Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Random audio ads playing while browsing


  • Please log in to reply
17 replies to this topic

#1 Hmpf

Hmpf

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 10 May 2014 - 10:39 AM

Operating system: Windows 7 Home Premium (with Service Pack 1)

 

Internet browser: Firefox 28.0

 

Antivirus software: Avira Free Antivirus

 

Date of discovery of problem: May 8, 2014

 

Last full antivirus scan: same; no threats found. Antivirus software updated just before scan.

 

Description of problem:

On May 8th an audio ad (for some soft drink or other, I think) suddenly started playing while I was looking at a youtube video. As it seemed unlikely youtube would have audio ads that played simultaneously with videos I suspected foul play right away but, then figured that maybe it was just some youtube malfunction after all. A few minutes later another random audio ad played while I was checking out a graphics tutorial page that didn't even have any embedded video. I decided it probably was an infection of some sort, after all, googled "random audio ads" - and found out that there is in fact malware that can cause this. So then I did a full scan with my antivirus software - which didn't turn up anything. I haven't used the computer since the scan, as I still think there's probably some malware on it.

 

How do I find out what it is?

What do I do to remove it?

Should I post the Avira log, even though it didn't turn up anything?


Edited by Hmpf, 10 May 2014 - 10:40 AM.


BC AdBot (Login to Remove)

 


#2 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 10 May 2014 - 10:45 AM

Additional question: how do I back up my data if I don't have a "virgin" hard drive available? If I just shove everything onto my usual back-up disk, don't I risk infecting that with whatever it is that's plaguing my system? I don't want to back up my data at the cost of destroying my already-backed-up data...



#3 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,561 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:05:42 PM

Posted 10 May 2014 - 08:37 PM

Hello....Lets run these please.

Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
[list]
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.



    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner

    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).


    .

    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.
  • .
    Now Last ....
    Download RogueKiller from one of the following links and save it to your desktop:
  • Link 1
  • Link 2
  • Close all programs and disconnect any USB or external drives before running the tool.
  • Double-click RogueKiller.exe to run the tool (Vista or 7 users: Right-click and select Run As Administrator).
  • Once the Prescan has finished, click Scan.
  • Once the Status box shows "Scan Finished", just close the program. <--Don't fix anything!
  • Copy and paste the report that opens into your next reply.
  • The log can also be found on your desktop labeled (RKreport[X]_S_xxdatexx_xtimex)
  • The highest number of [X], is the most recent Scan

  • >>>>

    You can back up all your important documents, personal data files, photos, music, videos to a CD or DVD drive, not a flash drive or external hard drive as they may become compromised in the process. The safest practice is not to backup any executable files (*.exe), screensavers (*.scr), dynamic link library (*.dll), autorun (.ini) or script files (.php, .asp, .htm, .html, .xml) files because they may be infected by malware. Avoid backing up compressed files (.zip, .cab, .rar) that have executables inside them as some types of malware can penetrate compressed files and infect the .exe files within them. Other types of malware may even disguise itself by hiding a file extension or by adding double file extensions and/or space(s) in the file's name to hide the real extension as shown here (click Figure 1 to enlarge) so be sure you look closely at the full file name. If you cannot see the file extension, you may need to reconfigure Windows to show file name extensions. Then make sure you scan the backed up data with your anti-virus prior to to copying it back to your hard drive.
    [list]
  • How to back up or transfer your data on a Windows-based computer
  • How to Backup and Restore in Windows 7

Edited by boopme, 10 May 2014 - 08:42 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#4 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 11 May 2014 - 03:52 AM

Thanks for your help! Should I run all these scans while the computer is online, or should I disable my internet connection while I scan?



#5 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 11 May 2014 - 04:17 AM

For some reason my MiniToolbox log came out partly in German (probably because that's my system language)... I hope you can still make some sense of it.

 

 

MiniToolBox by Farbar  Version: 23-01-2014
Ran by HDH-10 (administrator) on 11-05-2014 at 11:01:13
Running from "C:\Users\HDH-10\Desktop"
Microsoft Windows 7 Home Premium  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows-IP-Konfiguration

Der DNS-Aufl”sungscache wurde geleert.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1       localhost

========================= IP Configuration: ================================

Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20) = LAN-Verbindung (Connected)
Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC = Drahtlosnetzwerkverbindung (Media disconnected)
Microsoft Virtual WiFi Miniport Adapter = Drahtlosnetzwerkverbindung 2 (Media disconnected)


# ----------------------------------
# IPv4-Konfiguration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# Ende der IPv4-Konfiguration



Windows-IP-Konfiguration

   Hostname  . . . . . . . . . . . . : HDH-10-PC
   Prim„res DNS-Suffix . . . . . . . :
   Knotentyp . . . . . . . . . . . . : Hybrid
   IP-Routing aktiviert  . . . . . . : Nein
   WINS-Proxy aktiviert  . . . . . . : Nein
   DNS-Suffixsuchliste . . . . . . . : Speedport_W_303V_Typ_A

Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung 2:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix:
   Beschreibung. . . . . . . . . . . : Microsoft Virtual WiFi Miniport Adapter
   Physikalische Adresse . . . . . . : 74-F0-6D-0A-F6-63
   DHCP aktiviert. . . . . . . . . . : Ja
   Autokonfiguration aktiviert . . . : Ja

Ethernet-Adapter LAN-Verbindung:

   Verbindungsspezifisches DNS-Suffix: Speedport_W_303V_Typ_A
   Beschreibung. . . . . . . . . . . : Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
   Physikalische Adresse . . . . . . : 00-26-2D-C1-C1-10
   DHCP aktiviert. . . . . . . . . . : Ja
   Autokonfiguration aktiviert . . . : Ja
   Verbindungslokale IPv6-Adresse  . : fe80::405d:16c5:d677:6c66%11(Bevorzugt)
   IPv4-Adresse  . . . . . . . . . . : 192.168.2.103(Bevorzugt)
   Subnetzmaske  . . . . . . . . . . : 255.255.255.0
   Lease erhalten. . . . . . . . . . : Sonntag, 11. Mai 2014 10:46:07
   Lease l„uft ab. . . . . . . . . . : Donnerstag, 15. Mai 2014 10:46:07
   Standardgateway . . . . . . . . . : 192.168.2.1
   DHCP-Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6-IAID . . . . . . . . . . . : 352331309
   DHCPv6-Client-DUID. . . . . . . . : 00-01-00-01-14-60-D8-7A-74-F0-6D-0A-F6-63
   DNS-Server  . . . . . . . . . . . : 192.168.2.1
   NetBIOS ber TCP/IP . . . . . . . : Aktiviert

Drahtlos-LAN-Adapter Drahtlosnetzwerkverbindung:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix:
   Beschreibung. . . . . . . . . . . : Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
   Physikalische Adresse . . . . . . : 74-F0-6D-0A-F6-63
   DHCP aktiviert. . . . . . . . . . : Ja
   Autokonfiguration aktiviert . . . : Ja

Tunneladapter Teredo Tunneling Pseudo-Interface:

   Verbindungsspezifisches DNS-Suffix:
   Beschreibung. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja
   IPv6-Adresse. . . . . . . . . . . : 2001:0:9d38:6ab8:3f:257b:b023:4f3b(Bevorzugt)
   Verbindungslokale IPv6-Adresse  . : fe80::3f:257b:b023:4f3b%19(Bevorzugt)
   Standardgateway . . . . . . . . . : ::
   NetBIOS ber TCP/IP . . . . . . . : Deaktiviert

Tunneladapter isatap.{B0188398-7BC9-473C-A52C-4C760093E145}:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix:
   Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #2
   Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja

Tunneladapter isatap.Speedport_W_303V_Typ_A:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix: Speedport_W_303V_Typ_A
   Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter
   Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja

Tunneladapter isatap.{407B865C-B90E-4D92-B519-6827F896836D}:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix:
   Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #4
   Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja

Tunneladapter isatap.{91734A2F-C336-4BE9-8362-AA7479B0E354}:

   Medienstatus. . . . . . . . . . . : Medium getrennt
   Verbindungsspezifisches DNS-Suffix:
   Beschreibung. . . . . . . . . . . : Microsoft-ISATAP-Adapter #5
   Physikalische Adresse . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP aktiviert. . . . . . . . . . : Nein
   Autokonfiguration aktiviert . . . : Ja
Server:  speedport.ip
Address:  192.168.2.1

Name:    google.com
Addresses:  2a00:1450:4001:803::1004
      173.194.112.99
      173.194.112.101
      173.194.112.102
      173.194.112.96
      173.194.112.98
      173.194.112.100
      173.194.112.104
      173.194.112.97
      173.194.112.105
      173.194.112.103
      173.194.112.110


Ping wird ausgefhrt fr google.com [173.194.112.110] mit 32 Bytes Daten:
Antwort von 173.194.112.110: Bytes=32 Zeit=197ms TTL=57
Antwort von 173.194.112.110: Bytes=32 Zeit=165ms TTL=57

Ping-Statistik fr 173.194.112.110:
    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 165ms, Maximum = 197ms, Mittelwert = 181ms
Server:  speedport.ip
Address:  192.168.2.1

Name:    yahoo.com
Addresses:  98.138.253.109
      206.190.36.45
      98.139.183.24


Ping wird ausgefhrt fr yahoo.com [98.139.183.24] mit 32 Bytes Daten:
Antwort von 98.139.183.24: Bytes=32 Zeit=279ms TTL=51
Antwort von 98.139.183.24: Bytes=32 Zeit=934ms TTL=51

Ping-Statistik fr 98.139.183.24:
    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 279ms, Maximum = 934ms, Mittelwert = 606ms

Ping wird ausgefhrt fr 127.0.0.1 mit 32 Bytes Daten:
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128
Antwort von 127.0.0.1: Bytes=32 Zeit<1ms TTL=128

Ping-Statistik fr 127.0.0.1:
    Pakete: Gesendet = 2, Empfangen = 2, Verloren = 0
    (0% Verlust),
Ca. Zeitangaben in Millisek.:
    Minimum = 0ms, Maximum = 0ms, Mittelwert = 0ms
===========================================================================
Schnittstellenliste
 16...74 f0 6d 0a f6 63 ......Microsoft Virtual WiFi Miniport Adapter
 11...00 26 2d c1 c1 10 ......Atheros AR8131 PCI-E Gigabit Ethernet Controller (NDIS 6.20)
 10...74 f0 6d 0a f6 63 ......Realtek RTL8191SE Wireless LAN 802.11n PCI-E NIC
  1...........................Software Loopback Interface 1
 19...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #2
 20...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter
 21...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #4
 22...00 00 00 00 00 00 00 e0 Microsoft-ISATAP-Adapter #5
===========================================================================

IPv4-Routentabelle
===========================================================================
Aktive Routen:
     Netzwerkziel    Netzwerkmaske          Gateway    Schnittstelle Metrik
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.103     10
        127.0.0.0        255.0.0.0   Auf Verbindung         127.0.0.1    306
        127.0.0.1  255.255.255.255   Auf Verbindung         127.0.0.1    306
  127.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
      192.168.2.0    255.255.255.0   Auf Verbindung     192.168.2.103    266
    192.168.2.103  255.255.255.255   Auf Verbindung     192.168.2.103    266
    192.168.2.255  255.255.255.255   Auf Verbindung     192.168.2.103    266
        224.0.0.0        240.0.0.0   Auf Verbindung         127.0.0.1    306
        224.0.0.0        240.0.0.0   Auf Verbindung     192.168.2.103    266
  255.255.255.255  255.255.255.255   Auf Verbindung         127.0.0.1    306
  255.255.255.255  255.255.255.255   Auf Verbindung     192.168.2.103    266
===========================================================================
St„ndige Routen:
  Keine

IPv6-Routentabelle
===========================================================================
Aktive Routen:
 If Metrik Netzwerkziel             Gateway
 19     58 ::/0                     Auf Verbindung
  1    306 ::1/128                  Auf Verbindung
 19     58 2001::/32                Auf Verbindung
 19    306 2001:0:9d38:6ab8:3f:257b:b023:4f3b/128
                                    Auf Verbindung
 11    266 fe80::/64                Auf Verbindung
 19    306 fe80::/64                Auf Verbindung
 19    306 fe80::3f:257b:b023:4f3b/128
                                    Auf Verbindung
 11    266 fe80::405d:16c5:d677:6c66/128
                                    Auf Verbindung
  1    306 ff00::/8                 Auf Verbindung
 19    306 ff00::/8                 Auf Verbindung
 11    266 ff00::/8                 Auf Verbindung
===========================================================================
St„ndige Routen:
  Keine
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 34 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 35 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 36 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (05/05/2014 06:18:12 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: Explorer.EXE, Version: 6.1.7601.17567, Zeitstempel: 0x4d6727a7
Name des fehlerhaften Moduls: KERNELBASE.dll, Version: 6.1.7601.18229, Zeitstempel: 0x51fb10c6
Ausnahmecode: 0xc000008c
Fehleroffset: 0x0000812f
ID des fehlerhaften Prozesses: 0xba8
Startzeit der fehlerhaften Anwendung: 0xExplorer.EXE0
Pfad der fehlerhaften Anwendung: Explorer.EXE1
Pfad des fehlerhaften Moduls: Explorer.EXE2
Berichtskennung: Explorer.EXE3

Error: (05/04/2014 05:20:31 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (05/02/2014 06:07:53 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: ZzzzZzzzZzzz.exe, Version: 1.0.0.0, Zeitstempel: 0x4f16f44d
Name des fehlerhaften Moduls: ZzzzZzzzZzzz.exe, Version: 1.0.0.0, Zeitstempel: 0x4f16f44d
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00005fe2
ID des fehlerhaften Prozesses: 0x1730
Startzeit der fehlerhaften Anwendung: 0xZzzzZzzzZzzz.exe0
Pfad der fehlerhaften Anwendung: ZzzzZzzzZzzz.exe1
Pfad des fehlerhaften Moduls: ZzzzZzzzZzzz.exe2
Berichtskennung: ZzzzZzzzZzzz.exe3

Error: (05/01/2014 08:06:40 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: xul.dll, Version: 28.0.0.5186, Zeitstempel: 0x53240e04
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00184729
ID des fehlerhaften Prozesses: 0x102c
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (04/26/2014 11:36:36 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (04/26/2014 11:13:51 AM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (04/22/2014 09:50:49 PM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: firefox.exe, Version: 28.0.0.5186, Zeitstempel: 0x53240e37
Name des fehlerhaften Moduls: xul.dll, Version: 28.0.0.5186, Zeitstempel: 0x53240e04
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00184729
ID des fehlerhaften Prozesses: 0xe44
Startzeit der fehlerhaften Anwendung: 0xfirefox.exe0
Pfad der fehlerhaften Anwendung: firefox.exe1
Pfad des fehlerhaften Moduls: firefox.exe2
Berichtskennung: firefox.exe3

Error: (04/17/2014 09:30:16 PM) (Source: SideBySide) (User: )
Description: Fehler beim Generieren des Aktivierungskontextes für "assemblyIdentity1". Fehler in Manifest- oder Richtliniendatei "assemblyIdentity2" in Zeile assemblyIdentity3.
Der Wert "MAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINOR" des "version"-Attributs im assemblyIdentity-Element ist ungültig.

Error: (04/13/2014 10:08:05 PM) (Source: Application Hang) (User: )
Description: Programm firefox.exe, Version 28.0.0.5186 kann nicht mehr unter Windows ausgeführt werden und wurde beendet. Überprüfen Sie den Problemverlauf in der Wartungscenter-Systemsteuerung, um nach weiteren Informationen zum Problem zu suchen.

Prozess-ID: 10d4

Startzeit: 01cf5718abe2509b

Endzeit: 330

Anwendungspfad: C:\Program Files\Mozilla Firefox\firefox.exe

Berichts-ID: 4fa5d276-c347-11e3-b99f-00262dc1c110

Error: (04/13/2014 06:01:29 PM) (Source: VSS) (User: )
Description: Volumeschattenkopie-Dienstfehler: Die E/A-Schreibvorgänge können während des Schattenkopie-Erstellungszeitraums auf Volume "C:\" nicht gespeichert werden.
Der Volumeindex im Schattenkopiesatz ist 0. Fehlerdetails: Offen[0x00000000, Der Vorgang wurde erfolgreich beendet.
], Leerung[0x00000000, Der Vorgang wurde erfolgreich beendet.
], Freigabe[0x80042314, Der Schattenkopieanbieter hat beim Warten auf den Schreibvorgang auf das Volume, von dem eine Schattenkopie erstellt wird, das Zeitlimit überschritten. Ursache hierfür könnte eine durch eine Anwendung oder einen Systemdienst verursachte hohe Aktivität auf dem Volume sein. Wiederholen Sie den Vorgang später, wenn das Volume nicht so stark ausgelastet ist.
], Ausführung[0x00000000, Der Vorgang wurde erfolgreich beendet.
].


