Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 14.10.2013, 14:25   #1
usernamejuli
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Servus,

Mein Laptop ist seit gut einer woche mit dem Virus 'BOO/TDss.O' befallen der im Masterbootsektor sitzt und alle Laufwerke angreift. In Folge dessen hab ich die Festplatte komplett formatiert und Windows neu aufgespielt. Ohne irgendwelche Änderungen installierte ich AVIRA als allererste Aktion. Nach wenigen Sekunden poppte die Meldung wieder auf.

Was nun ? Kann mir ein Computerfachmann weiterhelfen oder ist der Laptop nicht mehr zu gebrauchen ?

Vielen Dank für eine Hilfreiche Antwort schon im vorraus.

Alt 14.10.2013, 15:09   #2
aharonov
/// TB-Ausbilder
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Hallo,

schauen wir mal rein:


Schritt 1

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.



Schritt 2

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 15.10.2013, 09:13   #3
usernamejuli
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Hallo,

Schritt 1

17:37:35.0139 0x1364 TDSS rootkit removing tool 3.0.0.12 Oct 9 2013 14:59:22
17:37:35.0392 0x1364 ============================================================
17:37:35.0392 0x1364 Current date / time: 2013/10/14 17:37:35.0392
17:37:35.0392 0x1364 SystemInfo:
17:37:35.0393 0x1364
17:37:35.0393 0x1364 OS Version: 6.1.7600 ServicePack: 0.0
17:37:35.0393 0x1364 Product type: Workstation
17:37:35.0393 0x1364 ComputerName: JULI-PC
17:37:35.0394 0x1364 UserName: Juli
17:37:35.0394 0x1364 Windows directory: C:\Windows
17:37:35.0394 0x1364 System windows directory: C:\Windows
17:37:35.0394 0x1364 Running under WOW64
17:37:35.0394 0x1364 Processor architecture: Intel x64
17:37:35.0394 0x1364 Number of processors: 2
17:37:35.0394 0x1364 Page size: 0x1000
17:37:35.0394 0x1364 Boot type: Normal boot
17:37:35.0394 0x1364 ============================================================
17:37:37.0776 0x1364 System UUID: {DB0ED304-A260-E2DE-358C-966A96D13B9C}
17:37:38.0452 0x1364 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:37:38.0458 0x1364 ============================================================
17:37:38.0458 0x1364 \Device\Harddisk0\DR0:
17:37:38.0458 0x1364 MBR partitions:
17:37:38.0458 0x1364 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38B7A000
17:37:38.0458 0x1364 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38B7A800, BlocksNum 0x180A000
17:37:38.0458 0x1364 ============================================================
17:37:38.0512 0x1364 C: <-> \Device\Harddisk0\DR0\Partition1
17:37:38.0578 0x1364 D: <-> \Device\Harddisk0\DR0\Partition2
17:37:38.0578 0x1364 ============================================================
17:37:38.0578 0x1364 Initialize success
17:37:38.0578 0x1364 ============================================================
17:37:40.0961 0x0528 ============================================================
17:37:40.0961 0x0528 Scan started
17:37:40.0961 0x0528 Mode: Manual;
17:37:40.0961 0x0528 ============================================================
17:37:40.0961 0x0528 KSN ping started
17:37:54.0412 0x0528 KSN ping finished: true
17:37:55.0932 0x0528 ================ Scan system memory ========================
17:37:55.0932 0x0528 System memory - ok
17:37:55.0937 0x0528 ================ Scan services =============================
17:37:56.0318 0x0528 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
17:37:56.0324 0x0528 1394ohci - ok
17:37:56.0381 0x0528 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
17:37:56.0391 0x0528 Accelerometer - ok
17:37:56.0433 0x0528 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
17:37:56.0453 0x0528 ACPI - ok
17:37:56.0479 0x0528 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
17:37:56.0484 0x0528 AcpiPmi - ok
17:37:56.0535 0x0528 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
17:37:56.0580 0x0528 adp94xx - ok
17:37:56.0597 0x0528 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
17:37:56.0615 0x0528 adpahci - ok
