hijack) -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WINREG.EXE (Trojan.Agent.BCM) -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\WINREG.EXE (Trojan.Agent.BCM) -> Delete on reboot.

Registry Values Detected: 8
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load (Trojan.Agent) -> Data: C:\{$7093-3599-3146-6724$}\winreg.exe -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE|Debugger (Security.Hijack) -> Data: nsjw.exe -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BDAGENT.EXE|Debugger (Security.Hijack) -> Data: nsjw.exe -> Delete on reboot.
HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\EGUI.EXE|Debugger (Security.Hijack) -> Data: nsjw.exe -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\AVP.EXE|Debugger (Security.Hijack) -> Data: nsjw.exe -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\BDAGENT.EXE|Debugger (Security.Hijack) -> Data: nsjw.exe -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\EGUI.EXE|Debugger (Security.Hijack) -> Data: nsjw.exe -> Delete on reboot.
HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Windows Registry (Trojan.Agent) -> Data: C:\{$7093-3599-3146-6724$}\winreg.exe -rundll32 /SYSTEM32 "C:\Windows\System32\taskmgr.exe" "C:\Program Files\Microsoft\Windows" -> Delete on reboot.

Registry Data Items Detected: 1
HKCU\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|Load (Trojan.Agent.BCM) -> Bad: (C:\{$7093-3599-3146-6724$}\winreg.exe) Good: () -> Replace on reboot.

Folders Detected: 1
C:\{$7093-3599-3146-6724$} (Trojan.Agent.BCM) -> Delete on reboot.

Files Detected: 3
C:\ProgramData\575533705.exe (Trojan.Agent) -> Delete on reboot.
C:\Users\Patrick\AppData\Roaming\msconfig.ini (Trojan.Agent) -> Delete on reboot.
C:\{$7093-3599-3146-6724$}\winreg.exe (Trojan.Agent.BCM) -> Delete on reboot.

Physical Sectors Detected: 0
(No malicious items detected)

(end)

und dann:

Code:
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.03.17.09

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Patrick :: PATRICK-PC [administrator]

18.03.2014 00:43:26
mbar-log-2014-03-18 (00-43-26).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 243169
Time elapsed: 3 minute(s), 10 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