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet


System errors:
=============
Error: (05/11/2014 10:46:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/11/2014 10:46:05 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Updating Service erreicht.

Error: (05/11/2014 10:46:05 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/11/2014 10:46:05 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (05/10/2014 05:10:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/10/2014 05:10:00 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Updating Service erreicht.

Error: (05/10/2014 05:10:00 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Scanner Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/10/2014 05:10:00 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Scanner Service erreicht.

Error: (05/10/2014 04:49:29 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Spybot-S&D 2 Updating Service" wurde aufgrund folgenden Fehlers nicht gestartet:
%%1053

Error: (05/10/2014 04:49:29 PM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Spybot-S&D 2 Updating Service erreicht.


Microsoft Office Sessions:
=========================
Error: (05/05/2014 06:18:12 PM) (Source: Application Error)(User: )
Description: Explorer.EXE6.1.7601.175674d6727a7KERNELBASE.dll6.1.7601.1822951fb10c6c000008c0000812fba801cf687944d14f3bC:\Windows\Explorer.EXEC:\Windows\system32\KERNELBASE.dllda12d0f7-d470-11e3-b7d2-00262dc1c110

Error: (05/04/2014 05:20:31 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (05/02/2014 06:07:53 PM) (Source: Application Error)(User: )
Description: ZzzzZzzzZzzz.exe1.0.0.04f16f44dZzzzZzzzZzzz.exe1.0.0.04f16f44dc000000500005fe2173001cf661eb6dbaa99G:\games\STILL PLAYING\Zzzz-Zzzz-Zzzz\Zzzz-Zzzz-Zzzz\ZzzzZzzzZzzz.exeG:\games\STILL PLAYING\Zzzz-Zzzz-Zzzz\Zzzz-Zzzz-Zzzz\ZzzzZzzzZzzz.exeea1f4f79-d213-11e3-9574-00262dc1c110

Error: (05/01/2014 08:06:40 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37xul.dll28.0.0.518653240e04c000000500184729102c01cf65577e8a2378C:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll57b48b2c-d15b-11e3-a404-00262dc1c110

Error: (04/26/2014 11:36:36 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (04/26/2014 11:13:51 AM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (04/22/2014 09:50:49 PM) (Source: Application Error)(User: )
Description: firefox.exe28.0.0.518653240e37xul.dll28.0.0.518653240e04c000000500184729e4401cf5e3c5e6fb827C:\Program Files\Mozilla Firefox\firefox.exeC:\Program Files\Mozilla Firefox\xul.dll6665c1ec-ca57-11e3-9d0e-00262dc1c110

Error: (04/17/2014 09:30:16 PM) (Source: SideBySide)(User: )
Description: assemblyIdentityversionMAJOR_VERSION.MINOR_VERSION.BUILD_NUMBER_MAJOR.BUILD_NUMBER_MINORc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dllc:\Program Files\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll3

Error: (04/13/2014 10:08:05 PM) (Source: Application Hang)(User: )
Description: firefox.exe28.0.0.518610d401cf5718abe2509b330C:\Program Files\Mozilla Firefox\firefox.exe4fa5d276-c347-11e3-b99f-00262dc1c110

Error: (04/13/2014 06:01:29 PM) (Source: VSS)(User: )
Description: C:\00x00000000, Der Vorgang wurde erfolgreich beendet.
0x00000000, Der Vorgang wurde erfolgreich beendet.
0x80042314, Der Schattenkopieanbieter hat beim Warten auf den Schreibvorgang auf das Volume, von dem eine Schattenkopie erstellt wird, das Zeitlimit überschritten. Ursache hierfür könnte eine durch eine Anwendung oder einen Systemdienst verursachte hohe Aktivität auf dem Volume sein. Wiederholen Sie den Vorgang später, wenn das Volume nicht so stark ausgelastet ist.
0x00000000, Der Vorgang wurde erfolgreich beendet.


Vorgang:
   Asynchroner Vorgang wird ausgeführt

Kontext:
   Aktueller Status: DoSnapshotSet


=========================== Installed Programs ============================

µTorrent (Version: 3.4.1.30888)
7-Zip 9.20
Acrobat.com (Version: 1.6.65)
Adobe AIR (Version: 1.5.0.7220)
Adobe Flash Player 13 ActiveX (Version: 13.0.0.206)
Adobe Flash Player 13 Plugin (Version: 13.0.0.206)
Adobe Reader XI (11.0.06) - Deutsch (Version: 11.0.06)
Ashampoo Burning Studio (Version: 9.23.0)
Ashampoo Snap (Version: 3.4.0)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (Version: 1.0.0.27)
Audacity 2.0.3 (Version: 2.0.3)
Audiograbber 1.83 SE  (Version: 1.83 SE )
Audiograbber MP3-Plugin (Version: 1.0)
Audiograbber Toolbar
Avira Free Antivirus (Version: 14.0.3.350)
Bing Bar (Version: 7.3.132.0)
Botanicula (Version: 1.0)
Brothers - A Tale of Two Sons
CDisplay 1.8
Cisco EAP-FAST Module (Version: 2.2.14)
Cisco LEAP Module (Version: 1.0.19)
Cisco PEAP Module (Version: 1.1.6)
CorelDRAW Essentials 4
CorelDRAW Essentials 4 - Content (Version: 4.0)
CorelDRAW Essentials 4 - Draw (Version: 4.0)
CorelDRAW Essentials 4 - Filters (Version: 4.0)
CorelDRAW Essentials 4 - ICA (Version: 4.0)
CorelDRAW Essentials 4 - IPM - No VBA (Version: 4.0)
CorelDRAW Essentials 4 - Lang BR (Version: 4.0)
CorelDRAW Essentials 4 - Lang DE (Version: 4.0)
CorelDRAW Essentials 4 - Lang EN (Version: 4.0)
CorelDRAW Essentials 4 - Lang ES (Version: 4.0)
CorelDRAW Essentials 4 - Lang FR (Version: 4.0)
CorelDRAW Essentials 4 - Lang IT (Version: 4.0)
CorelDRAW Essentials 4 - Lang NL (Version: 4.0)
CorelDRAW Essentials 4 - PHOTO-PAINT (Version: 4.0)
CorelDRAW Essentials 4 - Windows Shell Extension
CorelDRAW Essentials 4 - Windows Shell Extension (Version: 1.1)
CorelDRAW Essentials 4 (Version: 4.0)
f.lux
GameMaker-Studio 1.2
Google Chrome (Version: 34.0.1847.131)
Google Update Helper (Version: 1.3.23.9)
Haali Media Splitter
Intel® Graphics Media Accelerator Driver (Version: 8.15.10.2182)
Intel® Management Engine Components (Version: 6.0.0.1179)
Intel® Rapid Storage Technology (Version: 9.6.0.1014)
Java 7 Update 45 (Version: 7.0.450)
Java Auto Updater (Version: 2.1.9.8)
Junk Mail filter update (Version: 14.0.8117.416)
Knytt Underground 1.0
Launch Manager (Version: 1.5.1.2)
Malwarebytes Anti-Malware Version 1.75.0.1300 (Version: 1.75.0.1300)
Microsoft .NET Framework 4.5.1 (DEU) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Deutsch) (Version: 4.5.50938)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938)
Microsoft Application Error Reporting (Version: 12.0.6012.5000)
Microsoft Choice Guard (Version: 2.0.48.0)
Microsoft IntelliPoint 8.0 (Version: 8.0.225.0)
Microsoft Office 2010 (Version: 14.0.4763.1000)
Microsoft Silverlight (Version: 5.1.30214.0)
Microsoft SQL Server 2005 Compact Edition [DEU] (Version: 3.1.0000)
Microsoft SQL Server 2005 Compact Edition [ENU] (Version: 3.1.0000)
Microsoft Sync Framework Runtime Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Sync Framework Services Native v1.0 (x86) (Version: 1.0.1215.0)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (Version: 8.0.50727.4053)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (Version: 9.0.30729.5570)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (Version: 9.0.30729.4148)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (Version: 10.0.40219)
Microsoft XNA Framework Redistributable 3.0 (Version: 3.0.11010.0)
Microsoft XNA Framework Redistributable 3.1 (Version: 3.1.10527.0)
MiniTool Partition Wizard Home Edition 5.2
Mobile Partner (Version: 11.302.09.04.382)
MozBackup 1.5.1
Mozilla Firefox 28.0 (x86 de) (Version: 28.0)
Mozilla Maintenance Service (Version: 28.0)
Mozilla Thunderbird 24.4.0 (x86 de) (Version: 24.4.0)
MSVCRT (Version: 14.0.1468.721)
MSXML 4.0 SP2 (KB973688) (Version: 4.20.9876.0)
NVIDIA Display Control Panel (Version: 6.14.12.5912)
NVIDIA Drivers (Version: 1.10.62.40)
NVIDIA Updatus (Version: 1.0.3)
OpenAL
OpenOffice.org 3.2 (Version: 3.2.9502)
Papo & Yo
PDF Split And Merge Basic (Version: 2.2.2)
PlayReady PC Runtime x86 (Version: 1.3.0)
Proteus 0.1 (Version: 0.1)
Realtek High Definition Audio Driver (Version: 6.0.1.6128)
Realtek USB 2.0 Card Reader (Version: 6.1.7600.30121)
REALTEK Wireless LAN Driver (Version: 1.00.0148)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.0.4.0)
Skype™ 6.14 (Version: 6.14.104)
Spotify (Version: 0.9.8.296.g91f68827)
Spybot - Search & Destroy 2 (Version: 2.0.7)
Steam
Synaptics Pointing Device Driver (Version: 14.0.19.0)
Total Commander (Remove or Repair) (Version: 7.55a)
Uninstall 1.0.0.1
Unity Web Player (Version: )
VLC media player 2.1.2 (Version: 2.1.2)
Windows Live Anmelde-Assistent (Version: 5.000.818.5)
Windows Live Call (Version: 14.0.8117.0416)
Windows Live Communications Platform (Version: 14.0.8117.416)
Windows Live Essentials (Version: 14.0.8117.0416)
Windows Live Essentials (Version: 14.0.8117.416)
Windows Live Fotogalerie (Version: 14.0.8117.416)
Windows Live Mail (Version: 14.0.8117.0416)
Windows Live Messenger (Version: 14.0.8117.0416)
Windows Live Movie Maker (Version: 14.0.8117.0416)
Windows Live Sync (Version: 14.0.8117.416)
Windows Live Writer (Version: 14.0.8117.0416)
Windows Live-Uploadtool (Version: 14.0.8014.1029)
Windows Media Encoder 9 Series
Windows Media Encoder 9 Series (Version: 9.00.2980)
Windows Mobile-Gerätecenter (Version: 6.1.6965.0)
X10 Hardware™

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 3253.42 MB
Available physical RAM: 2330.1 MB
Total Pagefile: 6505.13 MB
Available Pagefile: 5327.54 MB
Total Virtual: 2047.88 MB
Available Virtual: 1936.3 MB

========================= Partitions: =====================================

1 Drive c: (Boot) (Fixed) (Total:100.49 GB) (Free:12.27 GB) NTFS
2 Drive d: (Recover) (Fixed) (Total:30.12 GB) (Free:9.74 GB) NTFS
4 Drive f: (Bilder) (Fixed) (Total:313.06 GB) (Free:48.86 GB) NTFS
5 Drive g: (Daten) (Fixed) (Total:151.39 GB) (Free:29.06 GB) NTFS
6 Drive h: () (Fixed) (Total:1 GB) (Free:0.82 GB) NTFS

========================= Users: ========================================

Benutzerkonten fr \\HDH-10-PC

Administrator            Gast                     HDH-10                   
UpdatusUser              
Der Befehl wurde erfolgreich ausgefhrt.


**** End of log ****
 



#6 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 11 May 2014 - 04:21 AM

Tdsskiller didn't find anything.

 

I've tried to start AdwCleaner now, but it's asking me to "select elements that you do not wish to remove" before it can proceed - but the list underneath, from which, presumably, I'm supposed to select stuff, is empty. What do I do to make it do its job?

 

All this is in German, too, btw, so the phrasing may be slightly different in the English version. It didn't even give me an option of choosing English :-(



#7 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 11 May 2014 - 04:23 AM

Or, wait - is that actually the result already? I.e., AdwCleaner didn't find anything either?



#8 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 11 May 2014 - 04:24 AM

Found the report from AdwCleaner:

 

# AdwCleaner v3.207 - Bericht erstellt am 11/05/2014 um 11:09:00
# Aktualisiert 05/05/2014 von Xplode
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (32 bits)
# Benutzername : HDH-10 - HDH-10-PC
# Gestartet von : C:\Users\HDH-10\Desktop\AdwCleaner.exe
# Option : Suchen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Datei Gefunden : C:\Users\HDH-10\AppData\Roaming\Mozilla\Firefox\Profiles\uya7of0b.default\searchplugins\search.xml
Ordner Gefunden : C:\Users\HDH-10\AppData\LocalLow\Toolbar4
Ordner Gefunden : C:\Users\HDH-10\AppData\Roaming\dvdvideosoftiehelpers

***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gefunden : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{96BD48DD-741B-41AE-AC4A-AFF96BA00F7E}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gefunden : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gefunden : HKCU\Software\Somoto Toolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{4CE516A7-F7AC-4628-B411-8F886DC5733E}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\TbCommonUtils.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\TbHelper.EXE
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\AppID\WLXQuickTimeShellExt.DLL
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{1C950DE5-D31E-42FB-AFB9-91B0161633D8}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{3BDF4CE9-E81D-432B-A55E-9F0570CE811F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{9F34B17E-FF0D-4FAB-97C4-9713FEE79052}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{A9A56B8E-2DEB-4ED3-BC92-1FA450BCE1A5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{AE338F6D-5A7C-4D1D-86E3-C618532079B5}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{C339D489-FABC-41DD-B39D-276101667C70}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D565B35E-B787-40FA-95E3-E3562F8FC1A0}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{D89031C2-10DA-4C90-9A62-FCED012BC46B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\CLSID\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{2A42D13C-D427-4787-821B-CF6973855778}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{3D8478AA-7B88-48A9-8BCB-B85D594411EC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{452AE416-9A97-44CA-93DA-D0F15C36254F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{45CDA4F7-594C-49A0-AAD1-8224517FE979}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4897BBA6-48D9-468C-8EFA-846275D7701B}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{4D8ED2B3-DC62-43EC-ABA3-5B74F046B1BE}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{81E852CC-1FD5-4004-8761-79A48B975E29}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{95B6A271-FEB4-4160-B0FF-44394C21C8DC}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B2CA345D-ADB8-4F5D-AC64-4AB34322F659}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{B9F43021-60D4-42A6-A065-9BA37F38AC47}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{BF921DD3-732A-4A11-933B-A5EA49F2FD2C}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{D83B296A-2FA6-425B-8AE8-A1F33D99FBD6}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Interface\{E67D5BC7-7129-493E-9281-F47BDAFACE4F}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\SMTTB2009.IEToolbar.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbCommonUtils.CommonUtils.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbDownloadManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbPropertyManager.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbRequest
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbRequest.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbTask
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.TbTask.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TbHelper.ToolbarHelper.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.ContextMenuNotifier.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.CustomInternetSecurityImpl.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\Toolbar3.SMTTB2009.1
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{B87F8B63-7274-43FD-87FA-09D3B7496148}
Schlüssel Gefunden : HKLM\SOFTWARE\Classes\TypeLib\{C4BAE205-5E02-4E32-876E-F34B4E2D000C}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{628F3201-34D0-49C0-BB9A-82A26AEFB291}
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS
Schlüssel Gefunden : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}
Schlüssel Gefunden : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\08121C32A9C319F4CB0C11FF059552A4

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17041


-\\ Mozilla Firefox v28.0 (de)