17:37:56.0643 0x0528 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
17:37:56.0661 0x0528 adpu320 - ok
17:37:56.0689 0x0528 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:37:56.0692 0x0528 AeLookupSvc - ok
17:37:56.0734 0x0528 [ B9384E03479D2506BC924C16A3DB87BC, AB5FD2BC1F005E7D664F5DE3D5CB54499024A83B716DD52C56582DB7EFB4F01B ] AFD C:\Windows\system32\drivers\afd.sys
17:37:56.0746 0x0528 AFD - ok
17:37:56.0759 0x0528 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
17:37:56.0767 0x0528 agp440 - ok
17:37:56.0787 0x0528 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
17:37:56.0798 0x0528 ALG - ok
17:37:56.0815 0x0528 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
17:37:56.0820 0x0528 aliide - ok
17:37:56.0877 0x0528 [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:37:56.0890 0x0528 AMD External Events Utility - ok
17:37:56.0899 0x0528 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
17:37:56.0903 0x0528 amdide - ok
17:37:56.0933 0x0528 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
17:37:56.0943 0x0528 AmdK8 - ok
17:37:56.0949 0x0528 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
17:37:56.0962 0x0528 AmdPPM - ok
17:37:56.0976 0x0528 [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
17:37:56.0987 0x0528 amdsata - ok
17:37:57.0093 0x0528 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
17:37:57.0298 0x0528 amdsbs - ok
17:37:57.0306 0x0528 [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
17:37:57.0313 0x0528 amdxata - ok
17:37:57.0527 0x0528 [ 3478F48B23A0D9F6EADD4A2405BA70EF, 421BDDCEFEF491915EF8D9BFB756A56778437D98B136758A15AE5A0672738C9D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
17:37:57.0537 0x0528 AntiVirSchedulerService - ok
17:37:57.0581 0x0528 [ AFFE7C21A4FCA1963371F10066911D3A, DC7A94A784C9389792F3C9A1F435CD9B2D5F74AC9E56F35831B65820FA6A0EDE ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
17:37:57.0603 0x0528 AntiVirService - ok
17:37:57.0649 0x0528 [ 8397F57D246078C72365A7BE76B2195B, FCA8FF98D48DF28D1F2978658D1D0B21393A82D6AA86AF39A146CBDF5F9DF28F ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
17:37:57.0745 0x0528 AntiVirWebService - ok
17:37:57.0783 0x0528 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
17:37:57.0794 0x0528 AppID - ok
17:37:57.0819 0x0528 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
17:37:57.0831 0x0528 AppIDSvc - ok
17:37:57.0856 0x0528 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
17:37:57.0858 0x0528 Appinfo - ok
17:37:57.0897 0x0528 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
17:37:57.0908 0x0528 AppMgmt - ok
17:37:57.0934 0x0528 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
17:37:57.0945 0x0528 arc - ok
17:37:57.0952 0x0528 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
17:37:57.0964 0x0528 arcsas - ok
17:37:57.0979 0x0528 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:37:57.0986 0x0528 AsyncMac - ok
17:37:57.0993 0x0528 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
17:37:57.0994 0x0528 atapi - ok
17:37:58.0261 0x0528 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E, E96DD29A2FCE1403340CB29D34F657DF17F483F62A2E8E24890F9BC4812B2971 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
17:37:58.0487 0x0528 atikmdag - ok
17:37:58.0566 0x0528 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:37:58.0604 0x0528 AudioEndpointBuilder - ok
17:37:58.0641 0x0528 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
17:37:58.0656 0x0528 AudioSrv - ok
17:37:58.0685 0x0528 [ 29F9901C22E7BFE23DF8389AFC530D3D, DBD3537AF3E4BF9AC033E109C8CA737A2EC1EE1F95EDC31E2855F9A9595B03DE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
17:37:58.0732 0x0528 avgntflt - ok
17:37:58.0790 0x0528 [ 033CA7F2EABD7EFDC482FE45DD7E1B60, 5D02BB7ED45AA64F8A9D8F29E25D29FE26881EEE55B2962AD99F655EB22692DB ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
17:37:58.0815 0x0528 avipbb - ok
17:37:58.0908 0x0528 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
17:37:58.0960 0x0528 avkmgr - ok