cosinus 18.03.2014 01:06
Ok, dann weiter mit TDSS-Killer bitte

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

slater27 18.03.2014 01:18
Code:
01:17:02.0199 0x133c  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
01:17:04.0741 0x133c  ============================================================
01:17:04.0741 0x133c  Current date / time: 2014/03/18 01:17:04.0741
01:17:04.0741 0x133c  SystemInfo:
01:17:04.0741 0x133c 
01:17:04.0741 0x133c  OS Version: 6.1.7601 ServicePack: 1.0
01:17:04.0741 0x133c  Product type: Workstation
01:17:04.0741 0x133c  ComputerName: PATRICK-PC
01:17:04.0741 0x133c  UserName: Patrick
01:17:04.0741 0x133c  Windows directory: C:\Windows
01:17:04.0741 0x133c  System windows directory: C:\Windows
01:17:04.0741 0x133c  Running under WOW64
01:17:04.0741 0x133c  Processor architecture: Intel x64
01:17:04.0741 0x133c  Number of processors: 4
01:17:04.0741 0x133c  Page size: 0x1000
01:17:04.0741 0x133c  Boot type: Normal boot
01:17:04.0741 0x133c  ============================================================
01:17:05.0007 0x133c  KLMD registered as C:\Windows\system32\drivers\49258197.sys
01:17:05.0022 0x133c  System UUID: {1CEE2FE5-4501-26F1-54CF-AB836DE81A8C}
01:17:05.0194 0x133c  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:17:05.0194 0x133c  Drive \Device\Harddisk1\DR1 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
01:17:05.0209 0x133c  ============================================================
01:17:05.0209 0x133c  \Device\Harddisk0\DR0:
01:17:05.0209 0x133c  MBR partitions:
01:17:05.0209 0x133c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
01:17:05.0209 0x133c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
01:17:05.0209 0x133c  \Device\Harddisk1\DR1:
01:17:05.0209 0x133c  MBR partitions:
01:17:05.0209 0x133c  ============================================================
01:17:05.0209 0x133c  C: <-> \Device\Harddisk0\DR0\Partition2
01:17:05.0209 0x133c  ============================================================
01:17:05.0209 0x133c  Initialize success
01:17:05.0209 0x133c  ============================================================
01:17:06.0847 0x0a30  ============================================================
01:17:06.0847 0x0a30  Scan started
01:17:06.0847 0x0a30  Mode: Manual;
01:17:06.0847 0x0a30  ============================================================
01:17:06.0847 0x0a30  KSN ping started
01:17:09.0531 0x0a30  KSN ping finished: true
01:17:09.0546 0x0a30  ================ Scan system memory ========================
01:17:09.0546 0x0a30  System memory - ok
01:17:09.0546 0x0a30  ================ Scan services =============================
01:17:09.0577 0x0a30  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
01:17:09.0577 0x0a30  1394ohci - ok
01:17:09.0593 0x0a30  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
01:17:09.0593 0x0a30  ACPI - ok
01:17:09.0593 0x0a30  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
01:17:09.0609 0x0a30  AcpiPmi - ok
01:17:09.0609 0x0a30  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
01:17:09.0609 0x0a30  AdobeARMservice - ok
01:17:09.0624 0x0a30  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
01:17:09.0624 0x0a30  AdobeFlashPlayerUpdateSvc - ok
01:17:09.0640 0x0a30  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
01:17:09.0640 0x0a30  adp94xx - ok
01:17:09.0655 0x0a30  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\drivers\adpahci.sys
01:17:09.0655 0x0a30  adpahci - ok
01:17:09.0655 0x0a30  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
01:17:09.0671 0x0a30  adpu320 - ok
01:17:09.0671 0x0a30  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
01:17:09.0671 0x0a30  AeLookupSvc - ok
01:17:09.0687 0x0a30  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD            C:\Windows\system32\drivers\afd.sys
01:17:09.0687 0x0a30  AFD - ok
01:17:09.0702 0x0a30  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
01:17:09.0702 0x0a30  agp440 - ok
01:17:09.0702 0x0a30  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
01:17:09.0702 0x0a30  ALG - ok
01:17:09.0702 0x0a30  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
01:17:09.0702 0x0a30  aliide - ok
01:17:09.0702 0x0a30  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
01:17:09.0702 0x0a30  amdide - ok
01:17:09.0702 0x0a30  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
01:17:09.0718 0x0a30  AmdK8 - ok
01:17:09.0718 0x0a30  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
01:17:09.0718 0x0a30  AmdPPM - ok
01:17:09.0718 0x0a30  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
01:17:09.0718 0x0a30  amdsata - ok
01:17:09.0733 0x0a30  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
01:17:09.0733 0x0a30  amdsbs - ok
01:17:09.0733 0x0a30  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
01:17:09.0733 0x0a30  amdxata - ok
01:17:09.0733 0x0a30  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID          C:\Windows\system32\drivers\appid.sys
01:17:09.0733 0x0a30  AppID - ok
01:17:09.0733 0x0a30  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
01:17:09.0733 0x0a30  AppIDSvc - ok
01:17:09.0749 0x0a30  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo        C:\Windows\System32\appinfo.dll
01:17:09.0749 0x0a30  Appinfo - ok
01:17:09.0749 0x0a30  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
01:17:09.0749 0x0a30  Apple Mobile Device - ok
01:17:09.0749 0x0a30  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt        C:\Windows\System32\appmgmts.dll
01:17:09.0765 0x0a30  AppMgmt - ok
01:17:09.0765 0x0a30  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\drivers\arc.sys
01:17:09.0765 0x0a30  arc - ok
01:17:09.0765 0x0a30  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
01:17:09.0765 0x0a30  arcsas - ok
01:17:09.0780 0x0a30  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
01:17:09.0780 0x0a30  aspnet_state - ok
01:17:09.0780 0x0a30  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
01:17:09.0780 0x0a30  AsyncMac - ok
01:17:09.0780 0x0a30  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
01:17:09.0780 0x0a30  atapi - ok
01:17:09.0796 0x0a30  [ 4885C14A6AB6969B5773A42DA0BA3DA4, E317E1E299543FBD9853C71E1CF8019343B6234B9AAF56ABF48C41BB7743490B ] AthBTPort      C:\Windows\system32\DRIVERS\btath_flt.sys
01:17:09.0796 0x0a30  AthBTPort - ok
01:17:09.0796 0x0a30  [ 0D21FF67523897518C88F00CCDF09CCC, 0D23D7BC51C1EC0ADBFBFCA0BC1D20BD4E094C22FA3DC37FFBC0F0A6C62C7C33 ] ATHDFU          C:\Windows\system32\Drivers\AthDfu.sys
01:17:09.0796 0x0a30  ATHDFU - ok
01:17:09.0796 0x0a30  [ 0DA0112D92371C0E9B3A15ED31CC3EF4, D27B13119A9E9B8547A199C8D19F5FADE5F9436DF7045525759BECC96403D7BF ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
01:17:09.0811 0x0a30  AtherosSvc - ok
01:17:09.0843 0x0a30  [ 5C5CC823E1B25543DCBFF678BE25A791, F468A487EE750525FB7327E85C3C7D43FF6FBE131DB9AF877098E87E304F0023 ] athur          C:\Windows\system32\DRIVERS\athurx.sys
01:17:09.0889 0x0a30  athur - ok
01:17:09.0905 0x0a30  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
01:17:09.0905 0x0a30  AudioEndpointBuilder - ok
01:17:09.0921 0x0a30  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
01:17:09.0936 0x0a30  AudioSrv - ok
01:17:09.0936 0x0a30  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
01:17:09.0936 0x0a30  AxInstSV - ok
01:17:09.0952 0x0a30  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
01:17:09.0952 0x0a30  b06bdrv - ok
01:17:09.0967 0x0a30  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
01:17:09.0967 0x0a30  b57nd60a - ok
01:17:09.0967 0x0a30  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
01:17:09.0967 0x0a30  BDESVC - ok
01:17:09.0967 0x0a30  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
01:17:09.0967 0x0a30  Beep - ok
01:17:09.0983 0x0a30  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
01:17:09.0999 0x0a30  BFE - ok
01:17:10.0014 0x0a30  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
01:17:10.0030 0x0a30  BITS - ok
01:17:10.0030 0x0a30  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
01:17:10.0030 0x0a30  blbdrive - ok
01:17:10.0045 0x0a30  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
01:17:10.0045 0x0a30  Bonjour Service - ok
01:17:10.0061 0x0a30  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
01:17:10.0061 0x0a30  bowser - ok
01:17:10.0061 0x0a30  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
01:17:10.0061 0x0a30  BrFiltLo - ok
01:17:10.0061 0x0a30  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
01:17:10.0061 0x0a30  BrFiltUp - ok
01:17:10.0061 0x0a30  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
01:17:10.0077 0x0a30  BridgeMP - ok
01:17:10.0077 0x0a30  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
01:17:10.0077 0x0a30  Browser - ok
01:17:10.0077 0x0a30  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
01:17:10.0092 0x0a30  Brserid - ok
01:17:10.0092 0x0a30  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
01:17:10.0092 0x0a30  BrSerWdm - ok
01:17:10.0092 0x0a30  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
01:17:10.0092 0x0a30  BrUsbMdm - ok
01:17:10.0092 0x0a30  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
01:17:10.0092 0x0a30  BrUsbSer - ok
01:17:10.0108 0x0a30  [ E53B1FF861DCD4A66858F1B74B051402, 200590F1A9BE0F6AF5AB1016291CD1EC6DAEEF1E920698806782F29F4E9A7D73 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
01:17:10.0108 0x0a30  BTATH_A2DP - ok
01:17:10.0123 0x0a30  [ D0632BBEFF06098354AF3401ACA4494F, 753645304CCA307D3F6C87CA8F199CB15972CB789B44E2F55C6071F7F068809E ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
01:17:10.0123 0x0a30  btath_avdt - ok
01:17:10.0123 0x0a30  [ 8170714B89CA05E6C35FEFB9DA7653D8, 92411525217FC2589947C70F7B12FAA3E3053A9FE98D11F4F96A48DAC2AC7E90 ] BTATH_BUS      C:\Windows\system32\DRIVERS\btath_bus.sys
01:17:10.0123 0x0a30  BTATH_BUS - ok
01:17:10.0123 0x0a30  [ 77F498F46192EF92C0144B5B13C50B4B, 99B2BCD3039169CC1CE30E436100F89435D6D156C051268360C9FFE78333BDA7 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
01:17:10.0123 0x0a30  BTATH_HCRP - ok
01:17:10.0139 0x0a30  [ D0AA846BCF0E85E1513C8DF2FC6F8BF1, FADA2949202CE2FB92B5256AE2070C78E70CE712E45F547532BDDAA7E3FE141E ] BTATH_LWFLT    C:\Windows\system32\DRIVERS\btath_lwflt.sys
01:17:10.0139 0x0a30  BTATH_LWFLT - ok
01:17:10.0139 0x0a30  [ 057DA8351AD21AE485A11A8237DC9263, 151C0A591A26E26C7700F00EC8E95C6D8A5406869109A0CA01A3C38D1C5FBA2A ] BTATH_RCP      C:\Windows\system32\DRIVERS\btath_rcp.sys
01:17:10.0139 0x0a30  BTATH_RCP - ok
01:17:10.0155 0x0a30  [ A54980772C5A779D5A7A800E398A5509, 512285FD2C61C56487141923207F2BC698996D2AF010F7E86371A0025C5006A9 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
01:17:10.0155 0x0a30  BtFilter - ok
01:17:10.0170 0x0a30  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum        C:\Windows\system32\drivers\BthEnum.sys
01:17:10.0170 0x0a30  BthEnum - ok
01:17:10.0170 0x0a30  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
01:17:10.0170 0x0a30  BTHMODEM - ok
01:17:10.0170 0x0a30  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
01:17:10.0170 0x0a30  BthPan - ok
01:17:10.0186 0x0a30  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT        C:\Windows\System32\Drivers\BTHport.sys
01:17:10.0201 0x0a30  BTHPORT - ok
01:17:10.0201 0x0a30  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
01:17:10.0201 0x0a30  bthserv - ok
01:17:10.0201 0x0a30  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
01:17:10.0201 0x0a30  BTHUSB - ok
01:17:10.0201 0x0a30  catchme - ok
01:17:10.0217 0x0a30  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
01:17:10.0217 0x0a30  cdfs - ok
01:17:10.0217 0x0a30  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
01:17:10.0217 0x0a30  cdrom - ok
01:17:10.0233 0x0a30  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
01:17:10.0233 0x0a30  CertPropSvc - ok
01:17:10.0233 0x0a30  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
01:17:10.0233 0x0a30  circlass - ok
01:17:10.0233 0x0a30  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
01:17:10.0248 0x0a30  CLFS - ok
01:17:10.0248 0x0a30  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
01:17:10.0248 0x0a30  clr_optimization_v2.0.50727_32 - ok
01:17:10.0264 0x0a30  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
01:17:10.0264 0x0a30  clr_optimization_v2.0.50727_64 - ok
01:17:10.0264 0x0a30  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
01:17:10.0279 0x0a30  clr_optimization_v4.0.30319_32 - ok
01:17:10.0279 0x0a30  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
01:17:10.0279 0x0a30  clr_optimization_v4.0.30319_64 - ok
01:17:10.0279 0x0a30  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
01:17:10.0295 0x0a30  CmBatt - ok
01:17:10.0295 0x0a30  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
01:17:10.0295 0x0a30  cmdide - ok
01:17:10.0311 0x0a30  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG            C:\Windows\system32\Drivers\cng.sys
01:17:10.0311 0x0a30  CNG - ok
01:17:10.0311 0x0a30  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
01:17:10.0311 0x0a30  Compbatt - ok
01:17:10.0326 0x0a30  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
01:17:10.0326 0x0a30  CompositeBus - ok
01:17:10.0326 0x0a30  COMSysApp - ok
01:17:10.0326 0x0a30  cpuz135 - ok
01:17:10.0326 0x0a30  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
01:17:10.0326 0x0a30  crcdisk - ok
01:17:10.0326 0x0a30  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
01:17:10.0342 0x0a30  CryptSvc - ok
01:17:10.0342 0x0a30  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC            C:\Windows\system32\drivers\csc.sys
01:17:10.0357 0x0a30  CSC - ok
01:17:10.0373 0x0a30  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
01:17:10.0389 0x0a30  CscService - ok
01:17:10.0404 0x0a30  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
01:17:10.0420 0x0a30  DcomLaunch - ok
01:17:10.0420 0x0a30  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
01:17:10.0420 0x0a30  defragsvc - ok
01:17:10.0420 0x0a30  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
01:17:10.0435 0x0a30  DfsC - ok
01:17:10.0435 0x0a30  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
01:17:10.0435 0x0a30  Dhcp - ok
01:17:10.0451 0x0a30  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
01:17:10.0451 0x0a30  discache - ok
01:17:10.0451 0x0a30  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
01:17:10.0451 0x0a30  Disk - ok
01:17:10.0451 0x0a30  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc          C:\Windows\system32\drivers\dmvsc.sys
01:17:10.0451 0x0a30  dmvsc - ok
01:17:10.0467 0x0a30  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
01:17:10.0467 0x0a30  Dnscache - ok
01:17:10.0467 0x0a30  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
01:17:10.0482 0x0a30  dot3svc - ok
01:17:10.0482 0x0a30  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
01:17:10.0482 0x0a30  DPS - ok
01:17:10.0482 0x0a30  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
01:17:10.0482 0x0a30  drmkaud - ok
01:17:10.0513 0x0a30  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
01:17:10.0513 0x0a30  DXGKrnl - ok
01:17:10.0529 0x0a30  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
01:17:10.0529 0x0a30  EapHost - ok
01:17:10.0576 0x0a30  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
01:17:10.0638 0x0a30  ebdrv - ok
01:17:10.0638 0x0a30  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS            C:\Windows\System32\lsass.exe
01:17:10.0638 0x0a30  EFS - ok
01:17:10.0654 0x0a30  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
01:17:10.0669 0x0a30  ehRecvr - ok
01:17:10.0685 0x0a30  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
01:17:10.0685 0x0a30  ehSched - ok
01:17:10.0685 0x0a30  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
01:17:10.0701 0x0a30  elxstor - ok
01:17:10.0701 0x0a30  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
01:17:10.0701 0x0a30  ErrDev - ok
01:17:10.0716 0x0a30  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
01:17:10.0716 0x0a30  EventSystem - ok
01:17:10.0732 0x0a30  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
01:17:10.0732 0x0a30  exfat - ok
01:17:10.0732 0x0a30  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
01:17:10.0732 0x0a30  fastfat - ok
01:17:10.0747 0x0a30  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
01:17:10.0763 0x0a30  Fax - ok
01:17:10.0763 0x0a30  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\drivers\fdc.sys
01:17:10.0763 0x0a30  fdc - ok
01:17:10.0763 0x0a30  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
01:17:10.0763 0x0a30  fdPHost - ok
01:17:10.0779 0x0a30  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
01:17:10.0779 0x0a30  FDResPub - ok
01:17:10.0779 0x0a30  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
01:17:10.0779 0x0a30  FileInfo - ok
01:17:10.0779 0x0a30  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
01:17:10.0779 0x0a30  Filetrace - ok
01:17:10.0779 0x0a30  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
01:17:10.0779 0x0a30  flpydisk - ok
01:17:10.0794 0x0a30  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
01:17:10.0794 0x0a30  FltMgr - ok
01:17:10.0810 0x0a30  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache      C:\Windows\system32\FntCache.dll
01:17:10.0841 0x0a30  FontCache - ok
01:17:10.0841 0x0a30  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
01:17:10.0841 0x0a30  FontCache3.0.0.0 - ok
01:17:10.0841 0x0a30  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
01:17:10.0841 0x0a30  FsDepends - ok
01:17:10.0841 0x0a30  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
01:17:10.0841 0x0a30  Fs_Rec - ok
01:17:10.0857 0x0a30  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
01:17:10.0857 0x0a30  fvevol - ok
01:17:10.0857 0x0a30  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
01:17:10.0857 0x0a30  gagp30kx - ok
01:17:10.0857 0x0a30  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
01:17:10.0872 0x0a30  GEARAspiWDM - ok
01:17:10.0888 0x0a30  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
01:17:10.0888 0x0a30  gpsvc - ok
01:17:10.0903 0x0a30  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
01:17:10.0903 0x0a30  hcw85cir - ok
01:17:10.0903 0x0a30  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
01:17:10.0919 0x0a30  HdAudAddService - ok
01:17:10.0919 0x0a30  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
01:17:10.0919 0x0a30  HDAudBus - ok
01:17:10.0919 0x0a30  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
01:17:10.0919 0x0a30  HidBatt - ok
01:17:10.0935 0x0a30  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
01:17:10.0935 0x0a30  HidBth - ok
01:17:10.0935 0x0a30  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\drivers\hidir.sys
01:17:10.0935 0x0a30  HidIr - ok
01:17:10.0935 0x0a30  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\System32\hidserv.dll
01:17:10.0935 0x0a30  hidserv - ok
01:17:10.0935 0x0a30  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
01:17:10.0935 0x0a30  HidUsb - ok
01:17:10.0950 0x0a30  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
01:17:10.0950 0x0a30  hkmsvc - ok
01:17:10.0950 0x0a30  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
01:17:10.0950 0x0a30  HomeGroupListener - ok
01:17:10.0966 0x0a30  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
01:17:10.0966 0x0a30  HomeGroupProvider - ok
01:17:10.0966 0x0a30  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
01:17:10.0966 0x0a30  HpSAMD - ok
01:17:10.0981 0x0a30  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
01:17:10.0997 0x0a30  HTTP - ok
01:17:10.0997 0x0a30  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
01:17:10.0997 0x0a30  hwpolicy - ok
01:17:10.0997 0x0a30  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
01:17:10.0997 0x0a30  i8042prt - ok
01:17:11.0013 0x0a30  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
01:17:11.0013 0x0a30  iaStorV - ok
01:17:11.0044 0x0a30  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
01:17:11.0059 0x0a30  idsvc - ok
01:17:11.0059 0x0a30  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
01:17:11.0059 0x0a30  iirsp - ok
01:17:11.0075 0x0a30  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
01:17:11.0091 0x0a30  IKEEXT - ok
01:17:11.0153 0x0a30  [ 55FCBF5440EE61DBC5A6F637F7B4C776, 7D6F0DE6B8D38D4BA87592E9F39B402530007D43A23E8E7A57AA6CC30D53AC22 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
01:17:11.0184 0x0a30  IntcAzAudAddService - ok
01:17:11.0215 0x0a30  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
01:17:11.0215 0x0a30  Intel(R) Capability Licensing Service Interface - ok
01:17:11.0231 0x0a30  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
01:17:11.0247 0x0a30  Intel(R) Capability Licensing Service TCP IP Interface - ok
01:17:11.0262 0x0a30  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
01:17:11.0262 0x0a30  intelide - ok
01:17:11.0262 0x0a30  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
01:17:11.0262 0x0a30  intelppm - ok
01:17:11.0262 0x0a30  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
01:17:11.0262 0x0a30  IPBusEnum - ok
01:17:11.0278 0x0a30  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
01:17:11.0278 0x0a30  IpFilterDriver - ok
01:17:11.0278 0x0a30  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
01:17:11.0293 0x0a30  iphlpsvc - ok
01:17:11.0293 0x0a30  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
01:17:11.0293 0x0a30  IPMIDRV - ok
01:17:11.0309 0x0a30  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
01:17:11.0309 0x0a30  IPNAT - ok
01:17:11.0325 0x0a30  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
01:17:11.0325 0x0a30  iPod Service - ok
01:17:11.0325 0x0a30  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
01:17:11.0325 0x0a30  IRENUM - ok
01:17:11.0340 0x0a30  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
01:17:11.0340 0x0a30  isapnp - ok
01:17:11.0340 0x0a30  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
01:17:11.0340 0x0a30  iScsiPrt - ok
01:17:11.0356 0x0a30  [ 5AB18D8055A4280C0F377A6262F3157E, 091366AE17601407E2A882BFF7901F1970C1111DA935B913BEAA2AFA76D4EEA2 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
01:17:11.0356 0x0a30  ISCT - ok
01:17:11.0356 0x0a30  ISODrive - ok
01:17:11.0356 0x0a30  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
01:17:11.0356 0x0a30  iusb3hcs - ok
01:17:11.0371 0x0a30  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
01:17:11.0371 0x0a30  iusb3hub - ok
01:17:11.0387 0x0a30  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
01:17:11.0387 0x0a30  iusb3xhc - ok
01:17:11.0403 0x0a30  [ 08B14887C0B98101F8EC207817A0D734, DF2B2C16F9C8EA05533AE26C3302C41D5B67966D8E55ED8625353AE1D70FBD29 ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
01:17:11.0403 0x0a30  jhi_service - ok
01:17:11.0403 0x0a30  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
01:17:11.0403 0x0a30  kbdclass - ok
01:17:11.0403 0x0a30  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
01:17:11.0418 0x0a30  kbdhid - ok
01:17:11.0418 0x0a30  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
01:17:11.0418 0x0a30  KeyIso - ok
01:17:11.0418 0x0a30  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
01:17:11.0418 0x0a30  KSecDD - ok
01:17:11.0418 0x0a30  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
01:17:11.0418 0x0a30  KSecPkg - ok
01:17:11.0434 0x0a30  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
01:17:11.0434 0x0a30  ksthunk - ok
01:17:11.0434 0x0a30  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
01:17:11.0449 0x0a30  KtmRm - ok
01:17:11.0449 0x0a30  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
01:17:11.0465 0x0a30  LanmanServer - ok
01:17:11.0465 0x0a30  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
01:17:11.0465 0x0a30  LanmanWorkstation - ok
01:17:11.0465 0x0a30  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
01:17:11.0465 0x0a30  lltdio - ok
01:17:11.0481 0x0a30  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
01:17:11.0481 0x0a30  lltdsvc - ok
01:17:11.0481 0x0a30  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
01:17:11.0481 0x0a30  lmhosts - ok
01:17:11.0496 0x0a30  [ 920F6774762DE8D8477088B6F38FBD6C, DA056D27FE775835CD6F8F5F3143179D818C20658304E21100B534C24079916C ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
01:17:11.0496 0x0a30  LMS - ok
01:17:11.0512 0x0a30  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
01:17:11.0512 0x0a30  LSI_FC - ok
01:17:11.0512 0x0a30  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
01:17:11.0512 0x0a30  LSI_SAS - ok
01:17:11.0512 0x0a30  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
01:17:11.0512 0x0a30  LSI_SAS2 - ok
01:17:11.0527 0x0a30  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
01:17:11.0527 0x0a30  LSI_SCSI - ok
01:17:11.0527 0x0a30  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
01:17:11.0527 0x0a30  luafv - ok
01:17:11.0527 0x0a30  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
01:17:11.0527 0x0a30  MBfilt - ok
01:17:11.0543 0x0a30  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
01:17:11.0543 0x0a30  Mcx2Svc - ok
01:17:11.0543 0x0a30  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\drivers\megasas.sys
01:17:11.0543 0x0a30  megasas - ok
01:17:11.0543 0x0a30  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
01:17:11.0559 0x0a30  MegaSR - ok
01:17:11.0559 0x0a30  [ D71FD7A4FDB01C554AE144037B688DF1, 74D33303DA559A3A2EB809FC0EC3722D24F7F1A37BC7370680CFEB951BE735AF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
01:17:11.0559 0x0a30  MEIx64 - ok
01:17:11.0559 0x0a30  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
01:17:11.0559 0x0a30  MMCSS - ok
01:17:11.0574 0x0a30  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
01:17:11.0574 0x0a30  Modem - ok
01:17:11.0574 0x0a30  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
01:17:11.0574 0x0a30  monitor - ok
01:17:11.0574 0x0a30  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
01:17:11.0574 0x0a30  mouclass - ok
01:17:11.0574 0x0a30  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
01:17:11.0574 0x0a30  mouhid - ok
01:17:11.0574 0x0a30  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
01:17:11.0590 0x0a30  mountmgr - ok
01:17:11.0590 0x0a30  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
01:17:11.0590 0x0a30  MozillaMaintenance - ok
01:17:11.0590 0x0a30  [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
01:17:11.0605 0x0a30  MpFilter - ok
01:17:11.0605 0x0a30  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
01:17:11.0605 0x0a30  mpio - ok
01:17:11.0605 0x0a30  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
01:17:11.0605 0x0a30  mpsdrv - ok
01:17:11.0637 0x0a30  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
01:17:11.0637 0x0a30  MpsSvc - ok
01:17:11.0652 0x0a30  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
01:17:11.0652 0x0a30  MRxDAV - ok
01:17:11.0652 0x0a30  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
01:17:11.0668 0x0a30  mrxsmb - ok
01:17:11.0668 0x0a30  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
01:17:11.0668 0x0a30  mrxsmb10 - ok
01:17:11.0683 0x0a30  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
01:17:11.0683 0x0a30  mrxsmb20 - ok
01:17:11.0683 0x0a30  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
01:17:11.0683 0x0a30  msahci - ok
01:17:11.0683 0x0a30  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
01:17:11.0683 0x0a30  msdsm - ok
01:17:11.0699 0x0a30  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
01:17:11.0699 0x0a30  MSDTC - ok
01:17:11.0699 0x0a30  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
01:17:11.0699 0x0a30  Msfs - ok
01:17:11.0699 0x0a30  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
01:17:11.0699 0x0a30  mshidkmdf - ok
01:17:11.0699 0x0a30  MSICDSetup - ok
01:17:11.0715 0x0a30  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
01:17:11.0715 0x0a30  msisadrv - ok
01:17:11.0715 0x0a30  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
01:17:11.0715 0x0a30  MSiSCSI - ok
01:17:11.0715 0x0a30  msiserver - ok
01:17:11.0730 0x0a30  [ AA9D2BF07FB7F4DE5D2EC1F40C3E3715, 45A60D3DBC48668426F537657B6BA32FF60CB455DEE4D76868542C6A9862BC61 ] MSI_OTPService  C:\Program Files (x86)\MSI\OTPService\OTPService.exe
01:17:11.0730 0x0a30  MSI_OTPService - ok
01:17:11.0730 0x0a30  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
01:17:11.0730 0x0a30  MSKSSRV - ok
01:17:11.0730 0x0a30  [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc        c:\Program Files\Microsoft Security Client\MsMpEng.exe
01:17:11.0746 0x0a30  MsMpSvc - ok
01:17:11.0746 0x0a30  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
01:17:11.0746 0x0a30  MSPCLOCK - ok
01:17:11.0746 0x0a30  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
01:17:11.0746 0x0a30  MSPQM - ok
01:17:11.0746 0x0a30  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
01:17:11.0761 0x0a30  MsRPC - ok
01:17:11.0761 0x0a30  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
01:17:11.0761 0x0a30  mssmbios - ok
01:17:11.0761 0x0a30  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
01:17:11.0761 0x0a30  MSTEE - ok
01:17:11.0761 0x0a30  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
01:17:11.0761 0x0a30  MTConfig - ok
01:17:11.0777 0x0a30  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
01:17:11.0777 0x0a30  Mup - ok
01:17:11.0777 0x0a30  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
01:17:11.0793 0x0a30  napagent - ok
01:17:11.0793 0x0a30  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
01:17:11.0793 0x0a30  NativeWifiP - ok
01:17:11.0824 0x0a30  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
01:17:11.0839 0x0a30  NDIS - ok
01:17:11.0839 0x0a30  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
01:17:11.0839 0x0a30  NdisCap - ok
01:17:11.0839 0x0a30  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
01:17:11.0839 0x0a30  NdisTapi - ok