[ Datei : C:\Users\HDH-10\AppData\Roaming\Mozilla\Firefox\Profiles\0shx9xof.default\prefs.js ]


[ Datei : C:\Users\HDH-10\AppData\Roaming\Mozilla\Firefox\Profiles\uya7of0b.default\prefs.js ]


-\\ Google Chrome v34.0.1847.131

[ Datei : C:\Users\HDH-10\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6392 octets] - [11/05/2014 11:09:00]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [6452 octets] ##########
 



#9 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 11 May 2014 - 04:27 AM

Used TDSSkiller again to get a report, too:

 

11:25:26.0153 0x0f8c  TDSS rootkit removing tool 3.0.0.34 Apr 29 2014 18:20:10
11:25:31.0719 0x0f8c  ============================================================
11:25:31.0719 0x0f8c  Current date / time: 2014/05/11 11:25:31.0719
11:25:31.0719 0x0f8c  SystemInfo:
11:25:31.0719 0x0f8c  
11:25:31.0719 0x0f8c  OS Version: 6.1.7601 ServicePack: 1.0
11:25:31.0719 0x0f8c  Product type: Workstation
11:25:31.0720 0x0f8c  ComputerName: HDH-10-PC
11:25:31.0720 0x0f8c  UserName: HDH-10
11:25:31.0720 0x0f8c  Windows directory: C:\Windows
11:25:31.0720 0x0f8c  System windows directory: C:\Windows
11:25:31.0720 0x0f8c  Processor architecture: Intel x86
11:25:31.0720 0x0f8c  Number of processors: 4
11:25:31.0720 0x0f8c  Page size: 0x1000
11:25:31.0720 0x0f8c  Boot type: Normal boot
11:25:31.0720 0x0f8c  ============================================================
11:25:31.0806 0x0f8c  KLMD registered as C:\Windows\system32\drivers\32043294.sys
11:25:31.0911 0x0f8c  System UUID: {819792B2-A9A3-E2ED-B168-559E995BAFFD}
11:25:32.0397 0x0f8c  Drive \Device\Harddisk0\DR0 - Size: 0x950B056000 (596.17 Gb), SectorSize: 0x200, Cylinders: 0x13001, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
11:25:32.0399 0x0f8c  ============================================================
11:25:32.0399 0x0f8c  \Device\Harddisk0\DR0:
11:25:32.0399 0x0f8c  MBR partitions:
11:25:32.0399 0x0f8c  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
11:25:32.0399 0x0f8c  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xC8FAD89
11:25:32.0399 0x0f8c  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xC92D5CA, BlocksNum 0x27221261
11:25:32.0426 0x0f8c  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x33B4E86E, BlocksNum 0x12EC8D31
11:25:32.0445 0x0f8c  \Device\Harddisk0\DR0\Partition5: MBR, Type 0x7, StartLBA 0x46A175E1, BlocksNum 0x3C3DC19
11:25:32.0454 0x0f8c  \Device\Harddisk0\DR0\Partition6: MBR, Type 0x7, StartLBA 0x4A656800, BlocksNum 0x201000
11:25:32.0454 0x0f8c  ============================================================
11:25:32.0492 0x0f8c  F: <-> \Device\Harddisk0\DR0\Partition3
11:25:32.0548 0x0f8c  G: <-> \Device\Harddisk0\DR0\Partition4
11:25:32.0592 0x0f8c  H: <-> \Device\Harddisk0\DR0\Partition6
11:25:32.0647 0x0f8c  C: <-> \Device\Harddisk0\DR0\Partition2
11:25:32.0698 0x0f8c  D: <-> \Device\Harddisk0\DR0\Partition5
11:25:32.0698 0x0f8c  ============================================================
11:25:32.0698 0x0f8c  Initialize success
11:25:32.0698 0x0f8c  ============================================================
11:25:35.0056 0x0a30  ============================================================
11:25:35.0056 0x0a30  Scan started
11:25:35.0056 0x0a30  Mode: Manual;
11:25:35.0056 0x0a30  ============================================================
11:25:35.0056 0x0a30  KSN ping started
11:25:38.0488 0x0a30  KSN ping finished: true
11:25:38.0874 0x0a30  ================ Scan system memory ========================
11:25:38.0874 0x0a30  System memory - ok
11:25:38.0875 0x0a30  ================ Scan services =============================
11:25:39.0031 0x0a30  [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:25:39.0035 0x0a30  1394ohci - ok
11:25:39.0094 0x0a30  [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:25:39.0100 0x0a30  ACPI - ok
11:25:39.0125 0x0a30  [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:25:39.0126 0x0a30  AcpiPmi - ok
11:25:39.0244 0x0a30  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
11:25:39.0247 0x0a30  AdobeARMservice - ok
11:25:39.0349 0x0a30  [ 7C7E868E1D8096ED08D80FF7712BB9D8, EB4438F3CC377728173E018A763F0D0A8D5BBA4A289F554036D06B24030D2D62 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
11:25:39.0355 0x0a30  AdobeFlashPlayerUpdateSvc - ok
11:25:39.0445 0x0a30  [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:25:39.0453 0x0a30  adp94xx - ok
11:25:39.0500 0x0a30  [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:25:39.0506 0x0a30  adpahci - ok
11:25:39.0539 0x0a30  [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:25:39.0543 0x0a30  adpu320 - ok
11:25:39.0582 0x0a30  [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:25:39.0584 0x0a30  AeLookupSvc - ok
11:25:39.0660 0x0a30  [ F81BB7E487EDCEAB630A7EE66CF23913, 7D1638FD7E388EF670FA0A421762E0413351058A20DDF0F9988A383F05395A68 ] AFD             C:\Windows\system32\drivers\afd.sys
11:25:39.0668 0x0a30  AFD - ok
11:25:39.0707 0x0a30  [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440          C:\Windows\system32\drivers\agp440.sys
11:25:39.0709 0x0a30  agp440 - ok
11:25:39.0737 0x0a30  [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx         C:\Windows\system32\DRIVERS\djsvs.sys
11:25:39.0739 0x0a30  aic78xx - ok
11:25:39.0769 0x0a30  [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG             C:\Windows\System32\alg.exe
11:25:39.0771 0x0a30  ALG - ok
11:25:39.0808 0x0a30  [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:25:39.0809 0x0a30  aliide - ok
11:25:39.0828 0x0a30  [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp          C:\Windows\system32\drivers\amdagp.sys
11:25:39.0829 0x0a30  amdagp - ok
11:25:39.0853 0x0a30  [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:25:39.0854 0x0a30  amdide - ok
11:25:39.0874 0x0a30  [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:25:39.0876 0x0a30  AmdK8 - ok
11:25:39.0909 0x0a30  [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:25:39.0911 0x0a30  AmdPPM - ok
11:25:39.0973 0x0a30  [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:25:39.0976 0x0a30  amdsata - ok
11:25:40.0004 0x0a30  [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:25:40.0008 0x0a30  amdsbs - ok
11:25:40.0037 0x0a30  [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:25:40.0038 0x0a30  amdxata - ok
11:25:40.0167 0x0a30  [ 4D282B9C5BB05DF92C9F3977DFB9F916, E6D49ED0D5FA26F2936FC97A0F1DFA38D1066AAF2EEFCE2931AF21B2CBE54CAD ] AntiVirSchedulerService C:\Program Files\Avira\AntiVir Desktop\sched.exe
11:25:40.0177 0x0a30  AntiVirSchedulerService - ok
11:25:40.0265 0x0a30  [ 65AF41A7A2C5B6693E1B4164E7632C3E, BA1DC45D7BB5307BD418D2BDFDBD1DD593439245A0A3F65FE6287F6F5198B999 ] AntiVirService  C:\Program Files\Avira\AntiVir Desktop\avguard.exe
11:25:40.0275 0x0a30  AntiVirService - ok
11:25:40.0318 0x0a30  [ AEA177F783E20150ACE5383EE368DA19, 8FA9EE27AA1F22E8B8FE33A21028CA1E0062BAA95CB132C20D55B98C03B4254F ] AppID           C:\Windows\system32\drivers\appid.sys
11:25:40.0320 0x0a30  AppID - ok
11:25:40.0363 0x0a30  [ 62A9C86CB6085E20DB4823E4E97826F5, E0F840B49710022C4FB437002AD06F64B0F6B5D628B32D00F2B66765E6B97E4B ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:25:40.0365 0x0a30  AppIDSvc - ok
11:25:40.0401 0x0a30  [ EACFDF31921F51C097629F1F3C9129B4, 24138755D823E69760579ECBD672421192457CDC9941B2BC499C2D34D83E86C3 ] Appinfo         C:\Windows\System32\appinfo.dll
11:25:40.0403 0x0a30  Appinfo - ok
11:25:40.0450 0x0a30  [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:25:40.0453 0x0a30  arc - ok
11:25:40.0524 0x0a30  [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:25:40.0526 0x0a30  arcsas - ok
11:25:40.0633 0x0a30  [ 9D768C43FEF254DD50B1DBF8AD5C4C0B, A50854EA5C08605133B8BB4DFDC6090357C5665314AA72E0BFA1E07D4E451F09 ] aspnet_state    C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
11:25:40.0635 0x0a30  aspnet_state - ok
11:25:40.0669 0x0a30  [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:25:40.0670 0x0a30  AsyncMac - ok
11:25:40.0703 0x0a30  [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:25:40.0705 0x0a30  atapi - ok
11:25:40.0750 0x0a30  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:25:40.0760 0x0a30  AudioEndpointBuilder - ok
11:25:40.0775 0x0a30  [ CE3B4E731638D2EF62FCB419BE0D39F0, 3B98179CB0101778D9E7810D2CD46D9C0D7120E141BA11471666E7D9EB3C93CC ] Audiosrv        C:\Windows\System32\Audiosrv.dll
11:25:40.0785 0x0a30  Audiosrv - ok
11:25:40.0879 0x0a30  [ B8C10FF9369394EB84993F331810CF29, 84D674EF4FB73FD9D1539DFCC52361C2FBAFD5A2DEF1FFF4F1F416721AA80F85 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
11:25:40.0881 0x0a30  avgntflt - ok
11:25:40.0936 0x0a30  [ 4189E5AB2CAD6F395D87DAAE73EB090F, 8A98667451F0A9E81204BC9DD34B7BDA147FB867F0969361ED6F9C0CD422E49C ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
11:25:40.0940 0x0a30  avipbb - ok
11:25:41.0002 0x0a30  [ D8C712305F73CD34D1B344810E522728, 49A474FF6CA44E8427D7A8290B47395125B0148AF384CF2B3B1FA495A4718CBA ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
11:25:41.0004 0x0a30  avkmgr - ok
11:25:41.0050 0x0a30  [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:25:41.0053 0x0a30  AxInstSV - ok
11:25:41.0100 0x0a30  [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbdx.sys
11:25:41.0110 0x0a30  b06bdrv - ok
11:25:41.0150 0x0a30  [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x        C:\Windows\system32\DRIVERS\b57nd60x.sys
11:25:41.0155 0x0a30  b57nd60x - ok
11:25:41.0303 0x0a30  [ 5F685973740F289BE3C809952DB8408B, 4C0A0C06BB2B6B1879A860B0D68289A55F80CF74947FCCE7815F1D8121232F62 ] BBSvc           C:\Program Files\Microsoft\BingBar\7.3.132.0\BBSvc.exe
11:25:41.0307 0x0a30  BBSvc - ok
11:25:41.0375 0x0a30  [ 76F78018F45E7F92164CEA5020176933, 76E1CA6E198417F3749864721C43913189A7EA07B5ED320DE543B2037CEA3D65 ] BBUpdate        C:\Program Files\Microsoft\BingBar\7.3.132.0\SeaPort.exe
11:25:41.0381 0x0a30  BBUpdate - ok
11:25:41.0434 0x0a30  [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC          C:\Windows\System32\bdesvc.dll
11:25:41.0436 0x0a30  BDESVC - ok
11:25:41.0458 0x0a30  [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:25:41.0459 0x0a30  Beep - ok
11:25:41.0517 0x0a30  [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE             C:\Windows\System32\bfe.dll
11:25:41.0527 0x0a30  BFE - ok
11:25:41.0578 0x0a30  [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS            C:\Windows\system32\qmgr.dll
11:25:41.0592 0x0a30  BITS - ok
11:25:41.0660 0x0a30  [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:25:41.0662 0x0a30  blbdrive - ok
11:25:41.0698 0x0a30  [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:25:41.0700 0x0a30  bowser - ok
11:25:41.0728 0x0a30  [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:25:41.0730 0x0a30  BrFiltLo - ok
11:25:41.0759 0x0a30  [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:25:41.0760 0x0a30  BrFiltUp - ok
11:25:41.0811 0x0a30  [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser         C:\Windows\System32\browser.dll
11:25:41.0814 0x0a30  Browser - ok
11:25:41.0838 0x0a30  [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:25:41.0844 0x0a30  Brserid - ok
11:25:41.0855 0x0a30  [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:25:41.0856 0x0a30  BrSerWdm - ok
11:25:41.0893 0x0a30  [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:25:41.0894 0x0a30  BrUsbMdm - ok
11:25:41.0911 0x0a30  [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:25:41.0913 0x0a30  BrUsbSer - ok
11:25:41.0936 0x0a30  [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:25:41.0938 0x0a30  BTHMODEM - ok
11:25:42.0001 0x0a30  [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv         C:\Windows\system32\bthserv.dll
11:25:42.0003 0x0a30  bthserv - ok
11:25:42.0242 0x0a30  catchme - ok
11:25:42.0355 0x0a30  [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:25:42.0357 0x0a30  cdfs - ok
11:25:42.0386 0x0a30  [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
11:25:42.0389 0x0a30  cdrom - ok
11:25:42.0428 0x0a30  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:25:42.0431 0x0a30  CertPropSvc - ok
11:25:42.0476 0x0a30  [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:25:42.0478 0x0a30  circlass - ok
11:25:42.0515 0x0a30  [ 635181E0E9BBF16871BF5380D71DB02D, 58D5150C6F3B9F1730FFDF3A8A2ABF5FF207F9785BD66C0C1E03A0F1C223A26A ] CLFS            C:\Windows\system32\CLFS.sys
11:25:42.0521 0x0a30  CLFS - ok
11:25:42.0619 0x0a30  [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:25:42.0622 0x0a30  clr_optimization_v2.0.50727_32 - ok
11:25:42.0705 0x0a30  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:25:42.0710 0x0a30  clr_optimization_v4.0.30319_32 - ok
11:25:42.0737 0x0a30  [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:25:42.0738 0x0a30  CmBatt - ok
11:25:42.0763 0x0a30  [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:25:42.0764 0x0a30  cmdide - ok
11:25:42.0851 0x0a30  [ 85449EEBE8F8EBD6481EFBF0F352B4EB, E6FF04970C5A5BFDE7297A86C1C7B9BFE2E0F976A1A1AFB874CEB488DC6151CC ] CNG             C:\Windows\system32\Drivers\cng.sys
11:25:42.0858 0x0a30  CNG - ok
11:25:42.0890 0x0a30  [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:25:42.0891 0x0a30  Compbatt - ok
11:25:42.0937 0x0a30  [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:25:42.0938 0x0a30  CompositeBus - ok
11:25:42.0955 0x0a30  COMSysApp - ok
11:25:42.0969 0x0a30  [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:25:42.0971 0x0a30  crcdisk - ok