17:37:59.0141 0x0528 [ 09E9CA6E7C6BD01D6AE7BECDEC224D06, 34FBB2C3565C21CE6245EB1CDADE7CE24A6B93F8EBAAAEA53B560E634AAA639D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
17:37:59.0149 0x0528 avnetflt - ok
17:37:59.0228 0x0528 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
17:37:59.0232 0x0528 AxInstSV - ok
17:37:59.0296 0x0528 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
17:37:59.0339 0x0528 b06bdrv - ok
17:37:59.0394 0x0528 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
17:37:59.0432 0x0528 b57nd60a - ok
17:37:59.0511 0x0528 [ D466BAC7B0F83F075CB3A6D9D11BA799, 9704AF0120FFD8CAAE9881015DEDB71A20B78EC806BFE93ACD122DA127ADAED1 ] BackupStack C:\Program Files (x86)\MyPC Backup\BackupStack.exe
17:37:59.0522 0x0528 BackupStack - ok
17:37:59.0577 0x0528 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
17:37:59.0593 0x0528 BDESVC - ok
17:37:59.0680 0x0528 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
17:37:59.0686 0x0528 Beep - ok
17:37:59.0911 0x0528 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
17:37:59.0929 0x0528 BFE - ok
17:38:00.0473 0x0528 [ 425622F8DB2694C34D1908A77612ACFC, C8ADB9731552F276E89CF9B0D86E033E2DA6454B289ED12C2062DA426808344B ] BitGuard C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
17:38:00.0567 0x0528 BitGuard - ok
17:38:00.0633 0x0528 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
17:38:00.0678 0x0528 BITS - ok
17:38:00.0717 0x0528 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
17:38:00.0723 0x0528 blbdrive - ok
17:38:00.0789 0x0528 bonanzadealslive - ok
17:38:00.0809 0x0528 bonanzadealslivem - ok
17:38:00.0835 0x0528 [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:38:00.0843 0x0528 bowser - ok
17:38:00.0866 0x0528 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
17:38:00.0873 0x0528 BrFiltLo - ok
17:38:00.0910 0x0528 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
17:38:00.0947 0x0528 BrFiltUp - ok
17:38:01.0056 0x0528 [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] Browser C:\Windows\System32\browser.dll
17:38:01.0084 0x0528 Browser - ok
17:38:01.0310 0x0528 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
17:38:01.0325 0x0528 Brserid - ok
17:38:01.0333 0x0528 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
17:38:01.0339 0x0528 BrSerWdm - ok
17:38:01.0347 0x0528 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
17:38:01.0352 0x0528 BrUsbMdm - ok
17:38:01.0382 0x0528 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
17:38:01.0386 0x0528 BrUsbSer - ok
17:38:01.0396 0x0528 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:38:01.0402 0x0528 BTHMODEM - ok
17:38:01.0420 0x0528 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
17:38:01.0436 0x0528 bthserv - ok
17:38:01.0457 0x0528 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:38:01.0466 0x0528 cdfs - ok
17:38:01.0488 0x0528 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:38:01.0500 0x0528 cdrom - ok
17:38:01.0527 0x0528 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
17:38:01.0530 0x0528 CertPropSvc - ok
17:38:01.0543 0x0528 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
17:38:01.0554 0x0528 circlass - ok
17:38:01.0578 0x0528 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
17:38:01.0586 0x0528 CLFS - ok
17:38:01.0703 0x0528 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:38:01.0706 0x0528 clr_optimization_v2.0.50727_32 - ok
17:38:01.0860 0x0528 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:38:01.0862 0x0528 clr_optimization_v2.0.50727_64 - ok
17:38:01.0896 0x0528 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:38:01.0914 0x0528 CmBatt - ok
17:38:01.0933 0x0528 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
17:38:01.0940 0x0528 cmdide - ok
17:38:01.0960 0x0528 [ F95FD4CB7DA00BA2A63CE9F6B5C053E1, D1FBCA0416D38B9CA510FB01CF251E60B244D38080E6668948ED927D2350ED49 ] CNG C:\Windows\system32\Drivers\cng.sys
17:38:01.0984 0x0528 CNG - ok
17:38:02.0022 0x0528 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:38:02.0062 0x0528 Compbatt - ok