01:17:11.0839 0x0a30  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
01:17:11.0855 0x0a30  Ndisuio - ok
01:17:11.0855 0x0a30  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
01:17:11.0855 0x0a30  NdisWan - ok
01:17:11.0855 0x0a30  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
01:17:11.0855 0x0a30  NDProxy - ok
01:17:11.0855 0x0a30  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
01:17:11.0855 0x0a30  NetBIOS - ok
01:17:11.0871 0x0a30  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
01:17:11.0871 0x0a30  NetBT - ok
01:17:11.0871 0x0a30  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
01:17:11.0871 0x0a30  Netlogon - ok
01:17:11.0886 0x0a30  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
01:17:11.0886 0x0a30  Netman - ok
01:17:11.0902 0x0a30  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:17:11.0902 0x0a30  NetMsmqActivator - ok
01:17:11.0902 0x0a30  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:17:11.0902 0x0a30  NetPipeActivator - ok
01:17:11.0917 0x0a30  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
01:17:11.0917 0x0a30  netprofm - ok
01:17:11.0933 0x0a30  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:17:11.0933 0x0a30  NetTcpActivator - ok
01:17:11.0933 0x0a30  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
01:17:11.0933 0x0a30  NetTcpPortSharing - ok
01:17:11.0933 0x0a30  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
01:17:11.0933 0x0a30  nfrd960 - ok
01:17:11.0949 0x0a30  [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
01:17:11.0949 0x0a30  NisDrv - ok
01:17:11.0949 0x0a30  [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
01:17:11.0964 0x0a30  NisSrv - ok
01:17:11.0964 0x0a30  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
01:17:11.0980 0x0a30  NlaSvc - ok
01:17:11.0980 0x0a30  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
01:17:11.0980 0x0a30  Npfs - ok
01:17:11.0980 0x0a30  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
01:17:11.0980 0x0a30  nsi - ok
01:17:11.0980 0x0a30  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
01:17:11.0980 0x0a30  nsiproxy - ok
01:17:12.0011 0x0a30  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
01:17:12.0042 0x0a30  Ntfs - ok
01:17:12.0042 0x0a30  NTIOLib_1_0_C - ok
01:17:12.0042 0x0a30  [ C3FEA895FE95EA7A57D9F4D7ABED5E71, 50D5EAA168C077CE5B7F15B3F2C43BD2B86B07B1E926C1B332F8CB13BD2E0793 ] NTIOLib_1_0_T  C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys
01:17:12.0042 0x0a30  NTIOLib_1_0_T - ok
01:17:12.0042 0x0a30  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
01:17:12.0042 0x0a30  Null - ok
01:17:12.0058 0x0a30  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
01:17:12.0058 0x0a30  NVHDA - ok
01:17:12.0229 0x0a30  [ 52B33E12FF8C9E219CAEC1BB4A5F5E4C, 5272178B39FEDB3F001249FE7C852787EFD715FC49BBAAE58158A189AFB8A337 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
01:17:12.0370 0x0a30  nvlddmkm - ok
01:17:12.0401 0x0a30  [ CD75EF8F5EC7EA52A5C3B30F9222726B, AADD461D727F4358E5F8A9694CBCBC53D2A55DCE661D80B7B0F790E05E2714E4 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
01:17:12.0432 0x0a30  NvNetworkService - ok
01:17:12.0432 0x0a30  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
01:17:12.0432 0x0a30  nvraid - ok
01:17:12.0448 0x0a30  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
01:17:12.0448 0x0a30  nvstor - ok
01:17:12.0729 0x0a30  [ 705A457356DCE04C6E071FB9D2B22408, D16CA73F7F6412FE29CB5DA1232A2BFAB430B1B794975559EE83D46F9D668836 ] NvStreamSvc    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
01:17:13.0009 0x0a30  NvStreamSvc - ok
01:17:13.0041 0x0a30  [ 2B47EDD27365F9F5D8E87648BECF52C4, CADA4B19791441373580919FFF89623489C7A1737857760B96CC3F0A08DB8D59 ] nvsvc          C:\Windows\system32\nvvsvc.exe
01:17:13.0041 0x0a30  nvsvc - ok
01:17:13.0056 0x0a30  [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
01:17:13.0056 0x0a30  nvvad_WaveExtensible - ok
01:17:13.0056 0x0a30  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
01:17:13.0056 0x0a30  nv_agp - ok
01:17:13.0056 0x0a30  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
01:17:13.0056 0x0a30  ohci1394 - ok
01:17:13.0072 0x0a30  [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64          C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
01:17:13.0072 0x0a30  ose64 - ok
01:17:13.0150 0x0a30  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
01:17:13.0212 0x0a30  osppsvc - ok
01:17:13.0228 0x0a30  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
01:17:13.0228 0x0a30  p2pimsvc - ok
01:17:13.0243 0x0a30  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
01:17:13.0243 0x0a30  p2psvc - ok
01:17:13.0259 0x0a30  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\drivers\parport.sys
01:17:13.0259 0x0a30  Parport - ok
01:17:13.0259 0x0a30  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
01:17:13.0259 0x0a30  partmgr - ok
01:17:13.0259 0x0a30  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
01:17:13.0275 0x0a30  PcaSvc - ok
01:17:13.0275 0x0a30  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
01:17:13.0275 0x0a30  pci - ok
01:17:13.0275 0x0a30  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
01:17:13.0275 0x0a30  pciide - ok
01:17:13.0290 0x0a30  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
01:17:13.0290 0x0a30  pcmcia - ok
01:17:13.0290 0x0a30  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
01:17:13.0290 0x0a30  pcw - ok
01:17:13.0306 0x0a30  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
01:17:13.0321 0x0a30  PEAUTH - ok
01:17:13.0353 0x0a30  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
01:17:13.0368 0x0a30  PeerDistSvc - ok
01:17:13.0384 0x0a30  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
01:17:13.0399 0x0a30  PerfHost - ok
01:17:13.0431 0x0a30  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
01:17:13.0446 0x0a30  pla - ok
01:17:13.0462 0x0a30  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
01:17:13.0462 0x0a30  PlugPlay - ok
01:17:13.0462 0x0a30  PnkBstrA - ok
01:17:13.0462 0x0a30  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
01:17:13.0477 0x0a30  PNRPAutoReg - ok
01:17:13.0477 0x0a30  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
01:17:13.0477 0x0a30  PNRPsvc - ok
01:17:13.0493 0x0a30  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
01:17:13.0493 0x0a30  PolicyAgent - ok
01:17:13.0509 0x0a30  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
01:17:13.0509 0x0a30  Power - ok
01:17:13.0509 0x0a30  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
01:17:13.0509 0x0a30  PptpMiniport - ok
01:17:13.0524 0x0a30  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\drivers\processr.sys
01:17:13.0524 0x0a30  Processor - ok
01:17:13.0524 0x0a30  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc        C:\Windows\system32\profsvc.dll
01:17:13.0524 0x0a30  ProfSvc - ok
01:17:13.0540 0x0a30  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
01:17:13.0540 0x0a30  ProtectedStorage - ok
01:17:13.0540 0x0a30  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
01:17:13.0540 0x0a30  Psched - ok
01:17:13.0571 0x0a30  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
01:17:13.0587 0x0a30  ql2300 - ok
01:17:13.0602 0x0a30  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
01:17:13.0602 0x0a30  ql40xx - ok
01:17:13.0602 0x0a30  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
01:17:13.0602 0x0a30  QWAVE - ok
01:17:13.0618 0x0a30  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
01:17:13.0618 0x0a30  QWAVEdrv - ok
01:17:13.0618 0x0a30  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
01:17:13.0618 0x0a30  RasAcd - ok
01:17:13.0618 0x0a30  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
01:17:13.0618 0x0a30  RasAgileVpn - ok
01:17:13.0618 0x0a30  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
01:17:13.0618 0x0a30  RasAuto - ok
01:17:13.0633 0x0a30  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
01:17:13.0633 0x0a30  Rasl2tp - ok
01:17:13.0633 0x0a30  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
01:17:13.0649 0x0a30  RasMan - ok
01:17:13.0649 0x0a30  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
01:17:13.0649 0x0a30  RasPppoe - ok
01:17:13.0649 0x0a30  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
01:17:13.0649 0x0a30  RasSstp - ok
01:17:13.0665 0x0a30  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
01:17:13.0665 0x0a30  rdbss - ok
01:17:13.0665 0x0a30  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
01:17:13.0665 0x0a30  rdpbus - ok
01:17:13.0680 0x0a30  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
01:17:13.0680 0x0a30  RDPCDD - ok
01:17:13.0680 0x0a30  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
01:17:13.0680 0x0a30  RDPDR - ok
01:17:13.0680 0x0a30  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
01:17:13.0680 0x0a30  RDPENCDD - ok
01:17:13.0696 0x0a30  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
01:17:13.0696 0x0a30  RDPREFMP - ok
01:17:13.0696 0x0a30  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
01:17:13.0696 0x0a30  RdpVideoMiniport - ok
01:17:13.0696 0x0a30  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
01:17:13.0696 0x0a30  RDPWD - ok
01:17:13.0711 0x0a30  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
01:17:13.0711 0x0a30  rdyboost - ok
01:17:13.0711 0x0a30  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
01:17:13.0727 0x0a30  RemoteAccess - ok
01:17:13.0727 0x0a30  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
01:17:13.0727 0x0a30  RemoteRegistry - ok
01:17:13.0727 0x0a30  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
01:17:13.0743 0x0a30  RFCOMM - ok
01:17:13.0743 0x0a30  rpcapd - ok
01:17:13.0743 0x0a30  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
01:17:13.0743 0x0a30  RpcEptMapper - ok
01:17:13.0743 0x0a30  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
01:17:13.0743 0x0a30  RpcLocator - ok
01:17:13.0758 0x0a30  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
01:17:13.0758 0x0a30  RpcSs - ok
01:17:13.0774 0x0a30  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
01:17:13.0774 0x0a30  rspndr - ok
01:17:13.0789 0x0a30  [ 61A04C0C084D560BBEF1D09604608262, 27230BDFB479FBD1B18BB4035059A52F8BE74B19190951EAC95D569E284421B3 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
01:17:13.0805 0x0a30  RTL8167 - ok
01:17:13.0805 0x0a30  [ A29F3787FEA005C8355F62321BE9E065, A1BE2758EE21CBFB00E6F32D3C62323D890BD9AD177E880390CFAD9F5326A9B3 ] rusb3hub        C:\Windows\system32\DRIVERS\rusb3hub.sys
01:17:13.0805 0x0a30  rusb3hub - ok
01:17:13.0805 0x0a30  [ 0FE1DB20DA9863CD5B397717FF07738B, 3BCA3269A6ECA501508F2BAC56DB9C0B2DAD3DDA853C5FB168E4C628A94E1C83 ] rusb3xhc        C:\Windows\system32\DRIVERS\rusb3xhc.sys
01:17:13.0821 0x0a30  rusb3xhc - ok
01:17:13.0821 0x0a30  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
01:17:13.0821 0x0a30  s3cap - ok
01:17:13.0821 0x0a30  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs          C:\Windows\system32\lsass.exe
01:17:13.0821 0x0a30  SamSs - ok
01:17:13.0821 0x0a30  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
01:17:13.0821 0x0a30  sbp2port - ok
01:17:13.0836 0x0a30  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
01:17:13.0836 0x0a30  SCardSvr - ok
01:17:13.0836 0x0a30  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
01:17:13.0836 0x0a30  scfilter - ok
01:17:13.0852 0x0a30  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
01:17:13.0883 0x0a30  Schedule - ok
01:17:13.0883 0x0a30  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
01:17:13.0883 0x0a30  SCPolicySvc - ok
01:17:13.0883 0x0a30  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
01:17:13.0883 0x0a30  SDRSVC - ok
01:17:13.0899 0x0a30  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
01:17:13.0899 0x0a30  secdrv - ok
01:17:13.0899 0x0a30  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
01:17:13.0899 0x0a30  seclogon - ok
01:17:13.0899 0x0a30  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
01:17:13.0899 0x0a30  SENS - ok
01:17:13.0899 0x0a30  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
01:17:13.0899 0x0a30  SensrSvc - ok
01:17:13.0914 0x0a30  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\drivers\serenum.sys
01:17:13.0914 0x0a30  Serenum - ok
01:17:13.0914 0x0a30  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
01:17:13.0914 0x0a30  Serial - ok
01:17:13.0914 0x0a30  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
01:17:13.0914 0x0a30  sermouse - ok
01:17:13.0930 0x0a30  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
01:17:13.0930 0x0a30  SessionEnv - ok
01:17:13.0930 0x0a30  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
01:17:13.0930 0x0a30  sffdisk - ok
01:17:13.0930 0x0a30  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
01:17:13.0930 0x0a30  sffp_mmc - ok
01:17:13.0930 0x0a30  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
01:17:13.0930 0x0a30  sffp_sd - ok
01:17:13.0930 0x0a30  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
01:17:13.0930 0x0a30  sfloppy - ok
01:17:13.0945 0x0a30  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
01:17:13.0961 0x0a30  SharedAccess - ok
01:17:13.0961 0x0a30  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
01:17:13.0977 0x0a30  ShellHWDetection - ok
01:17:13.0977 0x0a30  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
01:17:13.0977 0x0a30  SiSRaid2 - ok
01:17:13.0977 0x0a30  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
01:17:13.0977 0x0a30  SiSRaid4 - ok
01:17:13.0992 0x0a30  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
01:17:13.0992 0x0a30  SkypeUpdate - ok
01:17:13.0992 0x0a30  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
01:17:13.0992 0x0a30  Smb - ok
01:17:13.0992 0x0a30  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
01:17:13.0992 0x0a30  SNMPTRAP - ok
01:17:14.0008 0x0a30  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
01:17:14.0008 0x0a30  spldr - ok
01:17:14.0008 0x0a30  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
01:17:14.0023 0x0a30  Spooler - ok
01:17:14.0086 0x0a30  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
01:17:14.0148 0x0a30  sppsvc - ok
01:17:14.0148 0x0a30  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
01:17:14.0148 0x0a30  sppuinotify - ok
01:17:14.0164 0x0a30  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
01:17:14.0179 0x0a30  srv - ok
01:17:14.0195 0x0a30  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
01:17:14.0195 0x0a30  srv2 - ok
01:17:14.0195 0x0a30  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
01:17:14.0211 0x0a30  srvnet - ok
01:17:14.0211 0x0a30  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
01:17:14.0211 0x0a30  SSDPSRV - ok
01:17:14.0211 0x0a30  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
01:17:14.0226 0x0a30  SstpSvc - ok
01:17:14.0226 0x0a30  [ 83FED7FEB38AF36DE784C2B75750B75C, 6984B056FDFE35F0676FCE35C6C8DF6D4C55452CBD802EF83ABE6C2B446E3328 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
01:17:14.0242 0x0a30  Steam Client Service - ok
01:17:14.0242 0x0a30  [ B5D2F4BF587FD60AF75B09EFC1AD0E0A, 2033D6DFCA7A48E338D94427AEC82DA761618D5D3AEB22E5A64427D2C2DB0350 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
01:17:14.0257 0x0a30  Stereo Service - ok
01:17:14.0257 0x0a30  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
01:17:14.0257 0x0a30  stexstor - ok
01:17:14.0273 0x0a30  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
01:17:14.0273 0x0a30  stisvc - ok
01:17:14.0273 0x0a30  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt        C:\Windows\system32\drivers\vmstorfl.sys
01:17:14.0289 0x0a30  storflt - ok
01:17:14.0289 0x0a30  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc        C:\Windows\system32\drivers\storvsc.sys
01:17:14.0289 0x0a30  storvsc - ok
01:17:14.0289 0x0a30  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
01:17:14.0289 0x0a30  swenum - ok
01:17:14.0304 0x0a30  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard    C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
01:17:14.0304 0x0a30  SwitchBoard - ok
01:17:14.0320 0x0a30  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
01:17:14.0335 0x0a30  swprv - ok
01:17:14.0335 0x0a30  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
01:17:14.0335 0x0a30  Synth3dVsc - ok
01:17:14.0367 0x0a30  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain        C:\Windows\system32\sysmain.dll
01:17:14.0398 0x0a30  SysMain - ok
01:17:14.0398 0x0a30  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
01:17:14.0398 0x0a30  TabletInputService - ok
01:17:14.0413 0x0a30  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
01:17:14.0413 0x0a30  TapiSrv - ok
01:17:14.0413 0x0a30  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
01:17:14.0413 0x0a30  TBS - ok
01:17:14.0460 0x0a30  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
01:17:14.0491 0x0a30  Tcpip - ok
01:17:14.0538 0x0a30  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
01:17:14.0554 0x0a30  TCPIP6 - ok
01:17:14.0554 0x0a30  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
01:17:14.0554 0x0a30  tcpipreg - ok
01:17:14.0569 0x0a30  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
01:17:14.0569 0x0a30  TDPIPE - ok
01:17:14.0569 0x0a30  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
01:17:14.0569 0x0a30  TDTCP - ok
01:17:14.0569 0x0a30  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
01:17:14.0569 0x0a30  tdx - ok
01:17:14.0569 0x0a30  TeamViewer9 - ok
01:17:14.0585 0x0a30  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
01:17:14.0585 0x0a30  TermDD - ok
01:17:14.0585 0x0a30  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
01:17:14.0585 0x0a30  terminpt - ok
01:17:14.0601 0x0a30  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService    C:\Windows\System32\termsrv.dll
01:17:14.0616 0x0a30  TermService - ok
01:17:14.0616 0x0a30  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
01:17:14.0616 0x0a30  Themes - ok
01:17:14.0616 0x0a30  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
01:17:14.0632 0x0a30  THREADORDER - ok
01:17:14.0632 0x0a30  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
01:17:14.0632 0x0a30  TrkWks - ok
01:17:14.0632 0x0a30  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
01:17:14.0647 0x0a30  TrustedInstaller - ok
01:17:14.0647 0x0a30  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
01:17:14.0647 0x0a30  tssecsrv - ok
01:17:14.0647 0x0a30  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
01:17:14.0647 0x0a30  TsUsbFlt - ok
01:17:14.0647 0x0a30  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
01:17:14.0647 0x0a30  TsUsbGD - ok
01:17:14.0663 0x0a30  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
01:17:14.0663 0x0a30  tsusbhub - ok
01:17:14.0663 0x0a30  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
01:17:14.0663 0x0a30  tunnel - ok
01:17:14.0663 0x0a30  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
01:17:14.0679 0x0a30  uagp35 - ok
01:17:14.0679 0x0a30  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
01:17:14.0694 0x0a30  udfs - ok
01:17:14.0694 0x0a30  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
01:17:14.0694 0x0a30  UI0Detect - ok
01:17:14.0694 0x0a30  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
01:17:14.0694 0x0a30  uliagpkx - ok
01:17:14.0694 0x0a30  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
01:17:14.0694 0x0a30  umbus - ok
01:17:14.0710 0x0a30  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
01:17:14.0710 0x0a30  UmPass - ok
01:17:14.0710 0x0a30  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
01:17:14.0725 0x0a30  UmRdpService - ok
01:17:14.0757 0x0a30  [ 9B8C9350985983E9760E1786731A8728, 78178FDE1329E5B55F77FF73C66B01279A03E2E3C3CB7E3D9DF14291D206D780 ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
01:17:14.0757 0x0a30  UNS - ok
01:17:14.0772 0x0a30  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
01:17:14.0772 0x0a30  upnphost - ok
01:17:14.0772 0x0a30  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
01:17:14.0788 0x0a30  USBAAPL64 - ok
01:17:14.0788 0x0a30  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
01:17:14.0788 0x0a30  usbccgp - ok
01:17:14.0788 0x0a30  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
01:17:14.0788 0x0a30  usbcir - ok
01:17:14.0803 0x0a30  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\drivers\usbehci.sys
01:17:14.0803 0x0a30  usbehci - ok
01:17:14.0803 0x0a30  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
01:17:14.0819 0x0a30  usbhub - ok
01:17:14.0819 0x0a30  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci        C:\Windows\system32\drivers\usbohci.sys
01:17:14.0819 0x0a30  usbohci - ok
01:17:14.0819 0x0a30  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
01:17:14.0819 0x0a30  usbprint - ok
01:17:14.0819 0x0a30  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
01:17:14.0819 0x0a30  USBSTOR - ok
01:17:14.0835 0x0a30  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
01:17:14.0835 0x0a30  usbuhci - ok
01:17:14.0835 0x0a30  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
01:17:14.0835 0x0a30  UxSms - ok
01:17:14.0835 0x0a30  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
01:17:14.0835 0x0a30  VaultSvc - ok
01:17:14.0835 0x0a30  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
01:17:14.0835 0x0a30  vdrvroot - ok
01:17:14.0850 0x0a30  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
01:17:14.0866 0x0a30  vds - ok
01:17:14.0866 0x0a30  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
01:17:14.0866 0x0a30  vga - ok
01:17:14.0866 0x0a30  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
01:17:14.0866 0x0a30  VgaSave - ok
01:17:14.0866 0x0a30  VGPU - ok
01:17:14.0881 0x0a30  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
01:17:14.0881 0x0a30  vhdmp - ok
01:17:14.0881 0x0a30  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
01:17:14.0881 0x0a30  viaide - ok
01:17:14.0897 0x0a30  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus          C:\Windows\system32\drivers\vmbus.sys
01:17:14.0897 0x0a30  vmbus - ok
01:17:14.0897 0x0a30  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
01:17:14.0897 0x0a30  VMBusHID - ok
01:17:14.0897 0x0a30  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
01:17:14.0897 0x0a30  volmgr - ok
01:17:14.0913 0x0a30  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
01:17:14.0913 0x0a30  volmgrx - ok
01:17:14.0928 0x0a30  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap        C:\Windows\system32\drivers\volsnap.sys
01:17:14.0928 0x0a30  volsnap - ok
01:17:14.0928 0x0a30  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
01:17:14.0944 0x0a30  vsmraid - ok
01:17:14.0959 0x0a30  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
01:17:14.0991 0x0a30  VSS - ok
01:17:14.0991 0x0a30  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
01:17:14.0991 0x0a30  vwifibus - ok
01:17:14.0991 0x0a30  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
01:17:15.0006 0x0a30  vwififlt - ok
01:17:15.0006 0x0a30  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
01:17:15.0022 0x0a30  W32Time - ok
01:17:15.0022 0x0a30  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
01:17:15.0022 0x0a30  WacomPen - ok
01:17:15.0022 0x0a30  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
01:17:15.0022 0x0a30  WANARP - ok
01:17:15.0022 0x0a30  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
01:17:15.0022 0x0a30  Wanarpv6 - ok
01:17:15.0053 0x0a30  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
01:17:15.0084 0x0a30  WatAdminSvc - ok
01:17:15.0100 0x0a30  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
01:17:15.0131 0x0a30  wbengine - ok
01:17:15.0147 0x0a30  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
01:17:15.0147 0x0a30  WbioSrvc - ok
01:17:15.0147 0x0a30  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
01:17:15.0162 0x0a30  wcncsvc - ok
01:17:15.0162 0x0a30  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
01:17:15.0162 0x0a30  WcsPlugInService - ok
01:17:15.0162 0x0a30  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
01:17:15.0162 0x0a30  Wd - ok
01:17:15.0193 0x0a30  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
01:17:15.0209 0x0a30  Wdf01000 - ok
01:17:15.0209 0x0a30  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
01:17:15.0209 0x0a30  WdiServiceHost - ok
01:17:15.0209 0x0a30  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost  C:\Windows\system32\wdi.dll
01:17:15.0209 0x0a30  WdiSystemHost - ok
01:17:15.0225 0x0a30  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient      C:\Windows\System32\webclnt.dll
01:17:15.0225 0x0a30  WebClient - ok
01:17:15.0240 0x0a30  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
01:17:15.0240 0x0a30  Wecsvc - ok
01:17:15.0240 0x0a30  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
01:17:15.0240 0x0a30  wercplsupport - ok
01:17:15.0256 0x0a30  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
01:17:15.0256 0x0a30  WerSvc - ok
01:17:15.0256 0x0a30  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
01:17:15.0256 0x0a30  WfpLwf - ok
01:17:15.0256 0x0a30  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
01:17:15.0256 0x0a30  WIMMount - ok
01:17:15.0256 0x0a30  WinDefend - ok
01:17:15.0256 0x0a30  WinHttpAutoProxySvc - ok
01:17:15.0271 0x0a30  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
01:17:15.0271 0x0a30  Winmgmt - ok
01:17:15.0303 0x0a30  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM          C:\Windows\system32\WsmSvc.dll
01:17:15.0349 0x0a30  WinRM - ok
01:17:15.0349 0x0a30  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
01:17:15.0349 0x0a30  WinUsb - ok
01:17:15.0365 0x0a30  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
01:17:15.0381 0x0a30  Wlansvc - ok
01:17:15.0381 0x0a30  [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum        C:\Windows\system32\drivers\WmBEnum.sys
01:17:15.0381 0x0a30  WmBEnum - ok
01:17:15.0396 0x0a30  [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
01:17:15.0396 0x0a30  WmFilter - ok
01:17:15.0396 0x0a30  [ AC4331AF118A720F13C9C5CABBFE27BD, 2C5F453996B00078F3E8E731F6B3DD4529831BDA2146EAFC66727C9460E85112 ] WmHidLo        C:\Windows\system32\drivers\WmHidLo.sys
01:17:15.0396 0x0a30  WmHidLo - ok
01:17:15.0396 0x0a30  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
01:17:15.0396 0x0a30  WmiAcpi - ok
01:17:15.0412 0x0a30  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
01:17:15.0412 0x0a30  wmiApSrv - ok
01:17:15.0412 0x0a30  WMPNetworkSvc - ok
01:17:15.0412 0x0a30  [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
01:17:15.0412 0x0a30  WmVirHid - ok
01:17:15.0412 0x0a30  [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
01:17:15.0412 0x0a30  WmXlCore - ok
01:17:15.0427 0x0a30  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
01:17:15.0427 0x0a30  WPCSvc - ok
01:17:15.0427 0x0a30  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
01:17:15.0427 0x0a30  WPDBusEnum - ok
01:17:15.0427 0x0a30  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
01:17:15.0427 0x0a30  ws2ifsl - ok
01:17:15.0427 0x0a30  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
01:17:15.0443 0x0a30  wscsvc - ok
01:17:15.0443 0x0a30  WSearch - ok
01:17:15.0490 0x0a30  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
01:17:15.0537 0x0a30  wuauserv - ok
01:17:15.0537 0x0a30  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
01:17:15.0537 0x0a30  WudfPf - ok
01:17:15.0552 0x0a30  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
01:17:15.0552 0x0a30  WUDFRd - ok
01:17:15.0552 0x0a30  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
01:17:15.0552 0x0a30  wudfsvc - ok
01:17:15.0568 0x0a30  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
01:17:15.0568 0x0a30  WwanSvc - ok
01:17:15.0568 0x0a30  [ 38F55D07B1D3391065C40EC065F984E2, 056F5E3034C4C11403D74F44A364964A3A5945608DAE2A03EF025A22F5C31B26 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
01:17:15.0568 0x0a30  xusb21 - ok
01:17:15.0568 0x0a30  ================ Scan global ===============================
01:17:15.0583 0x0a30  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
01:17:15.0583 0x0a30  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
01:17:15.0599 0x0a30  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
01:17:15.0599 0x0a30  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
01:17:15.0599 0x0a30  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
01:17:15.0615 0x0a30  [ Global ] - ok
01:17:15.0615 0x0a30  ================ Scan MBR ==================================
01:17:15.0615 0x0a30  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
01:17:15.0817 0x0a30  \Device\Harddisk0\DR0 - ok
01:17:15.0817 0x0a30  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
01:17:15.0817 0x0a30  \Device\Harddisk1\DR1 - ok
01:17:15.0817 0x0a30  ================ Scan VBR ==================================
01:17:15.0833 0x0a30  [ F0456677651342193FE8AF5D2968FA65 ] \Device\Harddisk0\DR0\Partition1
01:17:15.0833 0x0a30  \Device\Harddisk0\DR0\Partition1 - ok
01:17:15.0833 0x0a30  [ A9BCEA65F46748EED6C72A962F5FB85E ] \Device\Harddisk0\DR0\Partition2
01:17:15.0833 0x0a30  \Device\Harddisk0\DR0\Partition2 - ok
01:17:15.0833 0x0a30  Waiting for KSN requests completion. In queue: 225
01:17:16.0847 0x0a30  Waiting for KSN requests completion. In queue: 225
01:17:17.0861 0x0a30  Waiting for KSN requests completion. In queue: 225
01:17:18.0875 0x0a30  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x60000 ( disabled : updated )
01:17:18.0875 0x0a30  Win FW state via NFP2: enabled
01:17:21.0589 0x0a30  ============================================================
01:17:21.0589 0x0a30  Scan finished
01:17:21.0589 0x0a30  ============================================================
01:17:21.0589 0x1384  Detected object count: 0
01:17:21.0589 0x1384  Actual detected object count: 0
01:17:31.0199 0x0890  Deinitialize success