11:25:43.0008 0x0a30  [ 7CA1BECEA5DE2643ADDAD32670E7A4C9, E3AB4CC52A97E3855D7EAB87363F807FDD2162ED8C76A036CD71549ED64E7797 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:25:43.0012 0x0a30  CryptSvc - ok
11:25:43.0071 0x0a30  [ B6672F62F75FB952D7AE7CB4E80011A9, 84899B516B9EC095F4BD728F78A35C12473AED7FB87A0EF48FDE86158496CB83 ] dc3d            C:\Windows\system32\DRIVERS\dc3d.sys
11:25:43.0073 0x0a30  dc3d - ok
11:25:43.0120 0x0a30  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:25:43.0130 0x0a30  DcomLaunch - ok
11:25:43.0204 0x0a30  [ CC8B5C964B777F4EC3E89F13B4B5FF0F, 75E161265CCFFCB61FCE855C9790E2E06531E6B1C3DCCB1E3018466D03AD3919 ] DCService.exe   C:\ProgramData\DatacardService\DCService.exe
11:25:43.0209 0x0a30  DCService.exe - ok
11:25:43.0245 0x0a30  [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc       C:\Windows\System32\defragsvc.dll
11:25:43.0251 0x0a30  defragsvc - ok
11:25:43.0270 0x0a30  [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:25:43.0272 0x0a30  DfsC - ok
11:25:43.0365 0x0a30  [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:25:43.0374 0x0a30  Dhcp - ok
11:25:43.0410 0x0a30  [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache        C:\Windows\system32\drivers\discache.sys
11:25:43.0412 0x0a30  discache - ok
11:25:43.0465 0x0a30  [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk            C:\Windows\system32\DRIVERS\disk.sys
11:25:43.0467 0x0a30  Disk - ok
11:25:43.0506 0x0a30  [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:25:43.0510 0x0a30  Dnscache - ok
11:25:43.0543 0x0a30  [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:25:43.0548 0x0a30  dot3svc - ok
11:25:43.0588 0x0a30  [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS             C:\Windows\system32\dps.dll
11:25:43.0592 0x0a30  DPS - ok
11:25:43.0631 0x0a30  [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:25:43.0632 0x0a30  drmkaud - ok
11:25:43.0676 0x0a30  [ 71BC35067CABC02C9453AEAA42B2E43E, 713B19F2C08EA5E4C087F7A74A8856932CF33E19D63384823DD4E02ED8798619 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:25:43.0691 0x0a30  DXGKrnl - ok
11:25:43.0724 0x0a30  [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost         C:\Windows\System32\eapsvc.dll
11:25:43.0727 0x0a30  EapHost - ok
11:25:43.0863 0x0a30  [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv           C:\Windows\system32\DRIVERS\evbdx.sys
11:25:43.0926 0x0a30  ebdrv - ok
11:25:43.0970 0x0a30  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] EFS             C:\Windows\System32\lsass.exe
11:25:43.0972 0x0a30  EFS - ok
11:25:44.0054 0x0a30  [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
11:25:44.0066 0x0a30  ehRecvr - ok
11:25:44.0093 0x0a30  [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched         C:\Windows\ehome\ehsched.exe
11:25:44.0096 0x0a30  ehSched - ok
11:25:44.0145 0x0a30  [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:25:44.0155 0x0a30  elxstor - ok
11:25:44.0173 0x0a30  [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:25:44.0174 0x0a30  ErrDev - ok
11:25:44.0217 0x0a30  [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem     C:\Windows\system32\es.dll
11:25:44.0224 0x0a30  EventSystem - ok
11:25:44.0284 0x0a30  [ 5B250A1BE34D4FDE35287EEC297104A7, 06B302F29859EB3BB31C2D4C5E5231A794C4108E9862CC2E6F3FA44C6FA74257 ] ewusbnet        C:\Windows\system32\DRIVERS\ewusbnet.sys
11:25:44.0289 0x0a30  ewusbnet - ok
11:25:44.0317 0x0a30  [ E98A64C7F106740A38FB2B78197816F8, 704C86807CA6EC641125A1C7566318B46DEEA63573F15A424A4151999DB1E0E8 ] ew_hwusbdev     C:\Windows\system32\DRIVERS\ew_hwusbdev.sys
11:25:44.0320 0x0a30  ew_hwusbdev - ok
11:25:44.0364 0x0a30  [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:25:44.0367 0x0a30  exfat - ok
11:25:44.0385 0x0a30  [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:25:44.0389 0x0a30  fastfat - ok
11:25:44.0446 0x0a30  [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax             C:\Windows\system32\fxssvc.exe
11:25:44.0458 0x0a30  Fax - ok
11:25:44.0501 0x0a30  [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:25:44.0502 0x0a30  fdc - ok
11:25:44.0521 0x0a30  [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost         C:\Windows\system32\fdPHost.dll
11:25:44.0522 0x0a30  fdPHost - ok
11:25:44.0538 0x0a30  [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:25:44.0540 0x0a30  FDResPub - ok
11:25:44.0561 0x0a30  [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:25:44.0563 0x0a30  FileInfo - ok
11:25:44.0573 0x0a30  [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:25:44.0574 0x0a30  Filetrace - ok
11:25:44.0592 0x0a30  [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:25:44.0593 0x0a30  flpydisk - ok
11:25:44.0616 0x0a30  [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:25:44.0621 0x0a30  FltMgr - ok
11:25:44.0688 0x0a30  [ E12C4928B32ACE04610259647F072635, B71B9C2DF45F33C4DAC88435129B08B0BCDBBE82E8C3AD0A95F00137CC8B619F ] FontCache       C:\Windows\system32\FntCache.dll
11:25:44.0708 0x0a30  FontCache - ok
11:25:44.0789 0x0a30  [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
11:25:44.0791 0x0a30  FontCache3.0.0.0 - ok
11:25:44.0818 0x0a30  [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:25:44.0820 0x0a30  FsDepends - ok
11:25:44.0854 0x0a30  [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:25:44.0855 0x0a30  Fs_Rec - ok
11:25:44.0890 0x0a30  [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:25:44.0896 0x0a30  fvevol - ok
11:25:44.0929 0x0a30  [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:25:44.0931 0x0a30  gagp30kx - ok
11:25:44.0977 0x0a30  [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc           C:\Windows\System32\gpsvc.dll
11:25:44.0990 0x0a30  gpsvc - ok
11:25:45.0103 0x0a30  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
11:25:45.0106 0x0a30  gupdate - ok
11:25:45.0135 0x0a30  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
11:25:45.0140 0x0a30  gupdatem - ok
11:25:45.0152 0x0a30  [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:25:45.0153 0x0a30  hcw85cir - ok
11:25:45.0209 0x0a30  [ A5EF29D5315111C80A5C1ABAD14C8972, A181DA72E946F121C3F4A19438C547B0BFD15138AB1DB5465945EC89DF1F6B0A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:25:45.0216 0x0a30  HdAudAddService - ok
11:25:45.0256 0x0a30  [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
11:25:45.0259 0x0a30  HDAudBus - ok
11:25:45.0315 0x0a30  [ A88485DC6A7136C10D9A6C7E38FDFE3C, B651823E5F6D13B086B00440AD17C7C2756F079DD9290E0FEB1A3A48D0104F8C ] HECI            C:\Windows\system32\DRIVERS\HECI.sys
11:25:45.0316 0x0a30  HECI - ok
11:25:45.0340 0x0a30  [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:25:45.0341 0x0a30  HidBatt - ok
11:25:45.0373 0x0a30  [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:25:45.0375 0x0a30  HidBth - ok
11:25:45.0399 0x0a30  [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:25:45.0401 0x0a30  HidIr - ok
11:25:45.0435 0x0a30  [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv         C:\Windows\System32\hidserv.dll
11:25:45.0437 0x0a30  hidserv - ok
11:25:45.0479 0x0a30  [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb          C:\Windows\system32\drivers\hidusb.sys
11:25:45.0480 0x0a30  HidUsb - ok
11:25:45.0515 0x0a30  [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:25:45.0519 0x0a30  hkmsvc - ok
11:25:45.0543 0x0a30  [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:25:45.0548 0x0a30  HomeGroupListener - ok
11:25:45.0591 0x0a30  [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:25:45.0596 0x0a30  HomeGroupProvider - ok
11:25:45.0634 0x0a30  [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:25:45.0636 0x0a30  HpSAMD - ok
11:25:45.0673 0x0a30  [ 871917B07A141BFF43D76D8844D48106, 30C702008D0EE57D63F74864967DD19A55A268E77E42B5B3CC73037AD51D2987 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:25:45.0683 0x0a30  HTTP - ok
11:25:45.0717 0x0a30  [ 22A4B14530194FC57C1C849FB5AFEE17, FCE7B5E3FF9DD3B465D77EC16E46F0AEF5C4CECE0A8F8CCC928183FC8ACB4B13 ] huawei_enumerator C:\Windows\system32\DRIVERS\ew_jubusenum.sys
11:25:45.0720 0x0a30  huawei_enumerator - ok
11:25:45.0739 0x0a30  [ 0B3957226EC94B1ECB7B9348BB535A23, 5EAB9E01DE61D463FD1CD425C5A9ADD3DED53744291E72D5E70077000DF05374 ] hwdatacard      C:\Windows\system32\DRIVERS\ewusbmdm.sys
11:25:45.0742 0x0a30  hwdatacard - ok
11:25:45.0765 0x0a30  [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:25:45.0766 0x0a30  hwpolicy - ok
11:25:45.0814 0x0a30  [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:25:45.0816 0x0a30  i8042prt - ok
11:25:45.0867 0x0a30  [ 26541A068572F650A2FA490726FE81BE, 9D6EF745731D45C4482274BE9C56300BBE8843D6C182F0E5C621AB121DBE371E ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
11:25:45.0875 0x0a30  iaStor - ok
11:25:45.0978 0x0a30  [ 31A0E93CDF29007D6C6FFFB632F375ED, CA464928E9868B9A09C324DBBC8DA41A01C5C486B43578FC695250D523DE555B ] IAStorDataMgrSvc C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:25:45.0979 0x0a30  IAStorDataMgrSvc - ok
11:25:46.0033 0x0a30  [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:25:46.0040 0x0a30  iaStorV - ok
11:25:46.0125 0x0a30  [ C521D7EB6497BB1AF6AFA89E322FB43C, BDDCFCBB5B76A9295669B5AC9F732D6127199ED5C300770B554C4E4794F66BB7 ] idsvc           C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
11:25:46.0143 0x0a30  idsvc - ok
11:25:46.0159 0x0a30  IEEtwCollectorService - ok
11:25:46.0536 0x0a30  [ 40F8A0F85BCE94F766808AEEE8F96FA8, 7D80BA9501F42CD5B41337F7C69B8CD7E57D1EC1C516ECAC2002DF66A8826C78 ] igfx            C:\Windows\system32\DRIVERS\igdkmd32.sys
11:25:46.0753 0x0a30  igfx - ok
11:25:46.0803 0x0a30  [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:25:46.0804 0x0a30  iirsp - ok
11:25:46.0846 0x0a30  [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT          C:\Windows\System32\ikeext.dll
11:25:46.0861 0x0a30  IKEEXT - ok
11:25:46.0922 0x0a30  [ E3C36AC5AE87EC970AE8EA2A93D59AE1, 8403A5243DF38EFC35A0200760EC081E42467744AF25A1F2168D5A8198AF6A5B ] Impcd           C:\Windows\system32\DRIVERS\Impcd.sys
11:25:46.0925 0x0a30  Impcd - ok
11:25:46.0981 0x0a30  [ D6782400E92C62ED2BF3AF8ED4753738, F393DED20A7F3E53BEBD832CD3158B539879B7E7E9DA3F94D64215072A5B050E ] InputFilter_Hid_FlexDef2b C:\Windows\system32\DRIVERS\InputFilter_FlexDef2b.sys
11:25:46.0982 0x0a30  InputFilter_Hid_FlexDef2b - ok
11:25:47.0113 0x0a30  [ ACEC5BBEE4AA34D74BE0E2E512CC2026, DBE4672B0ABA876FBE51EF36CA0AF1EABD00F793984E9A2A90C2A757E7953C34 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
11:25:47.0175 0x0a30  IntcAzAudAddService - ok
11:25:47.0248 0x0a30  [ AF6D1E38BCE11DABA4C01D6A6DE94410, 0913444FE63FF47C99A3F002368C05574DE9AE7973CA5832FFC6C88F9F12B574 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:25:47.0254 0x0a30  IntcDAud - ok
11:25:47.0290 0x0a30  [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:25:47.0291 0x0a30  intelide - ok
11:25:47.0321 0x0a30  [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:25:47.0323 0x0a30  intelppm - ok
11:25:47.0351 0x0a30  [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:25:47.0355 0x0a30  IPBusEnum - ok
11:25:47.0376 0x0a30  [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:25:47.0378 0x0a30  IpFilterDriver - ok
11:25:47.0426 0x0a30  [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:25:47.0437 0x0a30  iphlpsvc - ok
11:25:47.0462 0x0a30  [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:25:47.0464 0x0a30  IPMIDRV - ok
11:25:47.0514 0x0a30  [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:25:47.0517 0x0a30  IPNAT - ok
11:25:47.0544 0x0a30  [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:25:47.0545 0x0a30  IRENUM - ok
11:25:47.0612 0x0a30  [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:25:47.0614 0x0a30  isapnp - ok
11:25:47.0668 0x0a30  [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:25:47.0674 0x0a30  iScsiPrt - ok
11:25:47.0709 0x0a30  [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
11:25:47.0711 0x0a30  kbdclass - ok
11:25:47.0791 0x0a30  [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
11:25:47.0792 0x0a30  kbdhid - ok
11:25:47.0802 0x0a30  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] KeyIso          C:\Windows\system32\lsass.exe
11:25:47.0804 0x0a30  KeyIso - ok
11:25:47.0851 0x0a30  [ F286830298323272260332D6ABC905C1, FF4CD182A95CA53119B228690D682EE9214BE131A0DBCB09B6189FBEBBFF902C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:25:47.0853 0x0a30  KSecDD - ok
11:25:47.0871 0x0a30  [ D7C760D57B1656DD748B9E4AB6CB5A51, F8AE4185A6A9F7005DEFF1FDC03F395C6189825B482B8C650637FD29DE93AB68 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:25:47.0875 0x0a30  KSecPkg - ok
11:25:47.0903 0x0a30  [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:25:47.0911 0x0a30  KtmRm - ok
11:25:47.0944 0x0a30  [ 4566FD5F4416E7FEF3600E4B30D086C3, 8AF3E81D4BFE974D7419D1C7EFA7D2910AEA38A44C932A5EC83DAAAD995B7AB7 ] L1C             C:\Windows\system32\DRIVERS\L1C62x86.sys
11:25:47.0946 0x0a30  L1C - ok
11:25:47.0978 0x0a30  [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:25:47.0984 0x0a30  LanmanServer - ok
11:25:48.0034 0x0a30  [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:25:48.0039 0x0a30  LanmanWorkstation - ok
11:25:48.0095 0x0a30  [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:25:48.0097 0x0a30  lltdio - ok
11:25:48.0137 0x0a30  [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:25:48.0142 0x0a30  lltdsvc - ok
11:25:48.0160 0x0a30  [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:25:48.0162 0x0a30  lmhosts - ok
11:25:48.0231 0x0a30  [ 1E2F802846EB944E0333EFEE7C9532A8, 86EB59BF238E3DB8AF9E379B0BAE5AEC734C15598E665062B2E19C0A58BEF783 ] LMS             C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:25:48.0237 0x0a30  LMS - ok
11:25:48.0264 0x0a30  [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:25:48.0266 0x0a30  LSI_FC - ok
11:25:48.0299 0x0a30  [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:25:48.0302 0x0a30  LSI_SAS - ok
11:25:48.0330 0x0a30  [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:25:48.0331 0x0a30  LSI_SAS2 - ok
11:25:48.0352 0x0a30  [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:25:48.0355 0x0a30  LSI_SCSI - ok
11:25:48.0385 0x0a30  [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:25:48.0388 0x0a30  luafv - ok
11:25:48.0433 0x0a30  [ 4470E3C1E0C3378E4CAB137893C12C3A, CA8E66356F0E671D5454E561E7EAD74DE25DCF53BE452369F96ECACFA8709489 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
11:25:48.0434 0x0a30  MBAMProtector - ok
11:25:48.0495 0x0a30  [ 65085456FD9A74D7F1A999520C299ECB, EA564BC913EF1B8A4CAA9242FC70F525B68CF1F3CA462F63B0B7215B93FE8530 ] MBAMScheduler   C:\Program Files\Malwarebytes' Anti-Malware\mbamscheduler.exe
11:25:48.0505 0x0a30  MBAMScheduler - ok
11:25:48.0545 0x0a30  [ E0D7732F2D2E24B2DB3F67B6750295B8, AA5CA86AF1ACEC900F60339016B3DC55472DB40ADB99186005A7ABE67B7D66FC ] MBAMService     C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
11:25:48.0560 0x0a30  MBAMService - ok
11:25:48.0589 0x0a30  [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
11:25:48.0592 0x0a30  Mcx2Svc - ok
11:25:48.0618 0x0a30  [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:25:48.0620 0x0a30  megasas - ok
11:25:48.0662 0x0a30  [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:25:48.0668 0x0a30  MegaSR - ok
11:25:48.0690 0x0a30  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS           C:\Windows\system32\mmcss.dll
11:25:48.0693 0x0a30  MMCSS - ok
11:25:48.0782 0x0a30  [ BDF2879EF9786B84BD99C243EF4883FB, 61E1BF6EE171055EEF10AE941C55504CA4C4840FD02FF0B7D3D148451C172198 ] mod7700         C:\Windows\system32\DRIVERS\mod7700.sys
11:25:48.0799 0x0a30  mod7700 - ok
11:25:48.0828 0x0a30  [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem           C:\Windows\system32\drivers\modem.sys
11:25:48.0829 0x0a30  Modem - ok
11:25:48.0886 0x0a30  [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:25:48.0887 0x0a30  monitor - ok
11:25:48.0915 0x0a30  [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:25:48.0916 0x0a30  mouclass - ok
11:25:48.0978 0x0a30  [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:25:48.0980 0x0a30  mouhid - ok
11:25:49.0039 0x0a30  [ FC8771F45ECCCFD89684E38842539B9B, 806DDF2B4830CA866582FE74A521BB7DF26CA0E19013DAF584D3677FB48CC77A ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:25:49.0042 0x0a30  mountmgr - ok
11:25:49.0111 0x0a30  [ AEE4E9CC59CDEB55B1ECB0E596E796BE, 674F6F38D86D238AFD6223E03A862F8B43DD8499FBC2D4B7A04E510EC5EACF3B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
11:25:49.0114 0x0a30  MozillaMaintenance - ok
11:25:49.0135 0x0a30  [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:25:49.0138 0x0a30  mpio - ok
11:25:49.0174 0x0a30  [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:25:49.0176 0x0a30  mpsdrv - ok
11:25:49.0228 0x0a30  [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:25:49.0241 0x0a30  MpsSvc - ok
11:25:49.0270 0x0a30  [ 21F4B24ACFC79A483515BD986DD9043F, 22681907E02E0B723ABE2CEF0602D36C8EF862E7E2B62A9B40A5EF582E58D7BA ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:25:49.0273 0x0a30  MRxDAV - ok
11:25:49.0296 0x0a30  [ 5D16C921E3671636C0EBA3BBAAC5FD25, 5BC107B95CAFC88F51FBB9F657B99944B20627A2B618F263093D7045E4FFD65C ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:25:49.0300 0x0a30  mrxsmb - ok
11:25:49.0326 0x0a30  [ 6D17A4791ACA19328C685D256349FEFC, 012AA3D84EEAAF53780D06D2D11B9727DFC3441F3FAD75BC9E751FB814403668 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:25:49.0331 0x0a30  mrxsmb10 - ok
11:25:49.0353 0x0a30  [ B81F204D146000BE76651A50670A5E9E, 78193D0F967BE9829E53F9B500342934B4B1E1F4CEFC444382959E2061BC3B17 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:25:49.0356 0x0a30  mrxsmb20 - ok
11:25:49.0388 0x0a30  [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:25:49.0390 0x0a30  msahci - ok
11:25:49.0438 0x0a30  [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:25:49.0441 0x0a30  msdsm - ok
11:25:49.0458 0x0a30  [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC           C:\Windows\System32\msdtc.exe
11:25:49.0463 0x0a30  MSDTC - ok
11:25:49.0487 0x0a30  [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:25:49.0488 0x0a30  Msfs - ok
11:25:49.0502 0x0a30  [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:25:49.0503 0x0a30  mshidkmdf - ok
11:25:49.0532 0x0a30  [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:25:49.0533 0x0a30  msisadrv - ok
11:25:49.0575 0x0a30  [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:25:49.0579 0x0a30  MSiSCSI - ok
11:25:49.0583 0x0a30  msiserver - ok
11:25:49.0622 0x0a30  [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:25:49.0623 0x0a30  MSKSSRV - ok
11:25:49.0631 0x0a30  [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:25:49.0632 0x0a30  MSPCLOCK - ok
11:25:49.0637 0x0a30  [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:25:49.0638 0x0a30  MSPQM - ok
11:25:49.0658 0x0a30  [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:25:49.0662 0x0a30  MsRPC - ok
11:25:49.0669 0x0a30  [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:25:49.0670 0x0a30  mssmbios - ok
11:25:49.0685 0x0a30  [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:25:49.0686 0x0a30  MSTEE - ok
11:25:49.0714 0x0a30  [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:25:49.0715 0x0a30  MTConfig - ok
11:25:49.0729 0x0a30  [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup             C:\Windows\system32\Drivers\mup.sys
11:25:49.0731 0x0a30  Mup - ok
11:25:49.0760 0x0a30  [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent        C:\Windows\system32\qagentRT.dll
11:25:49.0768 0x0a30  napagent - ok
11:25:49.0821 0x0a30  [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:25:49.0827 0x0a30  NativeWifiP - ok
11:25:49.0892 0x0a30  [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:25:49.0906 0x0a30  NDIS - ok
11:25:49.0917 0x0a30  [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:25:49.0919 0x0a30  NdisCap - ok
11:25:49.0951 0x0a30  [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:25:49.0952 0x0a30  NdisTapi - ok
11:25:49.0985 0x0a30  [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:25:49.0986 0x0a30  Ndisuio - ok
11:25:50.0025 0x0a30  [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:25:50.0028 0x0a30  NdisWan - ok
11:25:50.0052 0x0a30  [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:25:50.0054 0x0a30  NDProxy - ok
11:25:50.0077 0x0a30  [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:25:50.0079 0x0a30  NetBIOS - ok
11:25:50.0153 0x0a30  [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:25:50.0157 0x0a30  NetBT - ok
11:25:50.0165 0x0a30  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] Netlogon        C:\Windows\system32\lsass.exe
11:25:50.0167 0x0a30  Netlogon - ok
11:25:50.0203 0x0a30  [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman          C:\Windows\System32\netman.dll
11:25:50.0211 0x0a30  Netman - ok
11:25:50.0260 0x0a30  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:25:50.0264 0x0a30  NetMsmqActivator - ok
11:25:50.0284 0x0a30  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:25:50.0288 0x0a30  NetPipeActivator - ok
11:25:50.0316 0x0a30  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm        C:\Windows\System32\netprofm.dll
11:25:50.0325 0x0a30  netprofm - ok
11:25:50.0332 0x0a30  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:25:50.0336 0x0a30  NetTcpActivator - ok
11:25:50.0343 0x0a30  [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
11:25:50.0346 0x0a30  NetTcpPortSharing - ok
11:25:50.0388 0x0a30  [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:25:50.0389 0x0a30  nfrd960 - ok
11:25:50.0422 0x0a30  [ 374071043F9E4231EE43BE2BB48DD36D, C4FA3FC40CC49DBBB91901D14210A55D3831FAC9F9B3FF45FCA7F5CF242C9E92 ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:25:50.0429 0x0a30  NlaSvc - ok
11:25:50.0449 0x0a30  [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:25:50.0450 0x0a30  Npfs - ok
11:25:50.0494 0x0a30  [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi             C:\Windows\system32\nsisvc.dll
11:25:50.0497 0x0a30  nsi - ok
11:25:50.0506 0x0a30  [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:25:50.0507 0x0a30  nsiproxy - ok
11:25:50.0593 0x0a30  [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:25:50.0618 0x0a30  Ntfs - ok
11:25:50.0631 0x0a30  [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null            C:\Windows\system32\drivers\Null.sys
11:25:50.0632 0x0a30  Null - ok
11:25:50.0672 0x0a30  [ 03AD379554B50FA1802BE4EC2E291E92, DCF2B5DB1C8BDF2473E454F974EA6445C3EEC111252D859EC2EC3F6833390271 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
11:25:50.0675 0x0a30  nusb3hub - ok
11:25:50.0716 0x0a30  [ 06FE87C9D181AF5F04D192E604E10E6C, 27BBB521C68EAD123117DCD1DEA7436833EC0CFB62F6B6A5AC12E5A2996C7595 ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:25:50.0720 0x0a30  nusb3xhc - ok
11:25:51.0059 0x0a30  [ 011C6E2E44A36ED7ACB57FD6197F0516, 5CD3414659461DD028EFBDD5734B7F1343B362CB5FB250C4EBAD169AF4E8AC9B ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
11:25:51.0264 0x0a30  nvlddmkm - ok
11:25:51.0325 0x0a30  [ 47188871F2A151746A93DEEF0DBC26D9, B593E41E4490D08A823F4722476E63797876563EF46E0A7C695C66CFDD1B50E2 ] nvpciflt        C:\Windows\system32\DRIVERS\nvpciflt.sys
11:25:51.0326 0x0a30  nvpciflt - ok
11:25:51.0357 0x0a30  [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:25:51.0360 0x0a30  nvraid - ok
11:25:51.0377 0x0a30  [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:25:51.0380 0x0a30  nvstor - ok
11:25:51.0412 0x0a30  [ 07428D1C6FA4011085E8610AA37769E5, E64FF250B5CF5A89A4958D92445F44F9AE9B006A16334CB0CCC41216D5540E2A ] nvsvc           C:\Windows\system32\nvvsvc.exe
11:25:51.0417 0x0a30  nvsvc - ok
11:25:51.0525 0x0a30  [ 6CC0B075295589730917B17ECBBCB6B3, E24DE98B499261F9FCF64239231873BC95E5ED1BD2B6B2E2B972C87222E85C6B ] nvUpdatusService C:\Program Files\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe
11:25:51.0557 0x0a30  nvUpdatusService - ok
11:25:51.0606 0x0a30  [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:25:51.0610 0x0a30  nv_agp - ok
11:25:51.0645 0x0a30  [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:25:51.0647 0x0a30  ohci1394 - ok
11:25:51.0681 0x0a30  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:25:51.0688 0x0a30  p2pimsvc - ok
11:25:51.0727 0x0a30  [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc          C:\Windows\system32\p2psvc.dll
11:25:51.0735 0x0a30  p2psvc - ok
11:25:51.0756 0x0a30  [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:25:51.0758 0x0a30  Parport - ok
11:25:51.0781 0x0a30  [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:25:51.0783 0x0a30  partmgr - ok
11:25:51.0800 0x0a30  [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm          C:\Windows\system32\DRIVERS\parvdm.sys
11:25:51.0801 0x0a30  Parvdm - ok
11:25:51.0824 0x0a30  [ 358AB7956D3160000726574083DFC8A6, 6CAFD4D1B8AB8C1D167ADC018985DDAB5AC2CBFFB3434FE6390F14AF50C19025 ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:25:51.0829 0x0a30  PcaSvc - ok
11:25:51.0868 0x0a30  [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci             C:\Windows\system32\drivers\pci.sys
11:25:51.0872 0x0a30  pci - ok
11:25:51.0904 0x0a30  [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:25:51.0906 0x0a30  pciide - ok
11:25:51.0941 0x0a30  [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:25:51.0945 0x0a30  pcmcia - ok
11:25:51.0973 0x0a30  [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:25:51.0974 0x0a30  pcw - ok
11:25:52.0013 0x0a30  [ 9E0104BA49F4E6973749A02BF41344ED, B32F39F38DB48D77FBA884DEE34112BAB81CCEF5DD2EAAA12D9589D73D2BB116 ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:25:52.0025 0x0a30  PEAUTH - ok
11:25:52.0116 0x0a30  [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla             C:\Windows\system32\pla.dll
11:25:52.0147 0x0a30  pla - ok
11:25:52.0190 0x0a30  [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:25:52.0198 0x0a30  PlugPlay - ok
11:25:52.0221 0x0a30  [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:25:52.0223 0x0a30  PNRPAutoReg - ok
11:25:52.0255 0x0a30  [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:25:52.0262 0x0a30  PNRPsvc - ok
11:25:52.0325 0x0a30  [ 60A044879C4FA76314494F5FDDC43B93, BA0823D17F6A1A60AC24A6BDB9A4357FDB5880E886B6ABC3E66C6760C409830E ] Point32         C:\Windows\system32\DRIVERS\point32.sys
11:25:52.0327 0x0a30  Point32 - ok
11:25:52.0365 0x0a30  [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:25:52.0374 0x0a30  PolicyAgent - ok
11:25:52.0413 0x0a30  [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power           C:\Windows\system32\umpo.dll
11:25:52.0418 0x0a30  Power - ok
11:25:52.0465 0x0a30  [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:25:52.0467 0x0a30  PptpMiniport - ok
11:25:52.0491 0x0a30  [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:25:52.0492 0x0a30  Processor - ok
11:25:52.0525 0x0a30  [ CADEFAC453040E370A1BDFF3973BE00D, 2E3DD8DA702468D8AB0F3CE27188B1991D4CB015FB36BAE4C6E7996B61CF49B8 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:25:52.0531 0x0a30  ProfSvc - ok