cosinus 18.03.2014 07:01
Zitat:
01:17:06.0847 0x0a30 Scan started
01:17:06.0847 0x0a30 Mode: Manual;
Bitte die Anleitungen richtig und komplett lesen!
Du hast den TDSS-Killer nicht so eingestellt wie es soll

slater27 18.03.2014 09:18
Ich bin echt ein Hirsch

Code:
09:14:48.0701 0x1144  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
09:14:53.0699 0x1144  ============================================================
09:14:53.0699 0x1144  Current date / time: 2014/03/18 09:14:53.0699
09:14:53.0699 0x1144  SystemInfo:
09:14:53.0699 0x1144 
09:14:53.0699 0x1144  OS Version: 6.1.7601 ServicePack: 1.0
09:14:53.0699 0x1144  Product type: Workstation
09:14:53.0699 0x1144  ComputerName: PATRICK-PC
09:14:53.0699 0x1144  UserName: Patrick
09:14:53.0699 0x1144  Windows directory: C:\Windows
09:14:53.0699 0x1144  System windows directory: C:\Windows
09:14:53.0699 0x1144  Running under WOW64
09:14:53.0699 0x1144  Processor architecture: Intel x64
09:14:53.0699 0x1144  Number of processors: 4
09:14:53.0699 0x1144  Page size: 0x1000
09:14:53.0699 0x1144  Boot type: Normal boot
09:14:53.0699 0x1144  ============================================================
09:14:53.0809 0x1144  KLMD registered as C:\Windows\system32\drivers\23875046.sys
09:14:53.0818 0x1144  System UUID: {1CEE2FE5-4501-26F1-54CF-AB836DE81A8C}
09:14:53.0995 0x1144  Drive \Device\Harddisk0\DR0 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:14:54.0015 0x1144  Drive \Device\Harddisk1\DR1 - Size: 0x5D27216000 (372.61 Gb), SectorSize: 0x200, Cylinders: 0xBE01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
09:14:54.0017 0x1144  ============================================================
09:14:54.0017 0x1144  \Device\Harddisk0\DR0:
09:14:54.0017 0x1144  MBR partitions:
09:14:54.0017 0x1144  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
09:14:54.0017 0x1144  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xDF61800
09:14:54.0017 0x1144  \Device\Harddisk1\DR1:
09:14:54.0017 0x1144  MBR partitions:
09:14:54.0017 0x1144  ============================================================
09:14:54.0018 0x1144  C: <-> \Device\Harddisk0\DR0\Partition2
09:14:54.0018 0x1144  ============================================================
09:14:54.0018 0x1144  Initialize success
09:14:54.0018 0x1144  ============================================================
09:15:37.0866 0x13b0  ============================================================
09:15:37.0866 0x13b0  Scan started
09:15:37.0866 0x13b0  Mode: Manual; SigCheck; TDLFS;
09:15:37.0866 0x13b0  ============================================================
09:15:37.0866 0x13b0  KSN ping started
09:15:40.0533 0x13b0  KSN ping finished: true
09:15:40.0576 0x13b0  ================ Scan system memory ========================
09:15:40.0576 0x13b0  System memory - ok
09:15:40.0576 0x13b0  ================ Scan services =============================
09:15:40.0598 0x13b0  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
09:15:40.0627 0x13b0  1394ohci - ok
09:15:40.0636 0x13b0  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
09:15:40.0647 0x13b0  ACPI - ok
09:15:40.0649 0x13b0  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi        C:\Windows\system32\drivers\acpipmi.sys
09:15:40.0658 0x13b0  AcpiPmi - ok
09:15:40.0662 0x13b0  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
09:15:40.0669 0x13b0  AdobeARMservice - ok
09:15:40.0683 0x13b0  [ 9D96B0D5855FD1B98023B3EEC9F06786, E4C79233158BE8AA4E9C6DD71585E5D2703A5156531EB3D692D7D81BC443E844 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
09:15:40.0692 0x13b0  AdobeFlashPlayerUpdateSvc - ok
09:15:40.0703 0x13b0  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx        C:\Windows\system32\drivers\adp94xx.sys
09:15:40.0718 0x13b0  adp94xx - ok
09:15:40.0726 0x13b0  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci        C:\Windows\system32\drivers\adpahci.sys
09:15:40.0738 0x13b0  adpahci - ok
09:15:40.0743 0x13b0  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320        C:\Windows\system32\drivers\adpu320.sys
09:15:40.0752 0x13b0  adpu320 - ok
09:15:40.0756 0x13b0  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc    C:\Windows\System32\aelupsvc.dll
09:15:40.0778 0x13b0  AeLookupSvc - ok
09:15:40.0791 0x13b0  [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD            C:\Windows\system32\drivers\afd.sys
09:15:40.0809 0x13b0  AFD - ok
09:15:40.0812 0x13b0  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
09:15:40.0819 0x13b0  agp440 - ok
09:15:40.0823 0x13b0  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG            C:\Windows\System32\alg.exe
09:15:40.0836 0x13b0  ALG - ok
09:15:40.0838 0x13b0  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
09:15:40.0844 0x13b0  aliide - ok
09:15:40.0846 0x13b0  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
09:15:40.0851 0x13b0  amdide - ok
09:15:40.0854 0x13b0  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8          C:\Windows\system32\drivers\amdk8.sys
09:15:40.0863 0x13b0  AmdK8 - ok
09:15:40.0866 0x13b0  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\drivers\amdppm.sys
09:15:40.0874 0x13b0  AmdPPM - ok
09:15:40.0878 0x13b0  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata        C:\Windows\system32\drivers\amdsata.sys
09:15:40.0885 0x13b0  amdsata - ok
09:15:40.0890 0x13b0  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
09:15:40.0900 0x13b0  amdsbs - ok
09:15:40.0902 0x13b0  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata        C:\Windows\system32\drivers\amdxata.sys
09:15:40.0908 0x13b0  amdxata - ok
09:15:40.0910 0x13b0  [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID          C:\Windows\system32\drivers\appid.sys
09:15:40.0931 0x13b0  AppID - ok
09:15:40.0933 0x13b0  [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
09:15:40.0954 0x13b0  AppIDSvc - ok
09:15:40.0957 0x13b0  [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo        C:\Windows\System32\appinfo.dll
09:15:40.0967 0x13b0  Appinfo - ok
09:15:40.0970 0x13b0  [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
09:15:40.0976 0x13b0  Apple Mobile Device - ok
09:15:40.0982 0x13b0  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt        C:\Windows\System32\appmgmts.dll
09:15:40.0994 0x13b0  AppMgmt - ok
09:15:40.0997 0x13b0  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc            C:\Windows\system32\drivers\arc.sys
09:15:41.0004 0x13b0  arc - ok
09:15:41.0008 0x13b0  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
09:15:41.0016 0x13b0  arcsas - ok
09:15:41.0024 0x13b0  [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
09:15:41.0033 0x13b0  aspnet_state - ok
09:15:41.0036 0x13b0  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
09:15:41.0056 0x13b0  AsyncMac - ok
09:15:41.0058 0x13b0  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi          C:\Windows\system32\drivers\atapi.sys
09:15:41.0064 0x13b0  atapi - ok
09:15:41.0068 0x13b0  [ 4885C14A6AB6969B5773A42DA0BA3DA4, E317E1E299543FBD9853C71E1CF8019343B6234B9AAF56ABF48C41BB7743490B ] AthBTPort      C:\Windows\system32\DRIVERS\btath_flt.sys
09:15:41.0076 0x13b0  AthBTPort - ok
09:15:41.0079 0x13b0  [ 0D21FF67523897518C88F00CCDF09CCC, 0D23D7BC51C1EC0ADBFBFCA0BC1D20BD4E094C22FA3DC37FFBC0F0A6C62C7C33 ] ATHDFU          C:\Windows\system32\Drivers\AthDfu.sys
09:15:41.0084 0x13b0  ATHDFU - ok
09:15:41.0092 0x13b0  [ 0DA0112D92371C0E9B3A15ED31CC3EF4, D27B13119A9E9B8547A199C8D19F5FADE5F9436DF7045525759BECC96403D7BF ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
09:15:41.0100 0x13b0  AtherosSvc - ok
09:15:41.0160 0x13b0  [ 5C5CC823E1B25543DCBFF678BE25A791, F468A487EE750525FB7327E85C3C7D43FF6FBE131DB9AF877098E87E304F0023 ] athur          C:\Windows\system32\DRIVERS\athurx.sys
09:15:41.0212 0x13b0  athur - ok
09:15:41.0226 0x13b0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
09:15:41.0258 0x13b0  AudioEndpointBuilder - ok
09:15:41.0272 0x13b0  [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
09:15:41.0301 0x13b0  AudioSrv - ok
09:15:41.0305 0x13b0  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
09:15:41.0317 0x13b0  AxInstSV - ok
09:15:41.0329 0x13b0  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv        C:\Windows\system32\drivers\bxvbda.sys
09:15:41.0360 0x13b0  b06bdrv - ok
09:15:41.0381 0x13b0  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
09:15:41.0395 0x13b0  b57nd60a - ok
09:15:41.0401 0x13b0  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
09:15:41.0427 0x13b0  BDESVC - ok
09:15:41.0431 0x13b0  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
09:15:41.0455 0x13b0  Beep - ok
09:15:41.0481 0x13b0  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE            C:\Windows\System32\bfe.dll
09:15:41.0503 0x13b0  BFE - ok
09:15:41.0522 0x13b0  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\system32\qmgr.dll
09:15:41.0560 0x13b0  BITS - ok
09:15:41.0562 0x13b0  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
09:15:41.0570 0x13b0  blbdrive - ok
09:15:41.0581 0x13b0  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
09:15:41.0594 0x13b0  Bonjour Service - ok
09:15:41.0598 0x13b0  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
09:15:41.0605 0x13b0  bowser - ok
09:15:41.0608 0x13b0  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
09:15:41.0616 0x13b0  BrFiltLo - ok
09:15:41.0619 0x13b0  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
09:15:41.0627 0x13b0  BrFiltUp - ok
09:15:41.0630 0x13b0  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
09:15:41.0651 0x13b0  BridgeMP - ok
09:15:41.0655 0x13b0  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser        C:\Windows\System32\browser.dll
09:15:41.0665 0x13b0  Browser - ok
09:15:41.0672 0x13b0  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid        C:\Windows\System32\Drivers\Brserid.sys
09:15:41.0686 0x13b0  Brserid - ok
09:15:41.0689 0x13b0  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
09:15:41.0698 0x13b0  BrSerWdm - ok
09:15:41.0700 0x13b0  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
09:15:41.0708 0x13b0  BrUsbMdm - ok
09:15:41.0710 0x13b0  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
09:15:41.0717 0x13b0  BrUsbSer - ok
09:15:41.0729 0x13b0  [ E53B1FF861DCD4A66858F1B74B051402, 200590F1A9BE0F6AF5AB1016291CD1EC6DAEEF1E920698806782F29F4E9A7D73 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
09:15:41.0738 0x13b0  BTATH_A2DP - ok
09:15:41.0742 0x13b0  [ D0632BBEFF06098354AF3401ACA4494F, 753645304CCA307D3F6C87CA8F199CB15972CB789B44E2F55C6071F7F068809E ] btath_avdt      C:\Windows\system32\drivers\btath_avdt.sys
09:15:41.0748 0x13b0  btath_avdt - ok
09:15:41.0751 0x13b0  [ 8170714B89CA05E6C35FEFB9DA7653D8, 92411525217FC2589947C70F7B12FAA3E3053A9FE98D11F4F96A48DAC2AC7E90 ] BTATH_BUS      C:\Windows\system32\DRIVERS\btath_bus.sys
09:15:41.0756 0x13b0  BTATH_BUS - ok
09:15:41.0763 0x13b0  [ 77F498F46192EF92C0144B5B13C50B4B, 99B2BCD3039169CC1CE30E436100F89435D6D156C051268360C9FFE78333BDA7 ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
09:15:41.0769 0x13b0  BTATH_HCRP - ok
09:15:41.0773 0x13b0  [ D0AA846BCF0E85E1513C8DF2FC6F8BF1, FADA2949202CE2FB92B5256AE2070C78E70CE712E45F547532BDDAA7E3FE141E ] BTATH_LWFLT    C:\Windows\system32\DRIVERS\btath_lwflt.sys
09:15:41.0778 0x13b0  BTATH_LWFLT - ok
09:15:41.0783 0x13b0  [ 057DA8351AD21AE485A11A8237DC9263, 151C0A591A26E26C7700F00EC8E95C6D8A5406869109A0CA01A3C38D1C5FBA2A ] BTATH_RCP      C:\Windows\system32\DRIVERS\btath_rcp.sys
09:15:41.0789 0x13b0  BTATH_RCP - ok
09:15:41.0802 0x13b0  [ A54980772C5A779D5A7A800E398A5509, 512285FD2C61C56487141923207F2BC698996D2AF010F7E86371A0025C5006A9 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
09:15:41.0814 0x13b0  BtFilter - ok
09:15:41.0817 0x13b0  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum        C:\Windows\system32\drivers\BthEnum.sys
09:15:41.0823 0x13b0  BthEnum - ok
09:15:41.0826 0x13b0  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
09:15:41.0835 0x13b0  BTHMODEM - ok
09:15:41.0838 0x13b0  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
09:15:41.0848 0x13b0  BthPan - ok
09:15:41.0862 0x13b0  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT        C:\Windows\System32\Drivers\BTHport.sys
09:15:41.0883 0x13b0  BTHPORT - ok
09:15:41.0887 0x13b0  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv        C:\Windows\system32\bthserv.dll
09:15:41.0908 0x13b0  bthserv - ok
09:15:41.0911 0x13b0  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
09:15:41.0918 0x13b0  BTHUSB - ok
09:15:41.0920 0x13b0  catchme - ok
09:15:41.0923 0x13b0  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
09:15:41.0944 0x13b0  cdfs - ok
09:15:41.0949 0x13b0  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom          C:\Windows\system32\DRIVERS\cdrom.sys
09:15:41.0958 0x13b0  cdrom - ok
09:15:41.0961 0x13b0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc    C:\Windows\System32\certprop.dll
09:15:41.0981 0x13b0  CertPropSvc - ok
09:15:41.0984 0x13b0  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
09:15:42.0010 0x13b0  circlass - ok
09:15:42.0020 0x13b0  [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\Windows\system32\CLFS.sys
09:15:42.0034 0x13b0  CLFS - ok
09:15:42.0038 0x13b0  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
09:15:42.0046 0x13b0  clr_optimization_v2.0.50727_32 - ok
09:15:42.0051 0x13b0  [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
09:15:42.0059 0x13b0  clr_optimization_v2.0.50727_64 - ok
09:15:42.0066 0x13b0  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
09:15:42.0082 0x13b0  clr_optimization_v4.0.30319_32 - ok
09:15:42.0085 0x13b0  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
09:15:42.0096 0x13b0  clr_optimization_v4.0.30319_64 - ok
09:15:42.0098 0x13b0  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
09:15:42.0105 0x13b0  CmBatt - ok
09:15:42.0108 0x13b0  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
09:15:42.0114 0x13b0  cmdide - ok
09:15:42.0128 0x13b0  [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG            C:\Windows\system32\Drivers\cng.sys
09:15:42.0148 0x13b0  CNG - ok
09:15:42.0151 0x13b0  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
09:15:42.0157 0x13b0  Compbatt - ok
09:15:42.0159 0x13b0  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
09:15:42.0168 0x13b0  CompositeBus - ok
09:15:42.0169 0x13b0  COMSysApp - ok
09:15:42.0171 0x13b0  cpuz135 - ok
09:15:42.0174 0x13b0  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk        C:\Windows\system32\drivers\crcdisk.sys
09:15:42.0179 0x13b0  crcdisk - ok
09:15:42.0186 0x13b0  [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc        C:\Windows\system32\cryptsvc.dll
09:15:42.0197 0x13b0  CryptSvc - ok
09:15:42.0209 0x13b0  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC            C:\Windows\system32\drivers\csc.sys
09:15:42.0228 0x13b0  CSC - ok
09:15:42.0244 0x13b0  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
09:15:42.0266 0x13b0  CscService - ok
09:15:42.0280 0x13b0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
09:15:42.0309 0x13b0  DcomLaunch - ok
09:15:42.0317 0x13b0  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc      C:\Windows\System32\defragsvc.dll
09:15:42.0342 0x13b0  defragsvc - ok
09:15:42.0346 0x13b0  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
09:15:42.0366 0x13b0  DfsC - ok
09:15:42.0375 0x13b0  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
09:15:42.0389 0x13b0  Dhcp - ok
09:15:42.0392 0x13b0  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
09:15:42.0412 0x13b0  discache - ok
09:15:42.0415 0x13b0  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
09:15:42.0421 0x13b0  Disk - ok
09:15:42.0424 0x13b0  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc          C:\Windows\system32\drivers\dmvsc.sys
09:15:42.0432 0x13b0  dmvsc - ok
09:15:42.0438 0x13b0  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
09:15:42.0448 0x13b0  Dnscache - ok
09:15:42.0455 0x13b0  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc        C:\Windows\System32\dot3svc.dll
09:15:42.0480 0x13b0  dot3svc - ok
09:15:42.0486 0x13b0  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS            C:\Windows\system32\dps.dll
09:15:42.0510 0x13b0  DPS - ok
09:15:42.0512 0x13b0  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud        C:\Windows\system32\drivers\drmkaud.sys
09:15:42.0518 0x13b0  drmkaud - ok
09:15:42.0541 0x13b0  [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl        C:\Windows\System32\drivers\dxgkrnl.sys
09:15:42.0560 0x13b0  DXGKrnl - ok
09:15:42.0564 0x13b0  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost        C:\Windows\System32\eapsvc.dll
09:15:42.0587 0x13b0  EapHost - ok
09:15:42.0647 0x13b0  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv          C:\Windows\system32\drivers\evbda.sys
09:15:42.0725 0x13b0  ebdrv - ok
09:15:42.0728 0x13b0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS            C:\Windows\System32\lsass.exe
09:15:42.0735 0x13b0  EFS - ok
09:15:42.0756 0x13b0  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr        C:\Windows\ehome\ehRecvr.exe
09:15:42.0783 0x13b0  ehRecvr - ok
09:15:42.0786 0x13b0  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched        C:\Windows\ehome\ehsched.exe
09:15:42.0796 0x13b0  ehSched - ok
09:15:42.0806 0x13b0  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor        C:\Windows\system32\drivers\elxstor.sys
09:15:42.0822 0x13b0  elxstor - ok
09:15:42.0824 0x13b0  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
09:15:42.0831 0x13b0  ErrDev - ok
09:15:42.0845 0x13b0  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem    C:\Windows\system32\es.dll
09:15:42.0873 0x13b0  EventSystem - ok
09:15:42.0879 0x13b0  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat          C:\Windows\system32\drivers\exfat.sys
09:15:42.0903 0x13b0  exfat - ok
09:15:42.0909 0x13b0  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat        C:\Windows\system32\drivers\fastfat.sys
09:15:42.0934 0x13b0  fastfat - ok
09:15:42.0949 0x13b0  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax            C:\Windows\system32\fxssvc.exe
09:15:42.0970 0x13b0  Fax - ok
09:15:42.0972 0x13b0  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc            C:\Windows\system32\drivers\fdc.sys
09:15:42.0980 0x13b0  fdc - ok
09:15:42.0983 0x13b0  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost        C:\Windows\system32\fdPHost.dll
09:15:43.0003 0x13b0  fdPHost - ok
09:15:43.0006 0x13b0  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
09:15:43.0027 0x13b0  FDResPub - ok
09:15:43.0030 0x13b0  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
09:15:43.0036 0x13b0  FileInfo - ok
09:15:43.0039 0x13b0  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace      C:\Windows\system32\drivers\filetrace.sys
09:15:43.0058 0x13b0  Filetrace - ok
09:15:43.0061 0x13b0  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
09:15:43.0067 0x13b0  flpydisk - ok
09:15:43.0074 0x13b0  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
09:15:43.0085 0x13b0  FltMgr - ok
09:15:43.0107 0x13b0  [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache      C:\Windows\system32\FntCache.dll
09:15:43.0140 0x13b0  FontCache - ok
09:15:43.0143 0x13b0  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
09:15:43.0149 0x13b0  FontCache3.0.0.0 - ok
09:15:43.0152 0x13b0  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends      C:\Windows\system32\drivers\FsDepends.sys
09:15:43.0159 0x13b0  FsDepends - ok
09:15:43.0161 0x13b0  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
09:15:43.0167 0x13b0  Fs_Rec - ok
09:15:43.0173 0x13b0  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
09:15:43.0184 0x13b0  fvevol - ok
09:15:43.0187 0x13b0  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
09:15:43.0194 0x13b0  gagp30kx - ok
09:15:43.0197 0x13b0  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM    C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
09:15:43.0201 0x13b0  GEARAspiWDM - ok
09:15:43.0218 0x13b0  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc          C:\Windows\System32\gpsvc.dll
09:15:43.0253 0x13b0  gpsvc - ok
09:15:43.0256 0x13b0  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
09:15:43.0264 0x13b0  hcw85cir - ok
09:15:43.0275 0x13b0  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
09:15:43.0290 0x13b0  HdAudAddService - ok
09:15:43.0295 0x13b0  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
09:15:43.0305 0x13b0  HDAudBus - ok
09:15:43.0309 0x13b0  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt        C:\Windows\system32\drivers\HidBatt.sys
09:15:43.0316 0x13b0  HidBatt - ok
09:15:43.0320 0x13b0  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
09:15:43.0330 0x13b0  HidBth - ok
09:15:43.0333 0x13b0  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr          C:\Windows\system32\drivers\hidir.sys
09:15:43.0342 0x13b0  HidIr - ok
09:15:43.0344 0x13b0  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv        C:\Windows\System32\hidserv.dll
09:15:43.0365 0x13b0  hidserv - ok
09:15:43.0367 0x13b0  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
09:15:43.0373 0x13b0  HidUsb - ok
09:15:43.0377 0x13b0  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
09:15:43.0398 0x13b0  hkmsvc - ok
09:15:43.0405 0x13b0  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
09:15:43.0418 0x13b0  HomeGroupListener - ok
09:15:43.0424 0x13b0  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
09:15:43.0433 0x13b0  HomeGroupProvider - ok
09:15:43.0437 0x13b0  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
09:15:43.0443 0x13b0  HpSAMD - ok
09:15:43.0457 0x13b0  [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
09:15:43.0490 0x13b0  HTTP - ok
09:15:43.0492 0x13b0  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
09:15:43.0497 0x13b0  hwpolicy - ok
09:15:43.0500 0x13b0  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
09:15:43.0508 0x13b0  i8042prt - ok
09:15:43.0516 0x13b0  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV        C:\Windows\system32\drivers\iaStorV.sys
09:15:43.0528 0x13b0  iaStorV - ok
09:15:43.0548 0x13b0  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc          C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
09:15:43.0571 0x13b0  idsvc - ok
09:15:43.0573 0x13b0  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp          C:\Windows\system32\drivers\iirsp.sys
09:15:43.0580 0x13b0  iirsp - ok
09:15:43.0603 0x13b0  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
09:15:43.0629 0x13b0  IKEEXT - ok
09:15:43.0691 0x13b0  [ 55FCBF5440EE61DBC5A6F637F7B4C776, 7D6F0DE6B8D38D4BA87592E9F39B402530007D43A23E8E7A57AA6CC30D53AC22 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
09:15:43.0743 0x13b0  IntcAzAudAddService - ok
09:15:43.0762 0x13b0  [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
09:15:43.0781 0x13b0  Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
09:15:43.0822 0x13b0  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - warning