11:25:52.0539 0x0a30  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:25:52.0541 0x0a30  ProtectedStorage - ok
11:25:52.0565 0x0a30  [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:25:52.0568 0x0a30  Psched - ok
11:25:52.0620 0x0a30  [ A6A7AD767BF5141665F5C675F671B3E1, 11D43F732C3B82679E53516F83E675B60B0EFEDE3F4EE3C42AC752AD8D5155AF ] PSI_SVC_2       c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
11:25:52.0625 0x0a30  PSI_SVC_2 - ok
11:25:52.0665 0x0a30  [ C50DE6D0C04B230F185A13FDE0F047FA, DB31599822CA47BBB86F632E57C6DF5EFF6B01FEF60D2F65D0AB0F5E17888509 ] pwdrvio         C:\Windows\system32\pwdrvio.sys
11:25:52.0668 0x0a30  pwdrvio - ok
11:25:52.0681 0x0a30  [ CDC5704308222400AD606BCF87B006A5, BF5E05089DB72415E986D874812C30E21722EE365F07D9CAF5DEC94978EA6245 ] pwdspio         C:\Windows\system32\pwdspio.sys
11:25:52.0684 0x0a30  pwdspio - ok
11:25:52.0749 0x0a30  [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:25:52.0776 0x0a30  ql2300 - ok
11:25:52.0809 0x0a30  [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:25:52.0812 0x0a30  ql40xx - ok
11:25:52.0851 0x0a30  [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE           C:\Windows\system32\qwave.dll
11:25:52.0857 0x0a30  QWAVE - ok
11:25:52.0876 0x0a30  [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:25:52.0877 0x0a30  QWAVEdrv - ok
11:25:52.0929 0x0a30  [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr         C:\Windows\WindowsMobile\rapimgr.dll
11:25:52.0933 0x0a30  RapiMgr - ok
11:25:52.0943 0x0a30  [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:25:52.0944 0x0a30  RasAcd - ok
11:25:52.0961 0x0a30  [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:25:52.0963 0x0a30  RasAgileVpn - ok
11:25:52.0980 0x0a30  [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto         C:\Windows\System32\rasauto.dll
11:25:52.0984 0x0a30  RasAuto - ok
11:25:53.0012 0x0a30  [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:25:53.0014 0x0a30  Rasl2tp - ok
11:25:53.0065 0x0a30  [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan          C:\Windows\System32\rasmans.dll
11:25:53.0074 0x0a30  RasMan - ok
11:25:53.0094 0x0a30  [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:25:53.0097 0x0a30  RasPppoe - ok
11:25:53.0113 0x0a30  [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:25:53.0116 0x0a30  RasSstp - ok
11:25:53.0147 0x0a30  [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:25:53.0153 0x0a30  rdbss - ok
11:25:53.0164 0x0a30  [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:25:53.0166 0x0a30  rdpbus - ok
11:25:53.0195 0x0a30  [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:25:53.0196 0x0a30  RDPCDD - ok
11:25:53.0235 0x0a30  [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:25:53.0236 0x0a30  RDPENCDD - ok
11:25:53.0251 0x0a30  [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:25:53.0252 0x0a30  RDPREFMP - ok
11:25:53.0319 0x0a30  [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:25:53.0320 0x0a30  RdpVideoMiniport - ok
11:25:53.0342 0x0a30  [ F031683E6D1FEA157ABB2FF260B51E61, 83B552819A5964152882C527E1421DBCEAACC74DEB897E3C4B53F52F1467FED3 ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:25:53.0347 0x0a30  RDPWD - ok
11:25:53.0392 0x0a30  [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:25:53.0396 0x0a30  rdyboost - ok
11:25:53.0436 0x0a30  [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:25:53.0439 0x0a30  RemoteAccess - ok
11:25:53.0468 0x0a30  [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:25:53.0473 0x0a30  RemoteRegistry - ok
11:25:53.0485 0x0a30  [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:25:53.0489 0x0a30  RpcEptMapper - ok
11:25:53.0515 0x0a30  [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator      C:\Windows\system32\locator.exe
11:25:53.0517 0x0a30  RpcLocator - ok
11:25:53.0557 0x0a30  [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs           C:\Windows\system32\rpcss.dll
11:25:53.0567 0x0a30  RpcSs - ok
11:25:53.0614 0x0a30  [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:25:53.0616 0x0a30  rspndr - ok
11:25:53.0666 0x0a30  [ 0340A381B920A6E68178B832889F33F8, 725B829D44AF88EBB404DA8E62679F0A412AF15EB5E5B2A60344A44E3BDA1B92 ] RSUSBSTOR       C:\Windows\System32\Drivers\RtsUStor.sys
11:25:53.0671 0x0a30  RSUSBSTOR - ok
11:25:53.0745 0x0a30  [ 7DFD48E24479B68B258D8770121155A0, 3B5F7309403C46855DB888CF2058B07C9029690DBC7FB3224BAC7BE5547D2D57 ] RTL8167         C:\Windows\system32\DRIVERS\Rt86win7.sys
11:25:53.0749 0x0a30  RTL8167 - ok
11:25:53.0863 0x0a30  [ B5E9979FBB26FC059BD87A81F763D5DA, 1EE2FB1CB2F86FBE1589ACE3542E0003CC88499406A3EF37073CCA45651F493D ] rtl8192se       C:\Windows\system32\DRIVERS\rtl8192se.sys
11:25:53.0883 0x0a30  rtl8192se - ok
11:25:53.0899 0x0a30  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] SamSs           C:\Windows\system32\lsass.exe
11:25:53.0901 0x0a30  SamSs - ok
11:25:53.0935 0x0a30  [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:25:53.0937 0x0a30  sbp2port - ok
11:25:53.0987 0x0a30  [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:25:53.0992 0x0a30  SCardSvr - ok
11:25:54.0053 0x0a30  [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:25:54.0054 0x0a30  scfilter - ok
11:25:54.0239 0x0a30  [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule        C:\Windows\system32\schedsvc.dll
11:25:54.0256 0x0a30  Schedule - ok
11:25:54.0279 0x0a30  [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:25:54.0281 0x0a30  SCPolicySvc - ok
11:25:54.0319 0x0a30  [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:25:54.0323 0x0a30  SDRSVC - ok
11:25:54.0427 0x0a30  [ 43D29ECB8137EEAE30B0970BBC7A5500, 74A5F1136310CBE5B650C5CE4F3EE75042F7A2D48CFA766CF3D8846FA10A4CF1 ] SDScannerService C:\Program Files\Spybot - Search & Destroy 2\SDFSSvc.exe
11:25:54.0450 0x0a30  SDScannerService - ok
11:25:54.0541 0x0a30  [ 6B859B122E85C2C833E6D8C5DC4B07F3, 07421CCBB9345F2868188F283E9E7BBBB8E6EAC9DBB73552D45DFEF2BF7D5812 ] SDUpdateService C:\Program Files\Spybot - Search & Destroy 2\SDUpdSvc.exe
11:25:54.0568 0x0a30  SDUpdateService - ok
11:25:54.0604 0x0a30  [ 92C58389ECAB46B7A47C7FB6A8CF5526, 0E9E433E1AF19E695F0AE77ADA7D52A64FF668C06AF21FD360F28C2416B8D3B3 ] SDWSCService    C:\Program Files\Spybot - Search & Destroy 2\SDWSCSvc.exe
11:25:54.0608 0x0a30  SDWSCService - ok
11:25:54.0644 0x0a30  [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:25:54.0645 0x0a30  secdrv - ok
11:25:54.0682 0x0a30  [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon        C:\Windows\system32\seclogon.dll
11:25:54.0684 0x0a30  seclogon - ok
11:25:54.0700 0x0a30  [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS            C:\Windows\system32\sens.dll
11:25:54.0703 0x0a30  SENS - ok
11:25:54.0714 0x0a30  [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:25:54.0717 0x0a30  SensrSvc - ok
11:25:54.0749 0x0a30  [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:25:54.0750 0x0a30  Serenum - ok
11:25:54.0772 0x0a30  [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:25:54.0775 0x0a30  Serial - ok
11:25:54.0792 0x0a30  [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:25:54.0793 0x0a30  sermouse - ok
11:25:54.0829 0x0a30  [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv      C:\Windows\system32\sessenv.dll
11:25:54.0834 0x0a30  SessionEnv - ok
11:25:54.0859 0x0a30  [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:25:54.0860 0x0a30  sffdisk - ok
11:25:54.0877 0x0a30  [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:25:54.0878 0x0a30  sffp_mmc - ok
11:25:54.0896 0x0a30  [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:25:54.0897 0x0a30  sffp_sd - ok
11:25:54.0920 0x0a30  [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:25:54.0921 0x0a30  sfloppy - ok
11:25:54.0971 0x0a30  [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:25:54.0980 0x0a30  SharedAccess - ok
11:25:55.0000 0x0a30  [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:25:55.0009 0x0a30  ShellHWDetection - ok
11:25:55.0049 0x0a30  [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp          C:\Windows\system32\drivers\sisagp.sys
11:25:55.0051 0x0a30  sisagp - ok
11:25:55.0101 0x0a30  [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:25:55.0103 0x0a30  SiSRaid2 - ok
11:25:55.0157 0x0a30  [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:25:55.0160 0x0a30  SiSRaid4 - ok
11:25:55.0255 0x0a30  [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate     C:\Program Files\Skype\Updater\Updater.exe
11:25:55.0261 0x0a30  SkypeUpdate - ok
11:25:55.0282 0x0a30  [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:25:55.0285 0x0a30  Smb - ok
11:25:55.0321 0x0a30  [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:25:55.0323 0x0a30  SNMPTRAP - ok
11:25:55.0339 0x0a30  [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:25:55.0340 0x0a30  spldr - ok
11:25:55.0386 0x0a30  [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler         C:\Windows\System32\spoolsv.exe
11:25:55.0394 0x0a30  Spooler - ok
11:25:55.0499 0x0a30  [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc          C:\Windows\system32\sppsvc.exe
11:25:55.0563 0x0a30  sppsvc - ok
11:25:55.0616 0x0a30  [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:25:55.0620 0x0a30  sppuinotify - ok
11:25:55.0659 0x0a30  [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:25:55.0666 0x0a30  srv - ok
11:25:55.0683 0x0a30  [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:25:55.0690 0x0a30  srv2 - ok
11:25:55.0709 0x0a30  [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:25:55.0712 0x0a30  srvnet - ok
11:25:55.0746 0x0a30  [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:25:55.0752 0x0a30  SSDPSRV - ok
11:25:55.0797 0x0a30  [ A36EE93698802CD899F98BFD553D8185, 224CFED921EA230FF8025D259E34968FD2C0FD34BB3A918FB4B9B8BA42BEA5D3 ] ssmdrv          C:\Windows\system32\DRIVERS\ssmdrv.sys
11:25:55.0798 0x0a30  ssmdrv - ok
11:25:55.0820 0x0a30  [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:25:55.0824 0x0a30  SstpSvc - ok
11:25:55.0900 0x0a30  [ 2F3B5A3567FFB343D8867C3D34C687F1, D01971412506746B2EA1CBB0ACF9472889ABBC23318C1332BEC9C8256011183E ] Steam Client Service C:\Program Files\Common Files\Steam\SteamService.exe
11:25:55.0911 0x0a30  Steam Client Service - ok
11:25:55.0965 0x0a30  [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:25:55.0967 0x0a30  stexstor - ok
11:25:56.0018 0x0a30  [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc          C:\Windows\System32\wiaservc.dll
11:25:56.0030 0x0a30  StiSvc - ok
11:25:56.0056 0x0a30  [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:25:56.0057 0x0a30  swenum - ok
11:25:56.0081 0x0a30  [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv           C:\Windows\System32\swprv.dll
11:25:56.0090 0x0a30  swprv - ok
11:25:56.0160 0x0a30  [ D776EB85A20696D9D43129CCF6E703E2, F4C16C6EE09DA173A8FE3FD85E3F81E68AB4FF66D996FA3CCC47989052DD69C2 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
11:25:56.0166 0x0a30  SynTP - ok
11:25:56.0218 0x0a30  [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain         C:\Windows\system32\sysmain.dll
11:25:56.0244 0x0a30  SysMain - ok
11:25:56.0273 0x0a30  [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
11:25:56.0277 0x0a30  TabletInputService - ok
11:25:56.0334 0x0a30  [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:25:56.0342 0x0a30  TapiSrv - ok
11:25:56.0392 0x0a30  [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS             C:\Windows\System32\tbssvc.dll
11:25:56.0398 0x0a30  TBS - ok
11:25:56.0493 0x0a30  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:25:56.0520 0x0a30  Tcpip - ok
11:25:56.0571 0x0a30  [ CA59F7C570AF70BC174F477CFE2D9EE3, F09E4E14207A2AC6957D2C0AC8707D0E356A9087FA6DC703373242D8EEB026BD ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:25:56.0597 0x0a30  TCPIP6 - ok
11:25:56.0628 0x0a30  [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:25:56.0630 0x0a30  tcpipreg - ok
11:25:56.0658 0x0a30  [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:25:56.0660 0x0a30  TDPIPE - ok
11:25:56.0683 0x0a30  [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:25:56.0684 0x0a30  TDTCP - ok
11:25:56.0717 0x0a30  [ B459575348C20E8121D6039DA063C704, 1B4328A9EA39FF5A57F258E02254D04B73455F1DF7C997C13702A8B2F12D0347 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:25:56.0720 0x0a30  tdx - ok
11:25:56.0749 0x0a30  [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:25:56.0751 0x0a30  TermDD - ok
11:25:56.0795 0x0a30  [ 382C804C92811BE57829D8E550A900E2, 5F52C2E7902024CF1C9CC0069F411C3F19CCA3DB209F437FA0F3932D4898EB50 ] TermService     C:\Windows\System32\termsrv.dll
11:25:56.0808 0x0a30  TermService - ok
11:25:56.0830 0x0a30  [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes          C:\Windows\system32\themeservice.dll
11:25:56.0834 0x0a30  Themes - ok
11:25:56.0852 0x0a30  [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER     C:\Windows\system32\mmcss.dll
11:25:56.0854 0x0a30  THREADORDER - ok
11:25:56.0898 0x0a30  [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks          C:\Windows\System32\trkwks.dll
11:25:56.0903 0x0a30  TrkWks - ok
11:25:56.0950 0x0a30  [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:25:56.0955 0x0a30  TrustedInstaller - ok
11:25:56.0970 0x0a30  [ B37B08F2E5EEB1A37E448E09BACE1101, 32CC9E06B88BAB6FAB4696B744548DFCE9199A7FD2BA8B019F269CA75895852C ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:25:56.0972 0x0a30  tssecsrv - ok
11:25:57.0015 0x0a30  [ 9CE253214ACAA5A7D323327D2055EFAA, 15E7DB578EDF36DD2FD5BA960C3941B2353037323B6B96702CDCDC07588EA724 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:25:57.0017 0x0a30  TsUsbFlt - ok
11:25:57.0079 0x0a30  [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:25:57.0082 0x0a30  tunnel - ok
11:25:57.0131 0x0a30  [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:25:57.0133 0x0a30  uagp35 - ok
11:25:57.0153 0x0a30  [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:25:57.0159 0x0a30  udfs - ok
11:25:57.0191 0x0a30  [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:25:57.0195 0x0a30  UI0Detect - ok
11:25:57.0243 0x0a30  [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:25:57.0245 0x0a30  uliagpkx - ok
11:25:57.0256 0x0a30  [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:25:57.0258 0x0a30  umbus - ok
11:25:57.0284 0x0a30  [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:25:57.0285 0x0a30  UmPass - ok
11:25:57.0413 0x0a30  [ AF905F4966CFC8B973623AB150CD4B2B, E1BF0481A584C10AE4A927A01A1E6B76036C18FAF7AB38D9B78641F5808D9888 ] UNS             C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:25:57.0459 0x0a30  UNS - ok
11:25:57.0496 0x0a30  [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost        C:\Windows\System32\upnphost.dll
11:25:57.0504 0x0a30  upnphost - ok
11:25:57.0533 0x0a30  [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:25:57.0536 0x0a30  usbccgp - ok
11:25:57.0578 0x0a30  [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:25:57.0581 0x0a30  usbcir - ok
11:25:57.0628 0x0a30  [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci         C:\Windows\system32\drivers\usbehci.sys
11:25:57.0630 0x0a30  usbehci - ok
11:25:57.0698 0x0a30  [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
11:25:57.0704 0x0a30  usbhub - ok
11:25:57.0733 0x0a30  [ 9828C8D14CC2676421778F0DE638CF97, 479A28211FFB85190A01FAB0283B927588805D2C0CDB03F85F8F814B88E4F453 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:25:57.0734 0x0a30  usbohci - ok
11:25:57.0764 0x0a30  [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:25:57.0765 0x0a30  usbprint - ok
11:25:57.0783 0x0a30  [ FC6B21DB4B5B398AB93DBE59CBF11036, A94094C208F376405C07822A6143001EF1B12AE93205CD8002E87F6EB45F6374 ] usbscan         C:\Windows\system32\drivers\usbscan.sys
11:25:57.0784 0x0a30  usbscan - ok
11:25:57.0805 0x0a30  [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:25:57.0807 0x0a30  USBSTOR - ok
11:25:57.0816 0x0a30  [ 800AABFD625EEFF899F7E5496BDE37AB, 3EB7ED07760CB348FCA9A06C2B838EF79B51A83C5F70A9C9EAAEAE54480067E2 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:25:57.0818 0x0a30  usbuhci - ok
11:25:57.0894 0x0a30  [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
11:25:57.0898 0x0a30  usbvideo - ok
11:25:57.0924 0x0a30  [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms           C:\Windows\System32\uxsms.dll
11:25:57.0928 0x0a30  UxSms - ok
11:25:57.0940 0x0a30  [ 803B370865D907EA21DC0C2B6A8936B5, E98F0BA1D94786E061A3EA2CC76041FF6BE0ADF47C6205D5572C03BF0E29CA78 ] VaultSvc        C:\Windows\system32\lsass.exe
11:25:57.0943 0x0a30  VaultSvc - ok
11:25:57.0991 0x0a30  [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:25:57.0992 0x0a30  vdrvroot - ok
11:25:58.0052 0x0a30  [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds             C:\Windows\System32\vds.exe
11:25:58.0063 0x0a30  vds - ok
11:25:58.0095 0x0a30  [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:25:58.0096 0x0a30  vga - ok
11:25:58.0133 0x0a30  [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:25:58.0135 0x0a30  VgaSave - ok
11:25:58.0176 0x0a30  [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:25:58.0180 0x0a30  vhdmp - ok
11:25:58.0202 0x0a30  [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp          C:\Windows\system32\drivers\viaagp.sys
11:25:58.0203 0x0a30  viaagp - ok
11:25:58.0232 0x0a30  [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7           C:\Windows\system32\DRIVERS\viac7.sys
11:25:58.0234 0x0a30  ViaC7 - ok
11:25:58.0271 0x0a30  [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:25:58.0273 0x0a30  viaide - ok
11:25:58.0304 0x0a30  [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:25:58.0306 0x0a30  volmgr - ok
11:25:58.0328 0x0a30  [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:25:58.0334 0x0a30  volmgrx - ok
11:25:58.0356 0x0a30  [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:25:58.0361 0x0a30  volsnap - ok
11:25:58.0414 0x0a30  [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:25:58.0417 0x0a30  vsmraid - ok
11:25:58.0473 0x0a30  [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS             C:\Windows\system32\vssvc.exe
11:25:58.0495 0x0a30  VSS - ok
11:25:58.0520 0x0a30  [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:25:58.0522 0x0a30  vwifibus - ok
11:25:58.0552 0x0a30  [ 7090D3436EEB4E7DA3373090A23448F7, 3A130B28F2BFA7DCEC8596C4CE4E187B019F5ECF1AAC8DD1BBDE9CBD2428FEC2 ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:25:58.0554 0x0a30  vwififlt - ok
11:25:58.0592 0x0a30  [ A3F04CBEA6C2A10E6CB01F8B47611882, 32AFE18B07FECA30BC95831A5DC94C784E543784DF16165334A777DC84E91EF3 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:25:58.0593 0x0a30  vwifimp - ok
11:25:58.0643 0x0a30  [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time         C:\Windows\system32\w32time.dll
11:25:58.0651 0x0a30  W32Time - ok
11:25:58.0675 0x0a30  [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:25:58.0676 0x0a30  WacomPen - ok
11:25:58.0708 0x0a30  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:25:58.0710 0x0a30  WANARP - ok
11:25:58.0715 0x0a30  [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:25:58.0717 0x0a30  Wanarpv6 - ok
11:25:58.0851 0x0a30  [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:25:58.0878 0x0a30  WatAdminSvc - ok
11:25:58.0943 0x0a30  [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine        C:\Windows\system32\wbengine.exe
11:25:58.0969 0x0a30  wbengine - ok
11:25:59.0001 0x0a30  [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:25:59.0006 0x0a30  WbioSrvc - ok
11:25:59.0093 0x0a30  [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm        C:\Windows\WindowsMobile\wcescomm.dll
11:25:59.0101 0x0a30  WcesComm - ok
11:25:59.0131 0x0a30  [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:25:59.0139 0x0a30  wcncsvc - ok
11:25:59.0156 0x0a30  [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:25:59.0160 0x0a30  WcsPlugInService - ok
11:25:59.0181 0x0a30  [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:25:59.0183 0x0a30  Wd - ok
11:25:59.0222 0x0a30  [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:25:59.0234 0x0a30  Wdf01000 - ok
11:25:59.0269 0x0a30  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:25:59.0273 0x0a30  WdiServiceHost - ok
11:25:59.0278 0x0a30  [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:25:59.0282 0x0a30  WdiSystemHost - ok
11:25:59.0316 0x0a30  [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient       C:\Windows\System32\webclnt.dll
11:25:59.0322 0x0a30  WebClient - ok
11:25:59.0338 0x0a30  [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:25:59.0343 0x0a30  Wecsvc - ok
11:25:59.0354 0x0a30  [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:25:59.0358 0x0a30  wercplsupport - ok
11:25:59.0388 0x0a30  [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc          C:\Windows\System32\WerSvc.dll
11:25:59.0391 0x0a30  WerSvc - ok
11:25:59.0417 0x0a30  [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:25:59.0418 0x0a30  WfpLwf - ok
11:25:59.0433 0x0a30  [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:25:59.0434 0x0a30  WIMMount - ok
11:25:59.0503 0x0a30  [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend       C:\Program Files\Windows Defender\mpsvc.dll
11:25:59.0517 0x0a30  WinDefend - ok
11:25:59.0524 0x0a30  WinHttpAutoProxySvc - ok
11:25:59.0581 0x0a30  [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:25:59.0586 0x0a30  Winmgmt - ok
11:25:59.0650 0x0a30  [ 1B91CD34EA3A90AB6A4EF0550174F4CC, 5B6618615EBFBA594C945AD35F5C68DA8C6053892B6D12D626BB6120910D80DC ] WinRM           C:\Windows\system32\WsmSvc.dll
11:25:59.0676 0x0a30  WinRM - ok
11:25:59.0724 0x0a30  [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WINUSB          C:\Windows\system32\DRIVERS\WinUSB.SYS
11:25:59.0726 0x0a30  WINUSB - ok
11:25:59.0811 0x0a30  [ 4C69A8E2E159C1C59BC4B688E9DD7F8C, 235C7A41425846EFE4966490EB7F72AA768B3FE1665843BF58520DDBD6822A74 ] WisLMSvc        C:\Program Files\Launch Manager\WisLMSvc.exe
11:25:59.0814 0x0a30  WisLMSvc - ok
11:25:59.0861 0x0a30  [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:25:59.0880 0x0a30  Wlansvc - ok
11:25:59.0906 0x0a30  [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:25:59.0907 0x0a30  WmiAcpi - ok
11:25:59.0932 0x0a30  [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:25:59.0935 0x0a30  wmiApSrv - ok
11:26:00.0016 0x0a30  [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
11:26:00.0039 0x0a30  WMPNetworkSvc - ok
11:26:00.0069 0x0a30  [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:26:00.0072 0x0a30  WPCSvc - ok
11:26:00.0115 0x0a30  [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:26:00.0120 0x0a30  WPDBusEnum - ok
11:26:00.0168 0x0a30  [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:26:00.0169 0x0a30  ws2ifsl - ok
11:26:00.0181 0x0a30  [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc          C:\Windows\system32\wscsvc.dll
11:26:00.0185 0x0a30  wscsvc - ok
11:26:00.0189 0x0a30  WSearch - ok
11:26:00.0318 0x0a30  [ FC3EC24FCE372C89423E015A2AC1A31E, 8D028182CF83667D3E4D148979972D208FA6D9B8540EE47A0A7831B770ECD257 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:26:00.0357 0x0a30  wuauserv - ok
11:26:00.0391 0x0a30  [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:26:00.0394 0x0a30  WudfPf - ok
11:26:00.0419 0x0a30  [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:26:00.0423 0x0a30  WUDFRd - ok
11:26:00.0452 0x0a30  [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:26:00.0457 0x0a30  wudfsvc - ok
11:26:00.0492 0x0a30  [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:26:00.0499 0x0a30  WwanSvc - ok
11:26:00.0559 0x0a30  [ 1F93FCB5BAB3A921ECBA522F63586F4A, 0340B73DBC953B50572666EC603E87F253B9CEB9B0489A441A6A2171A04595D8 ] X10Hid          C:\Windows\System32\Drivers\x10hid.sys
11:26:00.0560 0x0a30  X10Hid - ok
11:26:00.0633 0x0a30  [ 5A0C788C5BC5F2C993CB60940ADCF95E, FEEC158466040A6528E7FC8D33706B50D2F03479E0B62DF8F06B69A1A850A9FB ] x10nets         C:\PROGRA~1\COMMON~1\X10\Common\x10nets.exe
11:26:00.0634 0x0a30  x10nets - ok
11:26:00.0669 0x0a30  [ 378DC1B0B1F62A7488EE8D31A3C6E949, 8334CBC479797DC82551D38DFF1AEF5E41E4C6427D410C633DECC95C4FB84C0E ] XUIF            C:\Windows\System32\Drivers\x10ufx2.sys
11:26:00.0671 0x0a30  XUIF - ok
11:26:00.0720 0x0a30  ================ Scan global ===============================
11:26:00.0809 0x0a30  [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
11:26:00.0864 0x0a30  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
11:26:00.0876 0x0a30  [ 51BB04243DF6196C06E125898127E397, E1B6C83FC6E455F6806185027C5B56F8BA9ECDF1CD69E97301EC0291F0D3466E ] C:\Windows\system32\winsrv.dll
11:26:00.0898 0x0a30  [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
11:26:00.0936 0x0a30  [ 5F1B6A9C35D3D5CA72D6D6FDEF9747D6, D7BC4ED605B32274B45328FD9914FB0E7B90D869A38F0E6F94FB1BF4E9E2B407 ] C:\Windows\system32\services.exe
11:26:00.0943 0x0a30  [ Global ] - ok
11:26:00.0944 0x0a30  ================ Scan MBR ==================================
11:26:00.0957 0x0a30  [ 7827CE22D5B6A2E3FA5111270DD20242 ] \Device\Harddisk0\DR0
11:26:03.0383 0x0a30  \Device\Harddisk0\DR0 - ok
11:26:03.0384 0x0a30  ================ Scan VBR ==================================
11:26:03.0386 0x0a30  [ B0D5A8FBF3D19023AA16814C187EBAFB ] \Device\Harddisk0\DR0\Partition1
11:26:03.0387 0x0a30  \Device\Harddisk0\DR0\Partition1 - ok
11:26:03.0390 0x0a30  [ 88281072704F9D1CDE4F75736889AC35 ] \Device\Harddisk0\DR0\Partition2
11:26:03.0391 0x0a30  \Device\Harddisk0\DR0\Partition2 - ok
11:26:03.0394 0x0a30  [ 8572B11D66FA7EF25F9631DB59AA5CAE ] \Device\Harddisk0\DR0\Partition3
11:26:03.0446 0x0a30  \Device\Harddisk0\DR0\Partition3 - ok
11:26:03.0449 0x0a30  [ 016BC9E677089B2A7EE91BE5B7543432 ] \Device\Harddisk0\DR0\Partition4
11:26:03.0450 0x0a30  \Device\Harddisk0\DR0\Partition4 - ok
11:26:03.0479 0x0a30  [ E011EDAC00D3E8DCBBA04CE8028DBE6E ] \Device\Harddisk0\DR0\Partition5
11:26:03.0482 0x0a30  \Device\Harddisk0\DR0\Partition5 - ok
11:26:03.0499 0x0a30  [ A73F2AA975F76A07030D710FE4778E87 ] \Device\Harddisk0\DR0\Partition6
11:26:03.0501 0x0a30  \Device\Harddisk0\DR0\Partition6 - ok
11:26:03.0502 0x0a30  Waiting for KSN requests completion. In queue: 292
11:26:04.0502 0x0a30  Waiting for KSN requests completion. In queue: 292
11:26:05.0502 0x0a30  Waiting for KSN requests completion. In queue: 292
11:26:06.0502 0x0a30  Waiting for KSN requests completion. In queue: 292
11:26:07.0523 0x0a30  AV detected via SS2: Avira Desktop, C:\Program Files\Avira\AntiVir Desktop\wsctool.exe ( 14.0.3.336 ), 0x41000 ( enabled : updated )
11:26:07.0530 0x0a30  Win FW state via NFP2: enabled
11:26:11.0030 0x0a30  ============================================================
11:26:11.0030 0x0a30  Scan finished
11:26:11.0030 0x0a30  ============================================================
11:26:11.0042 0x1488  Detected object count: 0
11:26:11.0042 0x1488  Actual detected object count: 0
 