09:15:46.0485 0x13b0  [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
09:15:46.0506 0x13b0  Intel(R) Capability Licensing Service TCP IP Interface - ok
09:15:46.0509 0x13b0  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
09:15:46.0515 0x13b0  intelide - ok
09:15:46.0518 0x13b0  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
09:15:46.0526 0x13b0  intelppm - ok
09:15:46.0530 0x13b0  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum      C:\Windows\system32\ipbusenum.dll
09:15:46.0552 0x13b0  IPBusEnum - ok
09:15:46.0555 0x13b0  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
09:15:46.0575 0x13b0  IpFilterDriver - ok
09:15:46.0589 0x13b0  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
09:15:46.0608 0x13b0  iphlpsvc - ok
09:15:46.0611 0x13b0  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV        C:\Windows\system32\drivers\IPMIDrv.sys
09:15:46.0620 0x13b0  IPMIDRV - ok
09:15:46.0623 0x13b0  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT          C:\Windows\system32\drivers\ipnat.sys
09:15:46.0644 0x13b0  IPNAT - ok
09:15:46.0656 0x13b0  [ 33B286326BD2B1A7748C43391058FB19, C6240C9ED5B7C227595E953E3D1AB5F2D45CCD86FDBDF985836A970B4B6467FE ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
09:15:46.0672 0x13b0  iPod Service - ok
09:15:46.0674 0x13b0  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
09:15:46.0684 0x13b0  IRENUM - ok
09:15:46.0686 0x13b0  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
09:15:46.0692 0x13b0  isapnp - ok
09:15:46.0700 0x13b0  [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
09:15:46.0710 0x13b0  iScsiPrt - ok
09:15:46.0714 0x13b0  [ 5AB18D8055A4280C0F377A6262F3157E, 091366AE17601407E2A882BFF7901F1970C1111DA935B913BEAA2AFA76D4EEA2 ] ISCT            C:\Windows\system32\DRIVERS\ISCTD64.sys
09:15:46.0720 0x13b0  ISCT - ok
09:15:46.0721 0x13b0  ISODrive - ok
09:15:46.0724 0x13b0  [ D596D915CF091DA1F8CE4BD38BB5D509, 9B4D246B6886FFD9BE329F3543B819FC010661B0F70206F16ECBF25A7B12AA6F ] iusb3hcs        C:\Windows\system32\DRIVERS\iusb3hcs.sys
09:15:46.0729 0x13b0  iusb3hcs - ok
09:15:46.0739 0x13b0  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] iusb3hub        C:\Windows\system32\DRIVERS\iusb3hub.sys
09:15:46.0748 0x13b0  iusb3hub - ok
09:15:46.0765 0x13b0  [ 7FAEC13F1ADD619F4B5B2D2CBF841E8E, E7ED64DD26FD4EA04C2C32C33BDA16FB985F3C6F1F8451480A0D24375B7F57AC ] iusb3xhc        C:\Windows\system32\DRIVERS\iusb3xhc.sys
09:15:46.0781 0x13b0  iusb3xhc - ok
09:15:46.0788 0x13b0  [ 08B14887C0B98101F8EC207817A0D734, DF2B2C16F9C8EA05533AE26C3302C41D5B67966D8E55ED8625353AE1D70FBD29 ] jhi_service    C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
09:15:46.0797 0x13b0  jhi_service - ok
09:15:46.0799 0x13b0  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
09:15:46.0805 0x13b0  kbdclass - ok
09:15:46.0808 0x13b0  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
09:15:46.0814 0x13b0  kbdhid - ok
09:15:46.0817 0x13b0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso          C:\Windows\system32\lsass.exe
09:15:46.0823 0x13b0  KeyIso - ok
09:15:46.0827 0x13b0  [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
09:15:46.0834 0x13b0  KSecDD - ok
09:15:46.0838 0x13b0  [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg        C:\Windows\system32\Drivers\ksecpkg.sys
09:15:46.0845 0x13b0  KSecPkg - ok
09:15:46.0848 0x13b0  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk        C:\Windows\system32\drivers\ksthunk.sys
09:15:46.0869 0x13b0  ksthunk - ok
09:15:46.0879 0x13b0  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm          C:\Windows\system32\msdtckrm.dll
09:15:46.0907 0x13b0  KtmRm - ok
09:15:46.0915 0x13b0  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
09:15:46.0940 0x13b0  LanmanServer - ok
09:15:46.0945 0x13b0  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
09:15:46.0967 0x13b0  LanmanWorkstation - ok
09:15:46.0971 0x13b0  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
09:15:46.0992 0x13b0  lltdio - ok
09:15:47.0000 0x13b0  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc        C:\Windows\System32\lltdsvc.dll
09:15:47.0026 0x13b0  lltdsvc - ok
09:15:47.0028 0x13b0  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts        C:\Windows\System32\lmhsvc.dll
09:15:47.0048 0x13b0  lmhosts - ok
09:15:47.0056 0x13b0  [ 920F6774762DE8D8477088B6F38FBD6C, DA056D27FE775835CD6F8F5F3143179D818C20658304E21100B534C24079916C ] LMS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
09:15:47.0067 0x13b0  LMS - ok
09:15:47.0072 0x13b0  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
09:15:47.0080 0x13b0  LSI_FC - ok
09:15:47.0083 0x13b0  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS        C:\Windows\system32\drivers\lsi_sas.sys
09:15:47.0091 0x13b0  LSI_SAS - ok
09:15:47.0094 0x13b0  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
09:15:47.0101 0x13b0  LSI_SAS2 - ok
09:15:47.0105 0x13b0  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
09:15:47.0112 0x13b0  LSI_SCSI - ok
09:15:47.0116 0x13b0  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv          C:\Windows\system32\drivers\luafv.sys
09:15:47.0138 0x13b0  luafv - ok
09:15:47.0141 0x13b0  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\Windows\system32\drivers\MBfilt64.sys
09:15:47.0146 0x13b0  MBfilt - ok
09:15:47.0150 0x13b0  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc        C:\Windows\system32\Mcx2Svc.dll
09:15:47.0160 0x13b0  Mcx2Svc - ok
09:15:47.0162 0x13b0  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas        C:\Windows\system32\drivers\megasas.sys
09:15:47.0168 0x13b0  megasas - ok
09:15:47.0175 0x13b0  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
09:15:47.0186 0x13b0  MegaSR - ok
09:15:47.0200 0x13b0  [ D71FD7A4FDB01C554AE144037B688DF1, 74D33303DA559A3A2EB809FC0EC3722D24F7F1A37BC7370680CFEB951BE735AF ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
09:15:47.0205 0x13b0  MEIx64 - ok
09:15:47.0209 0x13b0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS          C:\Windows\system32\mmcss.dll
09:15:47.0231 0x13b0  MMCSS - ok
09:15:47.0233 0x13b0  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem          C:\Windows\system32\drivers\modem.sys
09:15:47.0254 0x13b0  Modem - ok
09:15:47.0256 0x13b0  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor        C:\Windows\system32\DRIVERS\monitor.sys
09:15:47.0264 0x13b0  monitor - ok
09:15:47.0267 0x13b0  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
09:15:47.0273 0x13b0  mouclass - ok
09:15:47.0275 0x13b0  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
09:15:47.0282 0x13b0  mouhid - ok
09:15:47.0286 0x13b0  [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
09:15:47.0292 0x13b0  mountmgr - ok
09:15:47.0295 0x13b0  [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
09:15:47.0303 0x13b0  MozillaMaintenance - ok
09:15:47.0310 0x13b0  [ C6B88D62F20AC646C6BD5C032EC2FAF9, 111A07939F3C5A46F0C51B9D6F5C1D8478099E32EFD88BC260467109ADD975F8 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
09:15:47.0322 0x13b0  MpFilter - ok
09:15:47.0327 0x13b0  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
09:15:47.0337 0x13b0  mpio - ok
09:15:47.0340 0x13b0  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
09:15:47.0360 0x13b0  mpsdrv - ok
09:15:47.0377 0x13b0  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
09:15:47.0413 0x13b0  MpsSvc - ok
09:15:47.0418 0x13b0  [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
09:15:47.0428 0x13b0  MRxDAV - ok
09:15:47.0434 0x13b0  [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
09:15:47.0444 0x13b0  mrxsmb - ok
09:15:47.0451 0x13b0  [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
09:15:47.0464 0x13b0  mrxsmb10 - ok
09:15:47.0469 0x13b0  [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
09:15:47.0479 0x13b0  mrxsmb20 - ok
09:15:47.0482 0x13b0  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
09:15:47.0488 0x13b0  msahci - ok
09:15:47.0492 0x13b0  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm          C:\Windows\system32\drivers\msdsm.sys
09:15:47.0500 0x13b0  msdsm - ok
09:15:47.0504 0x13b0  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC          C:\Windows\System32\msdtc.exe
09:15:47.0514 0x13b0  MSDTC - ok
09:15:47.0517 0x13b0  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
09:15:47.0536 0x13b0  Msfs - ok
09:15:47.0538 0x13b0  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf      C:\Windows\System32\drivers\mshidkmdf.sys
09:15:47.0559 0x13b0  mshidkmdf - ok
09:15:47.0560 0x13b0  MSICDSetup - ok
09:15:47.0562 0x13b0  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
09:15:47.0568 0x13b0  msisadrv - ok
09:15:47.0573 0x13b0  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI        C:\Windows\system32\iscsiexe.dll
09:15:47.0596 0x13b0  MSiSCSI - ok
09:15:47.0598 0x13b0  msiserver - ok
09:15:47.0605 0x13b0  [ AA9D2BF07FB7F4DE5D2EC1F40C3E3715, 45A60D3DBC48668426F537657B6BA32FF60CB455DEE4D76868542C6A9862BC61 ] MSI_OTPService  C:\Program Files (x86)\MSI\OTPService\OTPService.exe
09:15:47.0617 0x13b0  MSI_OTPService - ok
09:15:47.0619 0x13b0  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV        C:\Windows\system32\drivers\MSKSSRV.sys
09:15:47.0638 0x13b0  MSKSSRV - ok
09:15:47.0641 0x13b0  [ 7675E15D1B2180745E4DA4D26AAD7385, 729AA6C610F67028CFFFF64B772FFA1CAE7581D37F8909BDA423D52AF85C92C8 ] MsMpSvc        c:\Program Files\Microsoft Security Client\MsMpEng.exe
09:15:47.0647 0x13b0  MsMpSvc - ok
09:15:47.0649 0x13b0  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
09:15:47.0668 0x13b0  MSPCLOCK - ok
09:15:47.0670 0x13b0  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM          C:\Windows\system32\drivers\MSPQM.sys
09:15:47.0689 0x13b0  MSPQM - ok
09:15:47.0699 0x13b0  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC          C:\Windows\system32\drivers\MsRPC.sys
09:15:47.0711 0x13b0  MsRPC - ok
09:15:47.0714 0x13b0  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
09:15:47.0719 0x13b0  mssmbios - ok
09:15:47.0721 0x13b0  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE          C:\Windows\system32\drivers\MSTEE.sys
09:15:47.0741 0x13b0  MSTEE - ok
09:15:47.0742 0x13b0  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
09:15:47.0749 0x13b0  MTConfig - ok
09:15:47.0752 0x13b0  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup            C:\Windows\system32\Drivers\mup.sys
09:15:47.0758 0x13b0  Mup - ok
09:15:47.0768 0x13b0  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
09:15:47.0796 0x13b0  napagent - ok
09:15:47.0803 0x13b0  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP    C:\Windows\system32\DRIVERS\nwifi.sys
09:15:47.0818 0x13b0  NativeWifiP - ok
09:15:47.0840 0x13b0  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
09:15:47.0865 0x13b0  NDIS - ok
09:15:47.0868 0x13b0  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap        C:\Windows\system32\DRIVERS\ndiscap.sys
09:15:47.0888 0x13b0  NdisCap - ok
09:15:47.0890 0x13b0  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
09:15:47.0909 0x13b0  NdisTapi - ok
09:15:47.0912 0x13b0  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio        C:\Windows\system32\DRIVERS\ndisuio.sys
09:15:47.0932 0x13b0  Ndisuio - ok
09:15:47.0936 0x13b0  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan        C:\Windows\system32\DRIVERS\ndiswan.sys
09:15:47.0958 0x13b0  NdisWan - ok
09:15:47.0961 0x13b0  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy        C:\Windows\system32\drivers\NDProxy.sys
09:15:47.0980 0x13b0  NDProxy - ok
09:15:47.0982 0x13b0  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS        C:\Windows\system32\DRIVERS\netbios.sys
09:15:48.0003 0x13b0  NetBIOS - ok
09:15:48.0009 0x13b0  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT          C:\Windows\system32\DRIVERS\netbt.sys
09:15:48.0033 0x13b0  NetBT - ok
09:15:48.0035 0x13b0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon        C:\Windows\system32\lsass.exe
09:15:48.0041 0x13b0  Netlogon - ok
09:15:48.0049 0x13b0  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
09:15:48.0076 0x13b0  Netman - ok
09:15:48.0081 0x13b0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:15:48.0091 0x13b0  NetMsmqActivator - ok
09:15:48.0096 0x13b0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:15:48.0104 0x13b0  NetPipeActivator - ok
09:15:48.0115 0x13b0  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
09:15:48.0144 0x13b0  netprofm - ok
09:15:48.0148 0x13b0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:15:48.0156 0x13b0  NetTcpActivator - ok
09:15:48.0161 0x13b0  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
09:15:48.0169 0x13b0  NetTcpPortSharing - ok
09:15:48.0171 0x13b0  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960        C:\Windows\system32\drivers\nfrd960.sys
09:15:48.0178 0x13b0  nfrd960 - ok
09:15:48.0182 0x13b0  [ ACE8C64C57E4A711473C8BC10ADF692B, 53D8083CE78DB5527080B4570AC28ABAA262667744A319707AE0C46E46B297F9 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
09:15:48.0190 0x13b0  NisDrv - ok
09:15:48.0200 0x13b0  [ 6247E8B31ED0A9D6BC5A26276E49BEB3, 230C0C560492C454B9EB14B50EB4A78DC74FAB6B662449A0EA3114B3E671BFF3 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
09:15:48.0214 0x13b0  NisSrv - ok
09:15:48.0221 0x13b0  [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc          C:\Windows\System32\nlasvc.dll
09:15:48.0233 0x13b0  NlaSvc - ok
09:15:48.0236 0x13b0  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
09:15:48.0255 0x13b0  Npfs - ok
09:15:48.0258 0x13b0  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi            C:\Windows\system32\nsisvc.dll
09:15:48.0278 0x13b0  nsi - ok
09:15:48.0280 0x13b0  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
09:15:48.0299 0x13b0  nsiproxy - ok
09:15:48.0330 0x13b0  [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
09:15:48.0366 0x13b0  Ntfs - ok
09:15:48.0368 0x13b0  NTIOLib_1_0_C - ok
09:15:48.0370 0x13b0  [ C3FEA895FE95EA7A57D9F4D7ABED5E71, 50D5EAA168C077CE5B7F15B3F2C43BD2B86B07B1E926C1B332F8CB13BD2E0793 ] NTIOLib_1_0_T  C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys
09:15:48.0375 0x13b0  NTIOLib_1_0_T - ok
09:15:48.0377 0x13b0  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
09:15:48.0396 0x13b0  Null - ok
09:15:48.0402 0x13b0  [ E366A5681C50785D4ED04FCFD65C3415, 7FF7B4B8F09E773401AE879897E60BF494B57B9ACEE990204A4C98A3FB183A33 ] NVHDA          C:\Windows\system32\drivers\nvhda64v.sys
09:15:48.0409 0x13b0  NVHDA - ok
09:15:48.0580 0x13b0  [ 52B33E12FF8C9E219CAEC1BB4A5F5E4C, 5272178B39FEDB3F001249FE7C852787EFD715FC49BBAAE58158A189AFB8A337 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
09:15:48.0761 0x13b0  nvlddmkm - ok
09:15:48.0790 0x13b0  [ CD75EF8F5EC7EA52A5C3B30F9222726B, AADD461D727F4358E5F8A9694CBCBC53D2A55DCE661D80B7B0F790E05E2714E4 ] NvNetworkService C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
09:15:48.0825 0x13b0  NvNetworkService - ok
09:15:48.0831 0x13b0  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
09:15:48.0841 0x13b0  nvraid - ok
09:15:48.0846 0x13b0  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
09:15:48.0855 0x13b0  nvstor - ok
09:15:49.0152 0x13b0  [ 705A457356DCE04C6E071FB9D2B22408, D16CA73F7F6412FE29CB5DA1232A2BFAB430B1B794975559EE83D46F9D668836 ] NvStreamSvc    C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
09:15:49.0486 0x13b0  NvStreamSvc - ok
09:15:49.0503 0x13b0  [ 2B47EDD27365F9F5D8E87648BECF52C4, CADA4B19791441373580919FFF89623489C7A1737857760B96CC3F0A08DB8D59 ] nvsvc          C:\Windows\system32\nvvsvc.exe
09:15:49.0523 0x13b0  nvsvc - ok
09:15:49.0526 0x13b0  [ 939C0FAE9CC0CDD69E6508BDE4C11FE5, 1E82FF4A8797A0EC5DF0E54DE7F358542C73FFFBECADDF86ED66839182E3B55D ] nvvad_WaveExtensible C:\Windows\system32\drivers\nvvad64v.sys
09:15:49.0532 0x13b0  nvvad_WaveExtensible - ok
09:15:49.0536 0x13b0  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
09:15:49.0543 0x13b0  nv_agp - ok
09:15:49.0546 0x13b0  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
09:15:49.0554 0x13b0  ohci1394 - ok
09:15:49.0558 0x13b0  [ B9C125314A025127FE562C116D614AA3, 79C46C0BACEBBB5B8E1C162766B21587365A100BBAD01171C77B995C514BC7D6 ] ose64          C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
09:15:49.0567 0x13b0  ose64 - ok
09:15:49.0641 0x13b0  [ FE9C0029E1AF26350D9985D00520E5C8, 967079CCF7B2CBD4B48C9F076675C26AF93A1CEC26C96811F279414E34004EE6 ] osppsvc        C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
09:15:49.0732 0x13b0  osppsvc - ok
09:15:49.0742 0x13b0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
09:15:49.0756 0x13b0  p2pimsvc - ok
09:15:49.0767 0x13b0  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
09:15:49.0782 0x13b0  p2psvc - ok
09:15:49.0786 0x13b0  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport        C:\Windows\system32\drivers\parport.sys
09:15:49.0795 0x13b0  Parport - ok
09:15:49.0798 0x13b0  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr        C:\Windows\system32\drivers\partmgr.sys
09:15:49.0804 0x13b0  partmgr - ok
09:15:49.0810 0x13b0  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc          C:\Windows\System32\pcasvc.dll
09:15:49.0824 0x13b0  PcaSvc - ok
09:15:49.0829 0x13b0  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci            C:\Windows\system32\drivers\pci.sys
09:15:49.0837 0x13b0  pci - ok
09:15:49.0840 0x13b0  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
09:15:49.0846 0x13b0  pciide - ok
09:15:49.0851 0x13b0  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
09:15:49.0861 0x13b0  pcmcia - ok
09:15:49.0864 0x13b0  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw            C:\Windows\system32\drivers\pcw.sys
09:15:49.0870 0x13b0  pcw - ok
09:15:49.0881 0x13b0  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
09:15:49.0914 0x13b0  PEAUTH - ok
09:15:49.0948 0x13b0  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc    C:\Windows\system32\peerdistsvc.dll
09:15:49.0988 0x13b0  PeerDistSvc - ok
09:15:49.0999 0x13b0  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
09:15:50.0014 0x13b0  PerfHost - ok
09:15:50.0044 0x13b0  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla            C:\Windows\system32\pla.dll
09:15:50.0095 0x13b0  pla - ok
09:15:50.0104 0x13b0  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
09:15:50.0120 0x13b0  PlugPlay - ok
09:15:50.0122 0x13b0  PnkBstrA - ok
09:15:50.0125 0x13b0  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg    C:\Windows\system32\pnrpauto.dll
09:15:50.0132 0x13b0  PNRPAutoReg - ok
09:15:50.0139 0x13b0  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc        C:\Windows\system32\pnrpsvc.dll
09:15:50.0150 0x13b0  PNRPsvc - ok
09:15:50.0162 0x13b0  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent    C:\Windows\System32\ipsecsvc.dll
09:15:50.0191 0x13b0  PolicyAgent - ok
09:15:50.0197 0x13b0  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power          C:\Windows\system32\umpo.dll
09:15:50.0221 0x13b0  Power - ok
09:15:50.0225 0x13b0  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
09:15:50.0246 0x13b0  PptpMiniport - ok
09:15:50.0249 0x13b0  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor      C:\Windows\system32\drivers\processr.sys
09:15:50.0257 0x13b0  Processor - ok
09:15:50.0263 0x13b0  [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc        C:\Windows\system32\profsvc.dll
09:15:50.0275 0x13b0  ProfSvc - ok
09:15:50.0277 0x13b0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
09:15:50.0283 0x13b0  ProtectedStorage - ok
09:15:50.0288 0x13b0  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
09:15:50.0309 0x13b0  Psched - ok
09:15:50.0335 0x13b0  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
09:15:50.0370 0x13b0  ql2300 - ok
09:15:50.0373 0x13b0  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
09:15:50.0381 0x13b0  ql40xx - ok
09:15:50.0388 0x13b0  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE          C:\Windows\system32\qwave.dll
09:15:50.0402 0x13b0  QWAVE - ok
09:15:50.0404 0x13b0  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
09:15:50.0415 0x13b0  QWAVEdrv - ok
09:15:50.0417 0x13b0  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
09:15:50.0436 0x13b0  RasAcd - ok
09:15:50.0439 0x13b0  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn    C:\Windows\system32\DRIVERS\AgileVpn.sys
09:15:50.0459 0x13b0  RasAgileVpn - ok
09:15:50.0463 0x13b0  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto        C:\Windows\System32\rasauto.dll
09:15:50.0485 0x13b0  RasAuto - ok
09:15:50.0489 0x13b0  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp        C:\Windows\system32\DRIVERS\rasl2tp.sys
09:15:50.0510 0x13b0  Rasl2tp - ok
09:15:50.0519 0x13b0  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
09:15:50.0545 0x13b0  RasMan - ok
09:15:50.0548 0x13b0  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
09:15:50.0569 0x13b0  RasPppoe - ok
09:15:50.0572 0x13b0  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp        C:\Windows\system32\DRIVERS\rassstp.sys
09:15:50.0594 0x13b0  RasSstp - ok
09:15:50.0602 0x13b0  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss          C:\Windows\system32\DRIVERS\rdbss.sys
09:15:50.0628 0x13b0  rdbss - ok
09:15:50.0630 0x13b0  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
09:15:50.0638 0x13b0  rdpbus - ok
09:15:50.0639 0x13b0  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
09:15:50.0658 0x13b0  RDPCDD - ok
09:15:50.0665 0x13b0  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR          C:\Windows\system32\drivers\rdpdr.sys
09:15:50.0676 0x13b0  RDPDR - ok
09:15:50.0677 0x13b0  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
09:15:50.0697 0x13b0  RDPENCDD - ok
09:15:50.0699 0x13b0  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
09:15:50.0718 0x13b0  RDPREFMP - ok
09:15:50.0722 0x13b0  [ 70CBA1A0C98600A2AA1863479B35CB90, 91A133297921B4955817176251AFC5283DA3C7D2099700C4C92ECC94DBE9A99E ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
09:15:50.0729 0x13b0  RdpVideoMiniport - ok
09:15:50.0735 0x13b0  [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD          C:\Windows\system32\drivers\RDPWD.sys
09:15:50.0746 0x13b0  RDPWD - ok
09:15:50.0753 0x13b0  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
09:15:50.0763 0x13b0  rdyboost - ok
09:15:50.0766 0x13b0  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
09:15:50.0788 0x13b0  RemoteAccess - ok
09:15:50.0792 0x13b0  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
09:15:50.0816 0x13b0  RemoteRegistry - ok
09:15:50.0821 0x13b0  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
09:15:50.0832 0x13b0  RFCOMM - ok
09:15:50.0834 0x13b0  rpcapd - ok
09:15:50.0838 0x13b0  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
09:15:50.0860 0x13b0  RpcEptMapper - ok
09:15:50.0862 0x13b0  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
09:15:50.0869 0x13b0  RpcLocator - ok
09:15:50.0881 0x13b0  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs          C:\Windows\system32\rpcss.dll