#10 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 11 May 2014 - 04:35 AM

I should perhaps add that I'm currently posting from my "infected" computer (before the scans I was on a clean machine), but haven't experienced any more audio ads yet. Weird, considering that none of the software used so far found or removed anything, yet this computer was clearly showing symptoms three days ago.

 

Also, Firefox just asked me to update to 29.0, which I did, although slightly worried about it possibly being "fake"... but it looked legit in every way I could see.



#11 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 11 May 2014 - 04:46 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x86
Ran by HDH-10 on 11.05.2014 at 11:39:53,67
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbcommonutils.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\tbhelper.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{01221FCC-4BFB-461C-B08C-F6D2DF309921}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbcommonutils.commonutils.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbdownloadmanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbpropertymanager.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbrequest.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.tbtask.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\tbhelper.toolbarhelper.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.contextmenunotifier.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\toolbar3.custominternetsecurityimpl.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FCBCCB87-9224-4B8D-B117-F56D924BEB18}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Users\HDH-10\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\HDH-10\appdata\locallow\toolbar4"



~~~ FireFox

Successfully deleted: [File] C:\Users\HDH-10\AppData\Roaming\mozilla\firefox\profiles\uya7of0b.default\searchplugins\search.xml
Successfully deleted the following from C:\Users\HDH-10\AppData\Roaming\mozilla\firefox\profiles\uya7of0b.default\prefs.js

user_pref("extensions.xkit7.extension_go_to_dash", "{\"script\":\"//* TITLE Go-To-Dash **//\\r\\n//* VERSION 1.0 REV F **//\\r\\n//* DESCRIPTION View a post on a blog on your
user_pref("extensions.xkit7.extension_mass_plus", "{\"script\":\"//* TITLE Mass+ **//\\r\\n//* VERSION 0.4 REV A **//\\r\\n//* DESCRIPTION Enhancements for the Mass Editor **/
user_pref("extensions.xkit7.extension_one_click_postage", "{\"script\":\"//* TITLE One-Click Postage **//\\r\\n//* VERSION 3.3 REV C **//\\r\\n//* DESCRIPTION Lets you easily
user_pref("extensions.xkit7.extension_one_click_reply", "{\"script\":\"//* TITLE One-Click Reply **//\\r\\n//* VERSION 1.9 REV F **//\\r\\n//* DESCRIPTION Lets you reply to no
user_pref("extensions.xkit7.extension_read_more_now", "{\"script\":\"//* TITLE Read More Now **//\\r\\n//* VERSION 1.2 REV E **//\\r\\n//* DESCRIPTION Read Mores in your dash
user_pref("extensions.xkit7.extension_reblog_as_text", "{\"script\":\"//* TITLE Reblog As Text **//\\r\\n//* VERSION 1.0 REV D **//\\r\\n//* DESCRIPTION Text posts remain text
user_pref("extensions.xkit7.extension_timestamps", "{\"script\":\"//* TITLE Timestamps **//\\r\\n//* VERSION 2.4 REV E **//\\r\\n//* DESCRIPTION See when a post has been made.
user_pref("extensions.xkit7.extension_tweaks", "{\"script\":\"//* TITLE Tweaks **//\\r\\n//* VERSION 2.9 REV A **//\\r\\n//* DESCRIPTION Various little tweaks for your dashboa
user_pref("extensions.xkit7.extension_xinbox", "{\"script\":\"//* TITLE XInbox **//\\r\\n//* VERSION 1.9 REV B **//\\r\\n//* DESCRIPTION Enhances your Inbox experience **//\\r
user_pref("extensions.xkit7.extension_xkit_patches", "{\"script\":\"//* TITLE XKit Patches **//\\r\\n//* VERSION 2.4 REV F **//\\r\\n//* DESCRIPTION Patches framework **//\\r\
user_pref("extensions.xkit7.extension_xkit_preferences", "{\"script\":\"//* TITLE XKit Preferences **//\\r\\n//* VERSION 3.2 REV A **//\\r\\n//* DESCRIPTION Lets you customize
user_pref("extensions.xkit7.extension_xneko", "{\"script\":\"//* TITLE XNeko **//\\r\\n//* VERSION 1.2 REV A **//\\r\\n//* DESCRIPTION One live cat for your dashboard **//\\r\
user_pref("extensions.xkit7.xkit_extension_storage__xkit_preferences", "{\"news\":{\"value\":\"[{\\\"id\\\":91111,\\\"title\\\":\\\"Welcome to XKit!\\\",\\\"message\\\":\\\"<h
user_pref("xkit.x1cpostage", "//* VERSION 5.8 REV E **//\r\n//* TITLE One-Click Postage **//\r\n//* DEVELOPER STUDIOXENIX **//\r\n//* PREFMENU One-Click Postage Settings **//\
user_pref("xkit.x1cpostage_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG
user_pref("xkit.xfollowers", "//* VERSION 4.1 REV C **//\r\n//* INTERVAL 0 **//\r\n//* TITLE Delta Checker **//\r\n//* DEVELOPER STUDIOXENIX **//\r\n//* DESCRIPTION Check who
user_pref("xkit.xgetaudio", "//* VERSION 2.2 REV A **//\r\n//* TITLE GetAudio **//\r\n//* BETA true **//\r\n//* DESCRIPTION Download audio posts hosted on Tumblr as MP3 files.
user_pref("xkit.xgotodash", "//* VERSION 1.2 REV B **//\r\n//* TITLE Go-To-Dash **//\r\n//* DESCRIPTION Adds a button on peoples blogs that allows you to go back to that post
user_pref("xkit.xgotodash_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9
user_pref("xkit.xkit_installer", "//* VERSION 6.1 REV A **//\r\n// XKit Installer\r\n// Installs XKit. Loaded by bootstrapper.\r\n// © 2011 STUDIOXENIX.com\r\n\r\nvar instal
user_pref("xkit.xkit_preferences", "//* VERSION 6.9 REV E **//\r\n//* TITLE XKit Control Panel **//\r\n//* INTERVAL 0 **//\r\n// XKit Preferences\r\n// Injects the preference
user_pref("xkit.xkit_required", "//* VERSION 6.0 REV C **//\r\n// XKit Required\r\n// Required images and text.\r\n// © 2011 - 2012 STUDIOXENIX.com\r\n\r\n\r\n/*!\r\n * jQue
user_pref("xkit.xmutualfollowers", "//* VERSION 1.0 REV C **//\r\n//* INTERVAL 0 **//\r\n//* TITLE Mutual Checker **//\r\n//* DEVELOPER STUDIOXENIX **//\r\n//* DESCRIPTION Che
user_pref("xkit.xnews_9IsPoweYV9_message", "<b>Thanks for installing XKit 6!</b><br/>\r\nIf you have any suggestions or problems, please feel free to <br/><a href=\"hxxp://xki
user_pref("xkit.xnews_9IsPoweYV9_read", "true");
user_pref("xkit.xnews_9IsPoweYV9_time", "30335134452");
user_pref("xkit.xnews_9IsPoweYV9_title", "Have suggestions?");
user_pref("xkit.xnews_items", ",0,9IsPoweYV9,jZXyuPDBt9,8SFyKLsBgl,k2ROb7Mbnf,mR2wzuxwa9,H17ODD5tGE,OnhgXez1KA,o75jtKkDcU,hMEtwIHZYE,fHvQgYQTXz,V8nmrLWJUr,d1L0Ju5DLu,U37gEBkbH
user_pref("xkit.xpreview_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9i
user_pref("xkit.xquickasks_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG
user_pref("xkit.xreblogurself_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5
user_pref("xkit.xtweaks_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9iZ
user_pref("xkit.xwraptags_icon", "data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAACAAAAAgCAYAAABzenr0AAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyJpVFh0WE1MOmNvbS5hZG9
Emptied folder: C:\Users\HDH-10\AppData\Roaming\mozilla\firefox\profiles\uya7of0b.default\minidumps [1333 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 11.05.2014 at 11:41:43,43
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#12 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 11 May 2014 - 04:55 AM

I disabled my antivirus software for the last scan, and enabled it again afterwards, but the little icon that's usually in the right corner of my screen, on the task bar (I have no idea what that area's "officially" called, sorry), is gone now. When I click on the program itself (on the desktop), it says it's active. Should I be worried?



#13 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 11 May 2014 - 07:45 AM

The ESET scan is taking absolutely forever - it's been nearly three hours now, and it's only at 17% (and has been at 17 percent for something like 20 minutes now). At the rate it's going I'm going to have to leave it running overnight and possibly also while I'm away for work. This is making me a bit nervous, especially since I'm still not sure all is well with my antivirus software etc...



#14 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 11 May 2014 - 11:20 AM

ESET results:

 

C:\$RECYCLE.BIN\S-1-5-21-2347134580-4225379128-925891243-1001\$RS72ONI.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Program Files\Avira\AntiVir Desktop\offercast_avirav7_.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted (after the next restart) - quarantined
C:\Qoobox\Quarantine\C\Recycle.Bin\FEB0F48DB8137AC.vir    Win32/Spy.SpyEye.CFG.A trojan    cleaned by deleting - quarantined
C:\Users\HDH-10\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Y08UJS3O\ApnIC[1].0    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
C:\Users\HDH-10\AppData\Local\temp\AskSLib.dll    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
C:\Users\HDH-10\Documents\agsetup183se.exe    a variant of Win32/Toolbar.Montiera.A potentially unwanted application    deleted - quarantined
C:\Users\HDH-10\Documents\ag_mp3_plugin_setup.exe    Win32/Somoto.F potentially unwanted application    deleted - quarantined
C:\Users\HDH-10\Downloads\avira_free_antivirus_de.exe    a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application    deleted - quarantined
C:\Users\HDH-10\Downloads\vlc-1.1.5-win32.exe    Win32/StartPage.OIE trojan    cleaned by deleting - quarantined
C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HWTT33S1\ApnIC[1].0    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
C:\Windows\temp\AskSLib.dll    a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application    deleted - quarantined
G:\Comics\Crossgen\_Websites\CrossGen website.rar    HTML/ScrInject.B.Gen virus    deleted - quarantined
 



#15 Hmpf

Hmpf
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:12:42 AM

Posted 11 May 2014 - 11:54 AM

RogueKiller:

 

I'm getting a blinking warning sign that seems somewhat randomly placed in the results window, which says PUP. I made a screenshot but it seems I need to upload that to some image hosting service before I can embed it here? If you think it's necessary, I will do so.

 

When the scan was through my browser also seemingly opened of its own accord, on a page of the adlice.com website on pup removal, apparently, but I can't see the website's content.

 

 

The RK log file:

 

 

RogueKiller V8.8.15 [Mar 27 2014] durch Adlice Software
mail : http://www.adlice.com/contact/
Kommentare : http://forum.adlice.com
Webseite : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Betriebssystem : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Gestartet in : Normaler Modus
Benutzer : HDH-10 [Admin Rechte]
Funktion : Scannen -- Datum : 05/11/2014 18:44:09
| ARK || FAK || MBR |

¤¤¤ Böswillige Prozesse : 0 ¤¤¤

¤¤¤ Registry-Einträge : 13 ¤¤¤
[DNS][PUM] HKLM\[...]\CCSet\[...]\{5CF2B7B3-2983-4655-BB58-DBB6AC1C453F} : NameServer (193.189.244.225 193.189.244.206) -> GEFUNDEN
[DNS][PUM] HKLM\[...]\CS001\[...]\{5CF2B7B3-2983-4655-BB58-DBB6AC1C453F} : NameServer (193.189.244.225 193.189.244.206) -> GEFUNDEN
[DNS][PUM] HKLM\[...]\CS002\[...]\{5CF2B7B3-2983-4655-BB58-DBB6AC1C453F} : NameServer (193.189.244.225 193.189.244.206) -> GEFUNDEN
[HJ POL][PUM] HKLM\[...]\System : DisableRegistryTools (0) -> GEFUNDEN
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_TrackProgs (0) -> GEFUNDEN
[HJ SMENU][PUM] HKLM\[...]\Advanced : Start_ShowMyGames (0) -> GEFUNDEN
[HJ SMENU][PUM] HKLM\[...]\Advanced : Start_ShowRun (0) -> GEFUNDEN
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> GEFUNDEN
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> GEFUNDEN
[HJ DESK][PUM] HKCU\[...]\ClassicStartMenu : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> GEFUNDEN
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> GEFUNDEN
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> GEFUNDEN
[HJ DESK][PUM] HKCU\[...]\NewStartPanel : {645FF040-5081-101B-9F08-00AA002F954E} (1) -> GEFUNDEN

¤¤¤ Geplante Tasks : 0 ¤¤¤

¤¤¤ Autostart-Einträge : 0 ¤¤¤

¤¤¤ Web-Browsern : 0 ¤¤¤

¤¤¤ Browser Addons : 1 ¤¤¤
[FF][PUP] uya7of0b.default : DVDVideoSoft YouTube MP3 and Video Download

¤¤¤ Bestimmte Dateien / Ordner: ¤¤¤

¤¤¤ Treiber : [GELADEN] ¤¤¤
[Address] SSDT[84] : NtCreateSection @ 0x8347013D -> HOOKED (Unknown @ 0x91FE2A26)
[Address] SSDT[299] : NtRequestWaitReplyPort @ 0x8348AB22 -> HOOKED (Unknown @ 0x91FE2A30)
[Address] SSDT[316] : NtSetContextThread @ 0x8352A84F -> HOOKED (Unknown @ 0x91FE2A2B)
[Address] SSDT[347] : NtSetSecurityObject @ 0x8344E805 -> HOOKED (Unknown @ 0x91FE2A35)
[Address] SSDT[368] : NtSystemDebugControl @ 0x834D2802 -> HOOKED (Unknown @ 0x91FE2A3A)
[Address] SSDT[370] : NtTerminateProcess @ 0x834A7D9A -> HOOKED (Unknown @ 0x91FE29C7)
[Address] Shadow SSDT[585] : NtUserSetWindowsHookEx -> HOOKED (Unknown @ 0x91FE2A4E)
[Address] Shadow SSDT[588] : NtUserSetWinEventHook -> HOOKED (Unknown @ 0x91FE2A53)
[Address] EAT @explorer.exe (DllGetClassObject) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8CF9D)
[Address] EAT @explorer.exe (IEnumString_Next_WIC_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E000)
[Address] EAT @explorer.exe (IEnumString_Reset_WIC_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E029)
[Address] EAT @explorer.exe (IPropertyBag2_Write_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E049)
[Address] EAT @explorer.exe (IWICBitmapClipper_Initialize_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DD2A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportAnimation_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8EA9A)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportLossless_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8EABD)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_DoesSupportMultiframe_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8EAE0)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetContainerFormat_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E9D3)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceManufacturer_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E9F6)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetDeviceModels_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8EA1F)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetFileExtensions_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8EA71)
[Address] EAT @explorer.exe (IWICBitmapCodecInfo_GetMimeTypes_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8EA48)
[Address] EAT @explorer.exe (IWICBitmapDecoder_CopyPalette_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D845)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetColorContexts_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E9AA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetDecoderInfo_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D822)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrameCount_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D9A2)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetFrame_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D868)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetMetadataQueryReader_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D8DA)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetPreview_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DC74)
[Address] EAT @explorer.exe (IWICBitmapDecoder_GetThumbnail_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E9D3)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Commit_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DC05)
[Address] EAT @explorer.exe (IWICBitmapEncoder_CreateNewFrame_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DB87)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetEncoderInfo_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DB5E)
[Address] EAT @explorer.exe (IWICBitmapEncoder_GetMetadataQueryWriter_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D9A2)
[Address] EAT @explorer.exe (IWICBitmapEncoder_Initialize_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DB32)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetPalette_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DBDC)
[Address] EAT @explorer.exe (IWICBitmapEncoder_SetThumbnail_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DBB3)
[Address] EAT @explorer.exe (IWICBitmapFlipRotator_Initialize_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DD2A)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetColorContexts_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D88E)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetMetadataQueryReader_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D8DA)
[Address] EAT @explorer.exe (IWICBitmapFrameDecode_GetThumbnail_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D8B7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Commit_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D9C5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_GetMetadataQueryWriter_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8EB03)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_Initialize_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DFB7)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetColorContexts_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DB06)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetResolution_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DA17)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetSize_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D9E5)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_SetThumbnail_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DADD)
[Address] EAT @explorer.exe (IWICBitmapFrameEncode_WriteSource_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DA71)
[Address] EAT @explorer.exe (IWICBitmapLock_GetDataPointer_STA_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D7FC)
[Address] EAT @explorer.exe (IWICBitmapLock_GetStride_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DC25)
[Address] EAT @explorer.exe (IWICBitmapScaler_Initialize_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DCFE)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPalette_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D822)
[Address] EAT @explorer.exe (IWICBitmapSource_CopyPixels_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DC48)
[Address] EAT @explorer.exe (IWICBitmapSource_GetPixelFormat_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DC25)
[Address] EAT @explorer.exe (IWICBitmapSource_GetResolution_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D7FC)
[Address] EAT @explorer.exe (IWICBitmapSource_GetSize_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D91D)
[Address] EAT @explorer.exe (IWICBitmap_Lock_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E981)
[Address] EAT @explorer.exe (IWICBitmap_SetPalette_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DC74)
[Address] EAT @explorer.exe (IWICBitmap_SetResolution_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DC97)
[Address] EAT @explorer.exe (IWICColorContext_InitializeFromMemory_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8EB75)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateMetadataWriterFromReader_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D7AA)
[Address] EAT @explorer.exe (IWICComponentFactory_CreateQueryWriterFromBlockWriter_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D7D3)
[Address] EAT @explorer.exe (IWICComponentInfo_GetAuthor_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E958)
[Address] EAT @explorer.exe (IWICComponentInfo_GetCLSID_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DC25)
[Address] EAT @explorer.exe (IWICComponentInfo_GetFriendlyName_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E9AA)
[Address] EAT @explorer.exe (IWICComponentInfo_GetSpecVersion_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D88E)
[Address] EAT @explorer.exe (IWICComponentInfo_GetVersion_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E981)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_Commit_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D8FD)
[Address] EAT @explorer.exe (IWICFastMetadataEncoder_GetMetadataQueryWriter_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DC25)
[Address] EAT @explorer.exe (IWICFormatConverter_Initialize_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DCC7)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapClipper_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D557)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFlipRotator_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D580)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHBITMAP_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D6BA)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromHICON_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D6E6)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromMemory_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D656)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapFromSource_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D62D)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmapScaler_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D52E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateBitmap_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D68B)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateComponentInfo_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D4D9)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFileHandle_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D4A1)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromFilename_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D466)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateDecoderFromStream_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D42E)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateEncoder_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D5D2)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromDecoder_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D70C)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFastMetadataEncoderFromFrameDecode_ProxN±ßh$ø"Tÿÿÿÿt$tDIüN±ß») : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D732)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateFormatConverter_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D505)
[Address] EAT @explorer.exe (IWICImagingFactory_CreatePalette_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DADD)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriterFromReader_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D781)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateQueryWriter_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D758)
[Address] EAT @explorer.exe (IWICImagingFactory_CreateStream_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D5A9)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetCount_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DC25)
[Address] EAT @explorer.exe (IWICMetadataBlockReader_GetReaderByIndex_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetContainerFormat_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DFB7)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetEnumerator_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D822)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetLocation_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E049)
[Address] EAT @explorer.exe (IWICMetadataQueryReader_GetMetadataByName_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D7FC)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_RemoveMetadataByName_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D8DA)
[Address] EAT @explorer.exe (IWICMetadataQueryWriter_SetMetadataByName_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DFDA)
[Address] EAT @explorer.exe (IWICPalette_GetColorCount_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D96C)
[Address] EAT @explorer.exe (IWICPalette_GetColors_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D88E)
[Address] EAT @explorer.exe (IWICPalette_GetType_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D845)
[Address] EAT @explorer.exe (IWICPalette_HasAlpha_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D9A2)
[Address] EAT @explorer.exe (IWICPalette_InitializeCustom_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8EB75)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromBitmap_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D943)
[Address] EAT @explorer.exe (IWICPalette_InitializeFromPalette_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D822)
[Address] EAT @explorer.exe (IWICPalette_InitializePredefined_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D91D)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetBitsPerPixel_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8EB03)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelCount_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DD50)
[Address] EAT @explorer.exe (IWICPixelFormatInfo_GetChannelMask_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8EB26)
[Address] EAT @explorer.exe (IWICStream_InitializeFromIStream_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DD50)
[Address] EAT @explorer.exe (IWICStream_InitializeFromMemory_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DD73)
[Address] EAT @explorer.exe (WICConvertBitmapSource) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DDB8)
[Address] EAT @explorer.exe (WICCreateBitmapFromSection) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DF8D)
[Address] EAT @explorer.exe (WICCreateBitmapFromSectionEx) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DE8C)
[Address] EAT @explorer.exe (WICCreateColorContext_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8EB52)
[Address] EAT @explorer.exe (WICCreateImagingFactory_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D02B)
[Address] EAT @explorer.exe (WICGetMetadataContentSize) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E61D)
[Address] EAT @explorer.exe (WICMapGuidToShortName) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D0EC)
[Address] EAT @explorer.exe (WICMapSchemaToName) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D2E0)
[Address] EAT @explorer.exe (WICMapShortNameToGuid) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8D217)
[Address] EAT @explorer.exe (WICMatchMetadataContent) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E072)
[Address] EAT @explorer.exe (WICSerializeMetadataContent) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8E1B4)
[Address] EAT @explorer.exe (WICSetEncoderFormat_Proxy) : msacm32.drv -> HOOKED (C:\Windows\system32\WindowsCodecs.dll @ 0x72C8DD99)

¤¤¤ Externe Hives: ¤¤¤

¤¤¤ Infektion : PUP ¤¤¤

¤¤¤ Hosts-Datei: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts


127.0.0.1       localhost


¤¤¤ MBR überprüfen: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ IDE) SAMSUNG HM641JI +++++
--- User ---
[MBR] dc4ea90d101fd62be830a474c7a17334
[BSP] ffc8d623aead9ca7db5de013a16c03bb : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 102901 MB
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 210949578 | Size: 320578 MB
3 - [XXXXXX] EXTEN-LBA (0x0f) [VISIBLE] Offset (sectors): 867493935 | Size: 186904 MB
User = LL1 ... OK!
User = LL2 ... OK!

Abgeschlossen : << RKreport[0]_S_05112014_184409.txt >>



 






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users