09:15:50.0908 0x13b0  RpcSs - ok
09:15:50.0911 0x13b0  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
09:15:50.0932 0x13b0  rspndr - ok
09:15:50.0951 0x13b0  [ 61A04C0C084D560BBEF1D09604608262, 27230BDFB479FBD1B18BB4035059A52F8BE74B19190951EAC95D569E284421B3 ] RTL8167        C:\Windows\system32\DRIVERS\Rt64win7.sys
09:15:50.0968 0x13b0  RTL8167 - ok
09:15:50.0973 0x13b0  [ A29F3787FEA005C8355F62321BE9E065, A1BE2758EE21CBFB00E6F32D3C62323D890BD9AD177E880390CFAD9F5326A9B3 ] rusb3hub        C:\Windows\system32\DRIVERS\rusb3hub.sys
09:15:50.0979 0x13b0  rusb3hub - ok
09:15:50.0986 0x13b0  [ 0FE1DB20DA9863CD5B397717FF07738B, 3BCA3269A6ECA501508F2BAC56DB9C0B2DAD3DDA853C5FB168E4C628A94E1C83 ] rusb3xhc        C:\Windows\system32\DRIVERS\rusb3xhc.sys
09:15:50.0994 0x13b0  rusb3xhc - ok
09:15:50.0996 0x13b0  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap          C:\Windows\system32\drivers\vms3cap.sys
09:15:51.0002 0x13b0  s3cap - ok
09:15:51.0004 0x13b0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs          C:\Windows\system32\lsass.exe
09:15:51.0010 0x13b0  SamSs - ok
09:15:51.0013 0x13b0  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
09:15:51.0020 0x13b0  sbp2port - ok
09:15:51.0026 0x13b0  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
09:15:51.0051 0x13b0  SCardSvr - ok
09:15:51.0053 0x13b0  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
09:15:51.0072 0x13b0  scfilter - ok
09:15:51.0094 0x13b0  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
09:15:51.0137 0x13b0  Schedule - ok
09:15:51.0141 0x13b0  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc    C:\Windows\System32\certprop.dll
09:15:51.0160 0x13b0  SCPolicySvc - ok
09:15:51.0165 0x13b0  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
09:15:51.0176 0x13b0  SDRSVC - ok
09:15:51.0179 0x13b0  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
09:15:51.0199 0x13b0  secdrv - ok
09:15:51.0201 0x13b0  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
09:15:51.0220 0x13b0  seclogon - ok
09:15:51.0223 0x13b0  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
09:15:51.0244 0x13b0  SENS - ok
09:15:51.0247 0x13b0  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
09:15:51.0255 0x13b0  SensrSvc - ok
09:15:51.0257 0x13b0  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum        C:\Windows\system32\drivers\serenum.sys
09:15:51.0264 0x13b0  Serenum - ok
09:15:51.0267 0x13b0  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\drivers\serial.sys
09:15:51.0276 0x13b0  Serial - ok
09:15:51.0279 0x13b0  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
09:15:51.0286 0x13b0  sermouse - ok
09:15:51.0292 0x13b0  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
09:15:51.0313 0x13b0  SessionEnv - ok
09:15:51.0316 0x13b0  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk        C:\Windows\system32\drivers\sffdisk.sys
09:15:51.0324 0x13b0  sffdisk - ok
09:15:51.0326 0x13b0  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
09:15:51.0335 0x13b0  sffp_mmc - ok
09:15:51.0337 0x13b0  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd        C:\Windows\system32\drivers\sffp_sd.sys
09:15:51.0345 0x13b0  sffp_sd - ok
09:15:51.0347 0x13b0  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy        C:\Windows\system32\drivers\sfloppy.sys
09:15:51.0354 0x13b0  sfloppy - ok
09:15:51.0363 0x13b0  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
09:15:51.0391 0x13b0  SharedAccess - ok
09:15:51.0402 0x13b0  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
09:15:51.0430 0x13b0  ShellHWDetection - ok
09:15:51.0434 0x13b0  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
09:15:51.0440 0x13b0  SiSRaid2 - ok
09:15:51.0443 0x13b0  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
09:15:51.0450 0x13b0  SiSRaid4 - ok
09:15:51.0455 0x13b0  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate    C:\Program Files (x86)\Skype\Updater\Updater.exe
09:15:51.0465 0x13b0  SkypeUpdate - ok
09:15:51.0469 0x13b0  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb            C:\Windows\system32\DRIVERS\smb.sys
09:15:51.0490 0x13b0  Smb - ok
09:15:51.0494 0x13b0  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
09:15:51.0501 0x13b0  SNMPTRAP - ok
09:15:51.0503 0x13b0  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr          C:\Windows\system32\drivers\spldr.sys
09:15:51.0509 0x13b0  spldr - ok
09:15:51.0520 0x13b0  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler        C:\Windows\System32\spoolsv.exe
09:15:51.0538 0x13b0  Spooler - ok
09:15:51.0607 0x13b0  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
09:15:51.0705 0x13b0  sppsvc - ok
09:15:51.0709 0x13b0  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify    C:\Windows\system32\sppuinotify.dll
09:15:51.0730 0x13b0  sppuinotify - ok
09:15:51.0745 0x13b0  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv            C:\Windows\system32\DRIVERS\srv.sys
09:15:51.0763 0x13b0  srv - ok
09:15:51.0775 0x13b0  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
09:15:51.0791 0x13b0  srv2 - ok
09:15:51.0797 0x13b0  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
09:15:51.0806 0x13b0  srvnet - ok
09:15:51.0812 0x13b0  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV        C:\Windows\System32\ssdpsrv.dll
09:15:51.0835 0x13b0  SSDPSRV - ok
09:15:51.0838 0x13b0  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc        C:\Windows\system32\sstpsvc.dll
09:15:51.0859 0x13b0  SstpSvc - ok
09:15:51.0869 0x13b0  [ 83FED7FEB38AF36DE784C2B75750B75C, 6984B056FDFE35F0676FCE35C6C8DF6D4C55452CBD802EF83ABE6C2B446E3328 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
09:15:51.0982 0x13b0  Steam Client Service - ok
09:15:51.0990 0x13b0  [ B5D2F4BF587FD60AF75B09EFC1AD0E0A, 2033D6DFCA7A48E338D94427AEC82DA761618D5D3AEB22E5A64427D2C2DB0350 ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
09:15:52.0003 0x13b0  Stereo Service - ok
09:15:52.0005 0x13b0  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
09:15:52.0012 0x13b0  stexstor - ok
09:15:52.0025 0x13b0  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
09:15:52.0048 0x13b0  stisvc - ok
09:15:52.0051 0x13b0  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt        C:\Windows\system32\drivers\vmstorfl.sys
09:15:52.0056 0x13b0  storflt - ok
09:15:52.0059 0x13b0  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc        C:\Windows\system32\drivers\storvsc.sys
09:15:52.0065 0x13b0  storvsc - ok
09:15:52.0067 0x13b0  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
09:15:52.0073 0x13b0  swenum - ok
09:15:52.0085 0x13b0  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard    C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
09:15:52.0103 0x13b0  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
09:15:52.0103 0x13b0  SwitchBoard ( UnsignedFile.Multi.Generic ) - warning
09:15:54.0730 0x13b0  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv          C:\Windows\System32\swprv.dll
09:15:54.0762 0x13b0  swprv - ok
09:15:54.0766 0x13b0  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
09:15:54.0773 0x13b0  Synth3dVsc - ok
09:15:54.0807 0x13b0  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain        C:\Windows\system32\sysmain.dll
09:15:54.0855 0x13b0  SysMain - ok
09:15:54.0863 0x13b0  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
09:15:54.0887 0x13b0  TabletInputService - ok
09:15:54.0912 0x13b0  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv        C:\Windows\System32\tapisrv.dll
09:15:54.0954 0x13b0  TapiSrv - ok
09:15:54.0957 0x13b0  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS            C:\Windows\System32\tbssvc.dll
09:15:54.0977 0x13b0  TBS - ok
09:15:55.0018 0x13b0  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip          C:\Windows\system32\drivers\tcpip.sys
09:15:55.0065 0x13b0  Tcpip - ok
09:15:55.0102 0x13b0  [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
09:15:55.0135 0x13b0  TCPIP6 - ok
09:15:55.0138 0x13b0  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
09:15:55.0145 0x13b0  tcpipreg - ok
09:15:55.0149 0x13b0  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
09:15:55.0156 0x13b0  TDPIPE - ok
09:15:55.0159 0x13b0  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP          C:\Windows\system32\drivers\tdtcp.sys
09:15:55.0166 0x13b0  TDTCP - ok
09:15:55.0169 0x13b0  [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx            C:\Windows\system32\DRIVERS\tdx.sys
09:15:55.0190 0x13b0  tdx - ok
09:15:55.0192 0x13b0  TeamViewer9 - ok
09:15:55.0196 0x13b0  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
09:15:55.0202 0x13b0  TermDD - ok
09:15:55.0205 0x13b0  [ 2B5BDFF688EC9871D7EC5837833374E9, BD6C629FA2938987ABF95B790B20F0B7D4D023D5013E575F343A802D6213074E ] terminpt        C:\Windows\system32\drivers\terminpt.sys
09:15:55.0213 0x13b0  terminpt - ok
09:15:55.0228 0x13b0  [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService    C:\Windows\System32\termsrv.dll
09:15:55.0262 0x13b0  TermService - ok
09:15:55.0264 0x13b0  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
09:15:55.0274 0x13b0  Themes - ok
09:15:55.0278 0x13b0  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER    C:\Windows\system32\mmcss.dll
09:15:55.0298 0x13b0  THREADORDER - ok
09:15:55.0302 0x13b0  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
09:15:55.0325 0x13b0  TrkWks - ok
09:15:55.0331 0x13b0  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
09:15:55.0355 0x13b0  TrustedInstaller - ok
09:15:55.0358 0x13b0  [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
09:15:55.0366 0x13b0  tssecsrv - ok
09:15:55.0370 0x13b0  [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
09:15:55.0378 0x13b0  TsUsbFlt - ok
09:15:55.0380 0x13b0  [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD        C:\Windows\system32\drivers\TsUsbGD.sys
09:15:55.0388 0x13b0  TsUsbGD - ok
09:15:55.0391 0x13b0  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
09:15:55.0400 0x13b0  tsusbhub - ok
09:15:55.0404 0x13b0  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
09:15:55.0426 0x13b0  tunnel - ok
09:15:55.0430 0x13b0  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
09:15:55.0436 0x13b0  uagp35 - ok
09:15:55.0444 0x13b0  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
09:15:55.0471 0x13b0  udfs - ok
09:15:55.0476 0x13b0  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect      C:\Windows\system32\UI0Detect.exe
09:15:55.0484 0x13b0  UI0Detect - ok
09:15:55.0487 0x13b0  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
09:15:55.0493 0x13b0  uliagpkx - ok
09:15:55.0496 0x13b0  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus          C:\Windows\system32\DRIVERS\umbus.sys
09:15:55.0504 0x13b0  umbus - ok
09:15:55.0505 0x13b0  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
09:15:55.0512 0x13b0  UmPass - ok
09:15:55.0518 0x13b0  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
09:15:55.0528 0x13b0  UmRdpService - ok
09:15:55.0539 0x13b0  [ 9B8C9350985983E9760E1786731A8728, 78178FDE1329E5B55F77FF73C66B01279A03E2E3C3CB7E3D9DF14291D206D780 ] UNS            C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
09:15:55.0553 0x13b0  UNS - ok
09:15:55.0561 0x13b0  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
09:15:55.0590 0x13b0  upnphost - ok
09:15:55.0593 0x13b0  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64      C:\Windows\system32\Drivers\usbaapl64.sys
09:15:55.0601 0x13b0  USBAAPL64 - ok
09:15:55.0605 0x13b0  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp        C:\Windows\system32\DRIVERS\usbccgp.sys
09:15:55.0614 0x13b0  usbccgp - ok
09:15:55.0618 0x13b0  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
09:15:55.0626 0x13b0  usbcir - ok
09:15:55.0629 0x13b0  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci        C:\Windows\system32\drivers\usbehci.sys
09:15:55.0636 0x13b0  usbehci - ok
09:15:55.0645 0x13b0  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
09:15:55.0659 0x13b0  usbhub - ok
09:15:55.0661 0x13b0  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci        C:\Windows\system32\drivers\usbohci.sys
09:15:55.0667 0x13b0  usbohci - ok
09:15:55.0670 0x13b0  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
09:15:55.0678 0x13b0  usbprint - ok
09:15:55.0682 0x13b0  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR        C:\Windows\system32\DRIVERS\USBSTOR.SYS
09:15:55.0691 0x13b0  USBSTOR - ok
09:15:55.0694 0x13b0  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci        C:\Windows\system32\drivers\usbuhci.sys
09:15:55.0701 0x13b0  usbuhci - ok
09:15:55.0704 0x13b0  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms          C:\Windows\System32\uxsms.dll
09:15:55.0725 0x13b0  UxSms - ok
09:15:55.0727 0x13b0  [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc        C:\Windows\system32\lsass.exe
09:15:55.0733 0x13b0  VaultSvc - ok
09:15:55.0736 0x13b0  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
09:15:55.0742 0x13b0  vdrvroot - ok
09:15:55.0754 0x13b0  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds            C:\Windows\System32\vds.exe
09:15:55.0784 0x13b0  vds - ok
09:15:55.0787 0x13b0  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga            C:\Windows\system32\DRIVERS\vgapnp.sys
09:15:55.0795 0x13b0  vga - ok
09:15:55.0798 0x13b0  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave        C:\Windows\System32\drivers\vga.sys
09:15:55.0817 0x13b0  VgaSave - ok
09:15:55.0819 0x13b0  VGPU - ok
09:15:55.0826 0x13b0  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp          C:\Windows\system32\drivers\vhdmp.sys
09:15:55.0839 0x13b0  vhdmp - ok
09:15:55.0841 0x13b0  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
09:15:55.0848 0x13b0  viaide - ok
09:15:55.0856 0x13b0  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus          C:\Windows\system32\drivers\vmbus.sys
09:15:55.0870 0x13b0  vmbus - ok
09:15:55.0874 0x13b0  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
09:15:55.0886 0x13b0  VMBusHID - ok
09:15:55.0897 0x13b0  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
09:15:55.0912 0x13b0  volmgr - ok
09:15:55.0930 0x13b0  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx        C:\Windows\system32\drivers\volmgrx.sys
09:15:55.0956 0x13b0  volmgrx - ok
09:15:55.0976 0x13b0  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap        C:\Windows\system32\drivers\volsnap.sys
09:15:55.0994 0x13b0  volsnap - ok
09:15:55.0999 0x13b0  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid        C:\Windows\system32\drivers\vsmraid.sys
09:15:56.0007 0x13b0  vsmraid - ok
09:15:56.0036 0x13b0  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS            C:\Windows\system32\vssvc.exe
09:15:56.0088 0x13b0  VSS - ok
09:15:56.0091 0x13b0  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
09:15:56.0099 0x13b0  vwifibus - ok
09:15:56.0101 0x13b0  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
09:15:56.0112 0x13b0  vwififlt - ok
09:15:56.0121 0x13b0  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time        C:\Windows\system32\w32time.dll
09:15:56.0148 0x13b0  W32Time - ok
09:15:56.0152 0x13b0  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
09:15:56.0159 0x13b0  WacomPen - ok
09:15:56.0163 0x13b0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
09:15:56.0183 0x13b0  WANARP - ok
09:15:56.0186 0x13b0  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
09:15:56.0206 0x13b0  Wanarpv6 - ok
09:15:56.0233 0x13b0  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc    C:\Windows\system32\Wat\WatAdminSvc.exe
09:15:56.0266 0x13b0  WatAdminSvc - ok
09:15:56.0293 0x13b0  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
09:15:56.0331 0x13b0  wbengine - ok
09:15:56.0337 0x13b0  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
09:15:56.0351 0x13b0  WbioSrvc - ok
09:15:56.0361 0x13b0  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc        C:\Windows\System32\wcncsvc.dll
09:15:56.0378 0x13b0  wcncsvc - ok
09:15:56.0382 0x13b0  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
09:15:56.0390 0x13b0  WcsPlugInService - ok
09:15:56.0393 0x13b0  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
09:15:56.0398 0x13b0  Wd - ok
09:15:56.0418 0x13b0  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
09:15:56.0441 0x13b0  Wdf01000 - ok
09:15:56.0444 0x13b0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost  C:\Windows\system32\wdi.dll
09:15:56.0469 0x13b0  WdiServiceHost - ok
09:15:56.0471 0x13b0  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost  C:\Windows\system32\wdi.dll
09:15:56.0482 0x13b0  WdiSystemHost - ok
09:15:56.0490 0x13b0  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient      C:\Windows\System32\webclnt.dll
09:15:56.0505 0x13b0  WebClient - ok
09:15:56.0511 0x13b0  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
09:15:56.0536 0x13b0  Wecsvc - ok
09:15:56.0540 0x13b0  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport  C:\Windows\System32\wercplsupport.dll
09:15:56.0563 0x13b0  wercplsupport - ok
09:15:56.0566 0x13b0  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
09:15:56.0587 0x13b0  WerSvc - ok
09:15:56.0589 0x13b0  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
09:15:56.0608 0x13b0  WfpLwf - ok
09:15:56.0611 0x13b0  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
09:15:56.0617 0x13b0  WIMMount - ok
09:15:56.0618 0x13b0  WinDefend - ok
09:15:56.0622 0x13b0  WinHttpAutoProxySvc - ok
09:15:56.0629 0x13b0  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt        C:\Windows\system32\wbem\WMIsvc.dll
09:15:56.0652 0x13b0  Winmgmt - ok
09:15:56.0705 0x13b0  [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM          C:\Windows\system32\WsmSvc.dll
09:15:56.0791 0x13b0  WinRM - ok
09:15:56.0798 0x13b0  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
09:15:56.0817 0x13b0  WinUsb - ok
09:15:56.0843 0x13b0  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc        C:\Windows\System32\wlansvc.dll
09:15:56.0871 0x13b0  Wlansvc - ok
09:15:56.0873 0x13b0  [ 680A7846370000D20D7E74917D5B7936, 55B77B358039672845D361CA4205F3482D1F30A4654B610FD785A1337EFDC316 ] WmBEnum        C:\Windows\system32\drivers\WmBEnum.sys
09:15:56.0878 0x13b0  WmBEnum - ok
09:15:56.0881 0x13b0  [ 14C35BA8189C6F65D839163AA285E954, 8981AA488320C75E26E1ABDF884B721A4065F5D28F54782598B03F21B8CDC020 ] WmFilter        C:\Windows\system32\drivers\WmFilter.sys
09:15:56.0886 0x13b0  WmFilter - ok
09:15:56.0889 0x13b0  [ AC4331AF118A720F13C9C5CABBFE27BD, 2C5F453996B00078F3E8E731F6B3DD4529831BDA2146EAFC66727C9460E85112 ] WmHidLo        C:\Windows\system32\drivers\WmHidLo.sys
09:15:56.0894 0x13b0  WmHidLo - ok
09:15:56.0896 0x13b0  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi        C:\Windows\system32\DRIVERS\wmiacpi.sys
09:15:56.0903 0x13b0  WmiAcpi - ok
09:15:56.0910 0x13b0  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
09:15:56.0922 0x13b0  wmiApSrv - ok
09:15:56.0924 0x13b0  WMPNetworkSvc - ok
09:15:56.0926 0x13b0  [ 8488DD91A3EE54A8E29F02AD7BB8201E, D428ED991D9E4A8765C240B21884A262854278698D60862117AC5949713231F9 ] WmVirHid        C:\Windows\system32\drivers\WmVirHid.sys
09:15:56.0931 0x13b0  WmVirHid - ok
09:15:56.0934 0x13b0  [ 14802B3A30AA849C97CB968CCC813BF3, 330AD828ABD040ECDBF58F7162978CD61BFC093CAD404FD2BCAC74E3F2EC542A ] WmXlCore        C:\Windows\system32\drivers\WmXlCore.sys
09:15:56.0940 0x13b0  WmXlCore - ok
09:15:56.0942 0x13b0  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
09:15:56.0948 0x13b0  WPCSvc - ok
09:15:56.0952 0x13b0  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
09:15:56.0962 0x13b0  WPDBusEnum - ok
09:15:56.0964 0x13b0  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl        C:\Windows\system32\drivers\ws2ifsl.sys
09:15:56.0984 0x13b0  ws2ifsl - ok
09:15:56.0988 0x13b0  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
09:15:57.0001 0x13b0  wscsvc - ok
09:15:57.0003 0x13b0  WSearch - ok
09:15:57.0051 0x13b0  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv        C:\Windows\system32\wuaueng.dll
09:15:57.0105 0x13b0  wuauserv - ok
09:15:57.0109 0x13b0  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
09:15:57.0119 0x13b0  WudfPf - ok
09:15:57.0127 0x13b0  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
09:15:57.0139 0x13b0  WUDFRd - ok
09:15:57.0142 0x13b0  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc        C:\Windows\System32\WUDFSvc.dll
09:15:57.0152 0x13b0  wudfsvc - ok
09:15:57.0157 0x13b0  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc        C:\Windows\System32\wwansvc.dll
09:15:57.0168 0x13b0  WwanSvc - ok
09:15:57.0172 0x13b0  [ 38F55D07B1D3391065C40EC065F984E2, 056F5E3034C4C11403D74F44A364964A3A5945608DAE2A03EF025A22F5C31B26 ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
09:15:57.0179 0x13b0  xusb21 - ok
09:15:57.0182 0x13b0  ================ Scan global ===============================
09:15:57.0184 0x13b0  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
09:15:57.0191 0x13b0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:15:57.0200 0x13b0  [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
09:15:57.0205 0x13b0  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
09:15:57.0216 0x13b0  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
09:15:57.0224 0x13b0  [ Global ] - ok
09:15:57.0224 0x13b0  ================ Scan MBR ==================================
09:15:57.0225 0x13b0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
09:15:57.0433 0x13b0  \Device\Harddisk0\DR0 - ok
09:15:57.0445 0x13b0  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
09:15:57.0513 0x13b0  \Device\Harddisk1\DR1 - ok
09:15:57.0513 0x13b0  ================ Scan VBR ==================================
09:15:57.0514 0x13b0  [ F0456677651342193FE8AF5D2968FA65 ] \Device\Harddisk0\DR0\Partition1
09:15:57.0515 0x13b0  \Device\Harddisk0\DR0\Partition1 - ok
09:15:57.0516 0x13b0  [ A9BCEA65F46748EED6C72A962F5FB85E ] \Device\Harddisk0\DR0\Partition2
09:15:57.0517 0x13b0  \Device\Harddisk0\DR0\Partition2 - ok
09:15:57.0524 0x13b0  AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( 4.4.304.0 ), 0x60000 ( disabled : updated )
09:15:57.0531 0x13b0  Win FW state via NFP2: enabled
09:16:00.0144 0x13b0  ============================================================
09:16:00.0144 0x13b0  Scan finished
09:16:00.0144 0x13b0  ============================================================
09:16:00.0147 0x0e10  Detected object count: 2
09:16:00.0147 0x0e10  Actual detected object count: 2
09:16:22.0212 0x0e10  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - skipped by user
09:16:22.0212 0x0e10  Intel(R) Capability Licensing Service Interface ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:16:22.0212 0x0e10  SwitchBoard ( UnsignedFile.Multi.Generic ) - skipped by user
09:16:22.0212 0x0e10  SwitchBoard ( UnsignedFile.Multi.Generic ) - User select action: Skip
09:16:24.0926 0x1120  Deinitialize success
Gab bei mir noch die Additional Option USE KSN to scan objects. hab die jetzt nicht ausgewählt gehabt nonder nur die anderen beiden.

LG

cosinus 18.03.2014 09:21
Adware/Junkware/Toolbars entfernen


1. Schritt: Malwarebytes Anti-Malware

Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.




2. Schritt: adwCleaner

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



3. Schritt: JRT - Junkware Removal Tool

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.




4. Schritt: Frisches Log mit FRST

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)


slater27 18.03.2014 17:09
Schritt 1 Malewarebytes:
Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.18.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Patrick :: PATRICK-PC [Administrator]

Schutz: Aktiviert

18.03.2014 16:22:10
mbam-log-2014-03-18 (16-22-10).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 220868
Laufzeit: 1 Minute(n), 21 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 2
HKCU\Software\InstallCore\1I1T1Q1S (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.
HKCU\SOFTWARE\INSTALLCORE (PUP.Optional.InstallCore.A) -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Registrierungswerte: 1
HKCU\Software\InstallCore|tb (PUP.Optional.InstallCore.A) -> Daten: 0F2Y1H1E2W1S0Q1K1P -> Erfolgreich gelöscht und in Quarantäne gestellt.

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Schritt 2 adwCleaner:
Code:
# AdwCleaner v3.022 - Bericht erstellt am 18/03/2014 um 16:48:25
# Aktualisiert 13/03/2014 von Xplode
# Betriebssystem : Windows 7 Ultimate Service Pack 1 (64 bits)
# Benutzername : Patrick - PATRICK-PC
# Gestartet von : C:\Users\Patrick\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Patrick\AppData\Roaming\eCyber
Ordner Gelöscht : C:\Users\Patrick\AppData\Roaming\iSafe
Ordner Gelöscht : C:\Users\Patrick\Documents\Optimizer Pro
Datei Gelöscht : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\user.js

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{1146AC44-2F03-4431-B4FD-889BC837521F}
Schlüssel Gelöscht : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Schlüssel Gelöscht : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect

***** [ Browser ] *****

-\\ Internet Explorer v8.0.7601.17514


-\\ Mozilla Firefox v27.0.1 (de)

[ Datei : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\prefs.js ]

Zeile gelöscht : user_pref("plugin.state.npconduitfirefoxplugin", 0);

*************************

AdwCleaner[R0].txt - [1652 octets] - [18/03/2014 16:42:12]
AdwCleaner[S0].txt - [1575 octets] - [18/03/2014 16:48:25]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1635 octets] ##########
Schritt 3 JRT:
Code:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 7 Ultimate x64
Ran by Patrick on 18.03.2014 at 16:51:15,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.03.2014 at 16:54:01,95
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Schritt 4 FRST:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Patrick (administrator) on PATRICK-PC on 18-03-2014 17:03:04
Running from C:\Users\Patrick\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal


==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) c:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
() C:\Program Files (x86)\MSI\OTPService\OTPService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) E:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Qualcomm Atheros) C:\Program Files (x86)\Bluetooth Suite\BtTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(Apple Inc.) E:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6963272 2013-01-15] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] - C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-01-21] (NVIDIA Corporation)
HKLM\...\Run: [MSC] - c:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [BtvStack] - C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [127616 2012-08-31] (Atheros Communications)
HKLM\...\Run: [BtTray] - C:\Program Files (x86)\Bluetooth Suite\BtTray.exe [764544 2012-08-31] (Qualcomm Atheros)
HKLM\...\Run: [Start WingMan Profiler] - C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
HKLM-x32\...\Run: [USB3MON] - C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [RUSB3MON] - C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [iTunesHelper] - E:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKU\S-1-5-21-3464895135-2213791737-1334037653-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
InternetURL: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Registry.url -> C:\ProgramData\575533705.exe

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x7F8DFD71A9FBCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKLM-x32 - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {0191A6B0-1154-4C22-9182-23A95BBE92D9} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKCU - {4FC8E392-66B7-44FC-8F7D-618CE89C1E88} URL = hxxp://search.yahoo.com/search?p={searchTerms}&fr=tightropetb&type=10871
SearchScopes: HKCU - {6776F026-253B-48A8-BE22-897FA4886E8B} URL = hxxp://search.findwide.com/serp?guid={666B3E8C-58E8-4170-BD1F-EA97304322A3}&action=default_search&serpv=22&k={searchTerms}
BHO: Lync Browser Helper - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - E:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - E:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - E:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {E8166F43-08B6-4CD6-A9AD-2416AE687F4E} -  No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - E:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default
FF NewTab: user_pref("browser.newtab.url", "");
FF SearchEngineOrder.1: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - E:\PROGRA~4\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.1 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.2 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.4 - E:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - E:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 - C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - E:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - E:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 - C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF Extension: DownloadHelper [AU] - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-01-19]
FF Extension: YouTube High Definition - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}.xpi [2014-01-26]
FF Extension: Adblock Plus - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\ofu6ir9g.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-12-20]
FF StartMenuInternet: FIREFOX.EXE - e:\program files (x86)\mozilla firefox\firefox.exe

==================== Services (Whitelisted) =================

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-08-31] (Qualcomm Atheros Commnucations)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-01-14] (Intel Corporation)
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 MSI_OTPService; C:\Program Files (x86)\MSI\OTPService\OTPService.exe [252432 2012-04-12] ()
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-20] ()
R2 TeamViewer9; E:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [5341536 2013-12-17] (TeamViewer GmbH)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-08-31] (Qualcomm Atheros)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
R1 ISODrive; E:\Program Files (x86)\UltraISO\drivers\ISODrv64.sys [115448 2013-11-21] (EZB Systems, Inc.)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 NTIOLib_1_0_T; C:\Program Files (x86)\MSI\OTPService\NTIOLib_X64.sys [14136 2009-10-06] (MSI)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
R3 rusb3hub; C:\Windows\System32\DRIVERS\rusb3hub.sys [114568 2012-08-27] (Renesas Electronics Corporation)
R3 rusb3xhc; C:\Windows\System32\DRIVERS\rusb3xhc.sys [230280 2012-08-27] (Renesas Electronics Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 cpuz135; \??\C:\Windows\TEMP\cpuz135\cpuz135_x64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-03-18 17:03 - 2014-03-18 17:03 - 00014634 _____ () C:\Users\Patrick\Desktop\FRST.txt
2014-03-18 16:54 - 2014-03-18 16:54 - 00000623 _____ () C:\Users\Patrick\Desktop\JRT.txt
2014-03-18 16:51 - 2014-03-18 16:51 - 00000000 ____D () C:\Windows\ERUNT
2014-03-18 16:49 - 2014-03-18 16:49 - 00000000 ___RD () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-03-18 16:41 - 2014-03-18 16:48 - 00000000 ____D () C:\AdwCleaner
2014-03-18 16:40 - 2014-03-18 16:40 - 00001460 _____ () C:\Users\Patrick\Desktop\post.txt
2014-03-18 16:19 - 2014-03-18 16:19 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Malwarebytes
2014-03-18 16:18 - 2014-03-18 16:18 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-18 16:18 - 2014-03-18 16:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-18 16:18 - 2013-04-04 14:50 - 00025928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-03-18 16:16 - 2014-03-18 16:16 - 01950720 _____ () C:\Users\Patrick\Desktop\adwcleaner.exe
2014-03-18 16:16 - 2014-03-18 16:16 - 01037734 _____ (Thisisu) C:\Users\Patrick\Desktop\JRT.exe
2014-03-18 16:15 - 2014-03-18 16:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-18 01:15 - 2014-02-27 15:26 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Patrick\Desktop\TDSSKiller.exe
2014-03-18 00:36 - 2014-03-18 00:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 00:33 - 2014-03-18 00:47 - 00000000 ____D () C:\Users\Patrick\Desktop\mbar
2014-03-18 00:33 - 2014-03-18 00:43 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-18 00:32 - 2014-03-18 00:32 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Patrick\Desktop\mbar-1.07.0.1009.exe
2014-03-18 00:21 - 2014-03-18 00:21 - 00039516 _____ () C:\ComboFix.txt
2014-03-18 00:20 - 2014-03-18 00:20 - 07651328 _____ (GetFLV) C:\Users\Patrick\AppData\Roaming\GetFLV.exe
2014-03-18 00:16 - 2014-03-18 00:21 - 00000000 ____D () C:\ComboFix
2014-03-18 00:16 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-03-18 00:16 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-03-18 00:16 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-03-18 00:16 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-03-18 00:16 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-03-18 00:16 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-03-18 00:16 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-03-18 00:16 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-03-18 00:14 - 2014-03-18 00:21 - 00000000 ____D () C:\Qoobox
2014-03-18 00:14 - 2014-03-18 00:20 - 00000000 ____D () C:\Windows\erdnt
2014-03-17 22:48 - 2014-03-18 17:03 - 00000000 ____D () C:\FRST
2014-03-17 22:47 - 2014-03-17 22:47 - 00000000 _____ () C:\Users\Patrick\defogger_reenable
2014-03-17 22:44 - 2014-03-17 22:44 - 02157056 _____ (Farbar) C:\Users\Patrick\Desktop\FRST64.exe
2014-03-17 14:24 - 2014-03-17 14:35 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Sony
2014-03-17 11:45 - 2014-02-24 16:59 - 12296192 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 09075712 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 01495040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-03-17 11:45 - 2014-02-24 16:59 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 06041088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-03-17 11:45 - 2014-02-24 16:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-17 11:45 - 2014-02-24 15:01 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-17 11:45 - 2014-02-24 14:39 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-17 11:45 - 2013-12-10 03:28 - 00610304 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-17 11:45 - 2013-12-10 03:02 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-17 10:48 - 2012-06-16 06:15 - 00911360 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-03-17 10:48 - 2012-06-16 05:26 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-03-17 10:44 - 2014-03-17 10:44 - 00001421 _____ () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-17 09:55 - 2014-03-17 09:55 - 00000519 _____ () C:\Users\Patrick\AppData\Roaming\setting.ini
2014-03-17 09:54 - 2014-03-17 09:54 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\tmp
2014-03-17 09:47 - 2014-03-17 09:47 - 00000000 ____D () C:\Users\Patrick\Documents\Wondershare Player
2014-03-17 09:46 - 2014-03-17 09:46 - 00000000 ____D () C:\Users\Patrick\Documents\Wondershare Streaming Video Recorder
2014-03-17 09:46 - 2009-08-05 17:30 - 00240248 _____ (CACE Technologies) C:\Windows\system32\wpcap.dll
2014-03-17 09:46 - 2009-08-05 17:30 - 00088704 _____ (CACE Technologies) C:\Windows\system32\Packet.dll
2014-03-17 09:46 - 2009-08-05 17:30 - 00053299 _____ () C:\Windows\system32\pthreadVC.dll
2014-03-17 09:46 - 2009-08-05 17:30 - 00040464 _____ (CACE Technologies) C:\Windows\system32\Drivers\npf.sys
2014-03-15 15:47 - 2014-03-15 15:47 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-03-13 21:41 - 2014-03-13 21:41 - 00000000 ____D () C:\Program Files\MoTeC
2014-03-13 21:39 - 2014-03-13 21:39 - 00000000 ____D () C:\ProgramData\MoTeC
2014-03-13 21:39 - 2014-03-13 21:39 - 00000000 ____D () C:\MoTeC
2014-03-13 18:32 - 2014-03-13 18:32 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Downloaded Installations
2014-03-13 09:15 - 2014-02-07 02:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-13 09:15 - 2014-01-29 03:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-13 09:15 - 2014-01-29 03:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-13 09:15 - 2014-01-28 03:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-03-13 09:14 - 2014-02-04 03:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-03-13 09:14 - 2014-02-04 03:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-13 09:14 - 2014-02-04 03:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-03-13 09:14 - 2014-02-04 03:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-09 20:25 - 2014-03-09 20:25 - 00000000 ____D () C:\Program Files\Logitech
2014-03-09 20:13 - 2014-03-09 20:13 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Logitech
2014-03-09 20:07 - 2014-03-09 20:07 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2014-03-08 15:36 - 2014-03-08 15:36 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2014-03-08 10:32 - 2014-03-08 10:32 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-08 10:32 - 2014-02-08 17:18 - 00599840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-03-08 10:31 - 2014-02-08 19:34 - 31432480 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 23683360 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 17560352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 12324640 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-03-08 10:31 - 2014-02-08 19:34 - 11636176 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 11589272 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 09728064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 09690424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 03142432 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 02956576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 02782496 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 02410784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00892192 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00875296 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00863520 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00844576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00832424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00483104 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00408352 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00378656 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00353504 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00333600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00174296 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-03-08 10:31 - 2014-02-08 19:34 - 00148528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-03-05 21:22 - 2014-03-05 21:22 - 00053248 _____ () C:\Windows\SysWOW64\nvTextureToolsUtil.dll
2014-03-04 16:08 - 2014-03-05 21:22 - 00151552 _____ () C:\Windows\SysWOW64\nvRegDev.dll
2014-03-04 16:08 - 2014-03-05 21:22 - 00040960 _____ () C:\Windows\SysWOW64\nvISWOW64.dll
2014-03-04 16:08 - 2014-03-05 21:20 - 00061440 _____ () C:\Windows\SysWOW64\nvPhotoshopUtil.dll
2014-03-04 16:07 - 2002-08-15 10:11 - 00344064 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll
2014-03-04 16:07 - 2002-01-05 03:40 - 00487424 ____R (Microsoft Corporation) C:\Windows\SysWOW64\msvcp70.dll
2014-02-26 23:47 - 2014-02-26 23:49 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grid 2
2014-02-26 15:00 - 2014-02-27 10:58 - 00000000 ____D () C:\ProgramData\Steam
2014-02-26 15:00 - 2014-02-26 15:00 - 00000000 ____D () C:\Users\Patrick\Documents\My Games
2014-02-26 15:00 - 2014-02-26 15:00 - 00000000 ____D () C:\ProgramData\Codemasters
2014-02-26 14:56 - 2014-03-17 11:44 - 00052767 _____ () C:\Windows\DirectX.log
2014-02-24 10:47 - 2014-02-08 19:34 - 01885472 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433489.dll
2014-02-24 10:47 - 2014-02-08 19:34 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433489.dll
2014-02-19 10:53 - 2014-03-17 10:52 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\SkyTestATC1
2014-02-19 10:53 - 2008-02-06 19:31 - 01019904 _____ (Conaito) C:\Windows\SysWOW64\EvoVoIP.ocx
2014-02-19 10:53 - 2004-08-04 05:00 - 01355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVBVM50.DLL
2014-02-19 10:53 - 2004-08-04 05:00 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dx8vb.dll
2014-02-19 10:53 - 2002-12-20 15:02 - 01066176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCOMCTL.OCX
2014-02-19 10:53 - 2000-10-02 00:00 - 00125712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VB6DE.DLL
2014-02-19 10:53 - 2000-05-23 22:45 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTDFMT.DLL
2014-02-19 10:53 - 1999-05-07 00:00 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.OCX
2014-02-19 10:53 - 1999-01-25 20:30 - 00026624 _____ (Jan Krumsiek) C:\Windows\SysWOW64\JKJoystick2.ocx
2014-02-19 10:53 - 1998-07-06 00:00 - 00158208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSCMCDE.DLL
2014-02-19 10:53 - 1998-06-24 01:00 - 00609584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\COMCTL32.OCX
2014-02-19 10:53 - 1998-06-24 01:00 - 00108336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSWINSCK.OCX
2014-02-18 01:48 - 2014-03-17 09:26 - 00005088 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Patrick-PC-Patrick Patrick-PC

==================== One Month Modified Files and Folders =======

2014-03-18 17:03 - 2014-03-18 17:03 - 00014634 _____ () C:\Users\Patrick\Desktop\FRST.txt
2014-03-18 17:03 - 2014-03-17 22:48 - 00000000 ____D () C:\FRST
2014-03-18 16:56 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-03-18 16:56 - 2009-07-14 05:45 - 00026544 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-03-18 16:54 - 2014-03-18 16:54 - 00000623 _____ () C:\Users\Patrick\Desktop\JRT.txt
2014-03-18 16:53 - 2011-04-12 08:43 - 00703092 _____ () C:\Windows\system32\perfh007.dat
2014-03-18 16:53 - 2011-04-12 08:43 - 00150676 _____ () C:\Windows\system32\perfc007.dat
2014-03-18 16:53 - 2009-07-14 06:13 - 01629572 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-18 16:51 - 2014-03-18 16:51 - 00000000 ____D () C:\Windows\ERUNT
2014-03-18 16:50 - 2014-02-15 10:47 - 00033466 _____ () C:\Windows\setupact.log
2014-03-18 16:49 - 2014-03-18 16:49 - 00000000 ___RD () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-03-18 16:49 - 2013-12-21 10:25 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-03-18 16:49 - 2013-12-18 04:56 - 01165075 _____ () C:\Windows\WindowsUpdate.log
2014-03-18 16:48 - 2014-03-18 16:41 - 00000000 ____D () C:\AdwCleaner
2014-03-18 16:40 - 2014-03-18 16:40 - 00001460 _____ () C:\Users\Patrick\Desktop\post.txt
2014-03-18 16:19 - 2014-03-18 16:19 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Malwarebytes
2014-03-18 16:18 - 2014-03-18 16:18 - 00001113 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-03-18 16:18 - 2014-03-18 16:18 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-03-18 16:16 - 2014-03-18 16:16 - 01950720 _____ () C:\Users\Patrick\Desktop\adwcleaner.exe
2014-03-18 16:16 - 2014-03-18 16:16 - 01037734 _____ (Thisisu) C:\Users\Patrick\Desktop\JRT.exe
2014-03-18 16:15 - 2014-03-18 16:15 - 10285040 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Desktop\mbam-setup-1.75.0.1300.exe
2014-03-18 00:47 - 2014-03-18 00:33 - 00000000 ____D () C:\Users\Patrick\Desktop\mbar
2014-03-18 00:43 - 2014-03-18 00:33 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-03-18 00:41 - 2014-02-15 10:47 - 00003604 _____ () C:\Windows\PFRO.log
2014-03-18 00:41 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\IME
2014-03-18 00:36 - 2014-03-18 00:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-03-18 00:34 - 2013-12-18 04:56 - 00000000 ___RD () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-18 00:32 - 2014-03-18 00:32 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Patrick\Desktop\mbar-1.07.0.1009.exe
2014-03-18 00:21 - 2014-03-18 00:21 - 00039516 _____ () C:\ComboFix.txt
2014-03-18 00:21 - 2014-03-18 00:16 - 00000000 ____D () C:\ComboFix
2014-03-18 00:21 - 2014-03-18 00:14 - 00000000 ____D () C:\Qoobox
2014-03-18 00:20 - 2014-03-18 00:20 - 07651328 _____ (GetFLV) C:\Users\Patrick\AppData\Roaming\GetFLV.exe
2014-03-18 00:20 - 2014-03-18 00:14 - 00000000 ____D () C:\Windows\erdnt
2014-03-18 00:20 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-03-18 00:19 - 2009-07-14 03:34 - 65798144 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-03-18 00:19 - 2009-07-14 03:34 - 16777216 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-03-18 00:19 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-03-18 00:19 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-03-18 00:19 - 2009-07-14 03:34 - 00262144 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-03-17 22:47 - 2014-03-17 22:47 - 00000000 _____ () C:\Users\Patrick\defogger_reenable
2014-03-17 22:47 - 2013-12-18 04:56 - 00000000 ____D () C:\Users\Patrick
2014-03-17 22:44 - 2014-03-17 22:44 - 02157056 _____ (Farbar) C:\Users\Patrick\Desktop\FRST64.exe
2014-03-17 22:35 - 2013-12-19 12:11 - 00000000 ____D () C:\Users\Patrick\Documents\Outlook-Dateien
2014-03-17 14:36 - 2013-12-19 17:04 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps
2014-03-17 14:35 - 2014-03-17 14:24 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Sony
2014-03-17 13:52 - 2014-01-04 23:13 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\vlc
2014-03-17 11:44 - 2014-02-26 14:56 - 00052767 _____ () C:\Windows\DirectX.log
2014-03-17 11:01 - 2013-12-19 12:57 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-17 11:01 - 2013-12-19 12:57 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-17 11:01 - 2013-12-19 12:57 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-03-17 10:52 - 2014-02-19 10:53 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\SkyTestATC1
2014-03-17 10:44 - 2014-03-17 10:44 - 00001421 _____ () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2014-03-17 10:44 - 2013-12-18 04:56 - 00001455 _____ () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-17 10:44 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-17 09:55 - 2014-03-17 09:55 - 00000519 _____ () C:\Users\Patrick\AppData\Roaming\setting.ini
2014-03-17 09:54 - 2014-03-17 09:54 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\tmp
2014-03-17 09:47 - 2014-03-17 09:47 - 00000000 ____D () C:\Users\Patrick\Documents\Wondershare Player
2014-03-17 09:46 - 2014-03-17 09:46 - 00000000 ____D () C:\Users\Patrick\Documents\Wondershare Streaming Video Recorder
2014-03-17 09:42 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2014-03-17 09:26 - 2014-02-18 01:48 - 00005088 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Patrick-PC-Patrick Patrick-PC
2014-03-17 09:05 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-15 15:47 - 2014-03-15 15:47 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
2014-03-15 15:47 - 2013-12-18 23:01 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Adobe
2014-03-13 21:41 - 2014-03-13 21:41 - 00000000 ____D () C:\Program Files\MoTeC
2014-03-13 21:39 - 2014-03-13 21:39 - 00000000 ____D () C:\ProgramData\MoTeC
2014-03-13 21:39 - 2014-03-13 21:39 - 00000000 ____D () C:\MoTeC
2014-03-13 21:31 - 2009-07-14 05:45 - 04985656 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-13 18:52 - 2013-12-19 12:02 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-13 18:52 - 2009-07-14 03:34 - 00000478 _____ () C:\Windows\win.ini
2014-03-13 18:32 - 2014-03-13 18:32 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Downloaded Installations
2014-03-13 09:10 - 2014-02-11 15:43 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-13 09:10 - 2014-02-11 15:43 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-12 13:05 - 2013-12-19 12:57 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-03-09 20:25 - 2014-03-09 20:25 - 00000000 ____D () C:\Program Files\Logitech
2014-03-09 20:13 - 2014-03-09 20:13 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Logitech
2014-03-09 20:07 - 2014-03-09 20:07 - 00000000 ____D () C:\Program Files\Common Files\Logitech
2014-03-08 15:36 - 2014-03-08 15:36 - 00098304 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt.dll
2014-03-08 10:32 - 2014-03-08 10:32 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-03-08 10:32 - 2013-12-18 05:20 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-03-08 10:28 - 2013-12-20 09:36 - 00000000 ____D () C:\ProgramData\Origin
2014-03-05 22:28 - 2013-12-18 05:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-03-05 22:28 - 2013-12-18 05:04 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-03-05 21:22 - 2014-03-05 21:22 - 00053248 _____ () C:\Windows\SysWOW64\nvTextureToolsUtil.dll
2014-03-05 21:22 - 2014-03-04 16:08 - 00151552 _____ () C:\Windows\SysWOW64\nvRegDev.dll
2014-03-05 21:22 - 2014-03-04 16:08 - 00040960 _____ () C:\Windows\SysWOW64\nvISWOW64.dll
2014-03-05 21:20 - 2014-03-04 16:08 - 00061440 _____ () C:\Windows\SysWOW64\nvPhotoshopUtil.dll
2014-02-27 15:26 - 2014-03-18 01:15 - 04130656 _____ (Kaspersky Lab ZAO) C:\Users\Patrick\Desktop\TDSSKiller.exe
2014-02-27 10:58 - 2014-02-26 15:00 - 00000000 ____D () C:\ProgramData\Steam
2014-02-26 23:49 - 2014-02-26 23:47 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Grid 2
2014-02-26 15:00 - 2014-02-26 15:00 - 00000000 ____D () C:\Users\Patrick\Documents\My Games
2014-02-26 15:00 - 2014-02-26 15:00 - 00000000 ____D () C:\ProgramData\Codemasters
2014-02-24 16:59 - 2014-03-17 11:45 - 12296192 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 09075712 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 02458112 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 01495040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 01188864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 00735232 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 00134144 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-02-24 16:59 - 2014-03-17 11:45 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 11020800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 06041088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 02078208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 01232896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 00981504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 00132096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-02-24 16:35 - 2014-03-17 11:45 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-02-24 15:01 - 2014-03-17 11:45 - 01638912 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-02-24 14:39 - 2014-03-17 11:45 - 01638912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-02-17 16:55 - 2013-12-21 10:31 - 88567024 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-02-17 16:55 - 2013-12-21 10:31 - 00000000 ____D () C:\Windows\system32\MRT

Some content of TEMP:
====================
C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2014-03-10 17:13

==================== End Of Log ============================
--- --- ---


Lg

cosinus 18.03.2014 17:35
Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster.

Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument

Code:
InternetURL: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Registry.url -> C:\ProgramData\575533705.exe
C:\ProgramData\575533705.exe
C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Registry.url
FF NewTab: user_pref("browser.newtab.url", "");

Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
  • Starte nun FRST erneut und klicke den Entfernen Button.
  • Das Tool erstellt eine Fixlog.txt.
  • Poste mir deren Inhalt.


slater27 18.03.2014 18:15
Code:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Patrick at 2014-03-18 18:14:25 Run:1
Running from C:\Users\Patrick\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
InternetURL: C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Registry.url -> C:\ProgramData\575533705.exe
C:\ProgramData\575533705.exe
C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Registry.url
FF NewTab: user_pref("browser.newtab.url", "");
       
*****************

C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Registry.url => Moved successfully.
"C:\ProgramData\575533705.exe" => File/Directory not found.
"C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Registry.url" => File/Directory not found.
Firefox newtab deleted successfully.

==== End of Fixlog ====

cosinus 19.03.2014 11:19
Sieht ok aus. Wir sollten fast durch sein. Mach bitte zur Kontrolle einen Quickscan mit Malwarebytes Anti-Malware (MBAM)

Hinweis: Denk bitte vorher daran, Malwarebytes Anti-Malware über den Updatebutton zu aktualisieren!

Anschließend über den OnlineScanner von ESET eine zusätzliche Meinung zu holen ist auch nicht verkehrt:


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


slater27 19.03.2014 20:54
tut mir leid dass das alles so lange dauert. hatte blöde termine die letzten tage

Code:
Malwarebytes Anti-Malware (Test) 1.75.0.1300
www.malwarebytes.org

Datenbank Version: v2014.03.18.06

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 8.0.7601.17514
Patrick :: PATRICK-PC [Administrator]

Schutz: Deaktiviert

19.03.2014 15:38:01
mbam-log-2014-03-19 (15-38-01).txt

Art des Suchlaufs: Quick-Scan
Aktivierte Suchlaufeinstellungen: Speicher | Autostart | Registrierung | Dateisystem | Heuristiks/Extra | HeuristiKs/Shuriken | PUP | PUM
Deaktivierte Suchlaufeinstellungen: P2P
Durchsuchte Objekte: 220818
Laufzeit: 1 Minute(n), 20 Sekunde(n)

Infizierte Speicherprozesse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Speichermodule: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungsschlüssel: 0
(Keine bösartigen Objekte gefunden)

Infizierte Registrierungswerte: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateiobjekte der Registrierung: 0
(Keine bösartigen Objekte gefunden)

Infizierte Verzeichnisse: 0
(Keine bösartigen Objekte gefunden)

Infizierte Dateien: 0
(Keine bösartigen Objekte gefunden)

(Ende)
Code:
ESETSmartInstaller@High as downloader log:
all ok
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6920
# api_version=3.0.2
# EOSSerial=e8a2888147800349954661a06dee6e5f
# engine=17507
# end=finished
# remove_checked=false
# archives_checked=false
# unwanted_checked=false
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-03-19 03:24:31
# local_time=2014-03-19 04:24:31 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=5893 16776574 100 94 7798729 146872521 0 0
# scanned=243400
# found=8
# cleaned=0
# scan_time=2375
sh=E72D0AEB6BD63378EF58C4D8E543DA7C76C81F0A ft=1 fh=20fd86e42d58e39c vn="a variant of MSIL/Kryptik.SM trojan" ac=I fn="C:\Qoobox\Quarantine\C\ProgramData\575533705.exe.vir"
sh=7787168B0306FA5AE0B0F4A45A10770BA5555172 ft=1 fh=d88b5c1ac5807a82 vn="a variant of Win32/Packed.VMProtect.ABD trojan" ac=I fn="E:\Benutzer\Patrick\Downloads\Spiele\Need.for.Speed.Rivals.MULTi2-P2P\Need.for.Speed.Rivals.v1.3.0.0.Update.and.No.Origin.X86.and.X64.Crack-3DM\Crack\nfs14.3dm.dll"
sh=280B8315CDBC552C72772AEB1464A2DBCE50AE78 ft=1 fh=aa3f26a8c27aa3ea vn="a variant of Win32/Packed.VMProtect.ABD trojan" ac=I fn="E:\Benutzer\Patrick\Downloads\Spiele\Need.for.Speed.Rivals.MULTi2-P2P\Need.for.Speed.Rivals.v1.3.0.0.Update.and.No.Origin.X86.and.X64.Crack-3DM\Crack\NFS14.exe"
sh=A7A417BA25FE9F21BB8C9E6E08052F93ED5F9C0A ft=1 fh=6073a8e90a37cf45 vn="a variant of Win32/Packed.VMProtect.ABD trojan" ac=I fn="E:\Benutzer\Patrick\Downloads\Spiele\Need.for.Speed.Rivals.MULTi2-P2P\Need.for.Speed.Rivals.v1.3.0.0.Update.and.No.Origin.X86.and.X64.Crack-3DM\Crack\nfs14_x86.3dm.dll"
sh=846CED383017D61753F3FDB759A503B8E5BA6809 ft=1 fh=a4a725f00170177a vn="a variant of Win32/Packed.VMProtect.ABD trojan" ac=I fn="E:\Benutzer\Patrick\Downloads\Spiele\Need.for.Speed.Rivals.MULTi2-P2P\Need.for.Speed.Rivals.v1.3.0.0.Update.and.No.Origin.X86.and.X64.Crack-3DM\Crack\NFS14_x86.exe"
sh=6B92ACCB15C567805BFC60AE0D77180A094F72A3 ft=1 fh=72f79de567122609 vn="a variant of Win32/Packed.VMProtect.ABD trojan" ac=I fn="E:\Benutzer\Patrick\Downloads\Spiele\Need.for.Speed.Rivals.MULTi2-P2P\RivUpdcrck\Need.for.Speed.Rivals.v1.2.0.0.Update.and.No.Origin.X86.and.X64.Crack-3DM\Crack\nfs14.3dm.dll"
sh=3E5D0151E346371306937F65729B07B726866B00 ft=1 fh=0dd01c485f08979f vn="a variant of Win32/Packed.VMProtect.ABD trojan" ac=I fn="E:\Benutzer\Patrick\Downloads\Spiele\Need.for.Speed.Rivals.MULTi2-P2P\RivUpdcrck\Need.for.Speed.Rivals.v1.2.0.0.Update.and.No.Origin.X86.and.X64.Crack-3DM\Crack\NFS14.exe"
sh=DA66A6EF19C7ED4E2164CC299384F64D3A3FB484 ft=1 fh=d747e2aa9a9eec04 vn="a variant of Win32/Packed.VMProtect.ABD trojan" ac=I fn="E:\Benutzer\Patrick\Downloads\Spiele\Need.for.Speed.Rivals.MULTi2-P2P\RivUpdcrck\Need.for.Speed.Rivals.v1.2.0.0.Update.and.No.Origin.X86.and.X64.Crack-3DM\Crack\NFS14_x86.exe"

Ich seh schon....Need for Speed. Ich muss mich an dieser Stelle entschuldigen. Das war ich :S. Hatte es vergessen anzugeben da ich es nie installiert hatte. (Hab dann die PS4 mit dem NFS Bundle bekommen)

cosinus 20.03.2014 00:41
Runter mit dem Scheiß! :mad: :pfui:

slater27 20.03.2014 00:55
Schon weg. Bin ich jetzt sauber oder sind wir noch nicht ganz fertig?
Was das ist weiß ich allerdings nicht :S
Code:
sh=E72D0AEB6BD63378EF58C4D8E543DA7C76C81F0A ft=1 fh=20fd86e42d58e39c vn="a variant of MSIL/Kryptik.SM trojan" ac=I fn="C:\Qoobox\Quarantine\C\ProgramData\575533705.exe.vir"

cosinus 20.03.2014 00:56
Zitat:
C:\Qoobox\Quarantine
Ist nur die Q von CF. D.h. combofix schmeißt da die Dateien rein, die schädlich sind, falls man die nochmal auswerten will oder so. ;)

slater27 20.03.2014 01:02
Alles klar. Dankeschön! Echt "supergeil" wie mir hier geholfen wird.

Brauch ich noch einen scan oder darf ich beruhigt sein? (ich hoffe ich drängel nicht, dachte nur vielleicht wurde es überlesen :dummguck:)

cosinus 20.03.2014 01:27
TFC - Temp File Cleaner

Lade dir TFC (TempFileCleaner von Oldtimer) herunter und speichere es auf den Desktop.
  • Öffne die TFC.exe.
    Vista und Win 7 User mit Rechtsklick "als Administrator starten".
  • Schließe alle anderen Programme.
  • Drücke auf den Button Start.
  • Falls du zu einem Neustart aufgefordert wirst, bestätige diesen.



Sieht soweit ok aus :daumenhoc

Wegen Cookies und anderer Dinge im Web: Um die Pest von vornherein zu blocken (also TrackingCookies, Werbebanner etc.) müsstest du dir mal sowas wie MVPS Hosts File anschauen => Blocking Unwanted Parasites with a Hosts File - sinnvollerweise solltest du alle 4 Wochen mal bei MVPS nachsehen, ob er eine neue Hosts Datei herausgebracht hat. Ist aber nur optional. Um Usertracking zu verhindern kann man gut die Firefox-Erweiterung Ghostery verwenden.

Info: Cookies sind keine Schädlinge direkt, aber es besteht die Gefahr der missbräuchlichen Verwendung (eindeutige Wiedererkennung zB für gezielte Werbung o.ä. => HTTP-Cookie )

Ansonsten gibt es noch gute Cookiemanager, Erweiterungen für den Firefox zB wäre da CookieCuller
Wenn du aber damit leben kannst, dich bei jeder Browsersession überall neu einzuloggen (zB Facebook, Ebay, GMX, oder auch Trojaner-Board) dann stell den Browser einfach so ein, dass einfach alles beim Beenden des Browser inkl. Cookies gelöscht wird.

Ist dein System nun wieder in Ordnung oder gibt's noch andere Funde oder Probleme?

slater27 20.03.2014 11:38
Super, danke! Bin jetzt echt erleichtert und freu mich dass wieder alles seine Ordnung hat. Werde künftig besser auf mein klickverhalten achten und hab mir schon man Ghostery geholt und führe Firefox nun auch in der Sandbox aus. Einzig komisch ust nur dass seit Ghostery der banner von eurer Website geblockt wurde und Youtube sieht auch etwas Kaka aus ^^. Wollte mir dort ansehen wie das mit MVPs funktioniert und naja, ich denke ich hänge ein Bild an. Kann das nicht bescheiben ^^.

Danke jedenfalls! War wirklich einzigartig dieser Support.

http://www7.pic-upload.de/thumb/20.0...ddzxrg33ty.jpg

hxxp://www7.pic-upload.de/20.03.14/rkddzxrg33ty.jpg

edit: habe gerade Ghostery deaktiviert und youtube sieht immer noch so aus :S

nochmal edit: das liegt denk ich an Sandboxie. Hab Firefox ohne Sandboxie gestartet und es war alles normal. Und nun ist es auch in der Sandbox normal. Muss ich jetzt immer eine Seite zuerst ohne Sandbox öffnen und dann mit oder kann man das einstellen. oder soll ich gleich Sandboxie bleiben lassen? (ganz schön viele Fragen für das, dass ich fertig bin mit meinem Problem *schäm*)

cosinus 20.03.2014 12:19
Zu Sandboxie kann ich nicht viel sagen, nutz das Teil garnicht. Mir reichen Bordmittel wie zB eingeschränkte Rechte.


Alle Zeitangaben in WEZ +1. Es ist jetzt 01:29 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131