17:38:02.0080 0x0528 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
17:38:02.0088 0x0528 CompositeBus - ok
17:38:02.0097 0x0528 COMSysApp - ok
17:38:02.0105 0x0528 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
17:38:02.0111 0x0528 crcdisk - ok
17:38:02.0155 0x0528 [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:38:02.0162 0x0528 CryptSvc - ok
17:38:02.0208 0x0528 [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC C:\Windows\system32\drivers\csc.sys
17:38:02.0243 0x0528 CSC - ok
17:38:02.0278 0x0528 [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService C:\Windows\System32\cscsvc.dll
17:38:02.0295 0x0528 CscService - ok
17:38:02.0422 0x0528 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:38:02.0468 0x0528 DcomLaunch - ok
17:38:02.0510 0x0528 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
17:38:02.0574 0x0528 defragsvc - ok
17:38:02.0628 0x0528 [ 3F1DC527070ACB87E40AFE46EF6DA749, 5CB9CB94854AF06BEA02AF3E0562B8ECF72B2B23ED657A3F5E17CD3552F3EF84 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:38:02.0653 0x0528 DfsC - ok
17:38:02.0706 0x0528 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
17:38:02.0749 0x0528 Dhcp - ok
17:38:02.0755 0x0528 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
17:38:02.0756 0x0528 discache - ok
17:38:02.0803 0x0528 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
17:38:02.0833 0x0528 Disk - ok
17:38:02.0894 0x0528 [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:38:02.0900 0x0528 Dnscache - ok
17:38:02.0927 0x0528 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
17:38:03.0034 0x0528 dot3svc - ok
17:38:03.0059 0x0528 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
17:38:03.0090 0x0528 DPS - ok
17:38:03.0144 0x0528 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:38:03.0178 0x0528 drmkaud - ok
17:38:03.0270 0x0528 [ EBCE0B0924835F635F620D19F0529DCE, 15BF803765373264390879FCA86C6D89C92DAFD0B1A36DEFA78EF01EBA2F9C26 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:38:03.0495 0x0528 DXGKrnl - ok
17:38:03.0559 0x0528 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
17:38:03.0563 0x0528 EapHost - ok
17:38:04.0310 0x0528 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
17:38:04.0508 0x0528 ebdrv - ok
17:38:04.0571 0x0528 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] EFS C:\Windows\System32\lsass.exe
17:38:04.0574 0x0528 EFS - ok
17:38:04.0906 0x0528 [ 3D69FAE60EDE442E004611A4EE4DB44C, 480D3F7604C9A70570BBFFF3CA0FABA216805BB38D4F8A73BB50996B547D8017 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:38:05.0011 0x0528 ehRecvr - ok
17:38:05.0040 0x0528 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
17:38:05.0055 0x0528 ehSched - ok
17:38:05.0220 0x0528 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
17:38:05.0618 0x0528 elxstor - ok
17:38:05.0634 0x0528 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
17:38:05.0670 0x0528 ErrDev - ok
17:38:05.0769 0x0528 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
17:38:05.0780 0x0528 EventSystem - ok
17:38:05.0883 0x0528 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
17:38:05.0914 0x0528 exfat - ok
17:38:05.0953 0x0528 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:38:05.0966 0x0528 fastfat - ok
17:38:06.0025 0x0528 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
17:38:06.0058 0x0528 Fax - ok
17:38:06.0065 0x0528 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:38:06.0070 0x0528 fdc - ok
17:38:06.0370 0x0528 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
17:38:06.0371 0x0528 fdPHost - ok
17:38:06.0377 0x0528 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
17:38:06.0420 0x0528 FDResPub - ok
17:38:06.0443 0x0528 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:38:06.0464 0x0528 FileInfo - ok
17:38:06.0470 0x0528 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:38:06.0475 0x0528 Filetrace - ok
17:38:06.0480 0x0528 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:38:06.0484 0x0528 flpydisk - ok
17:38:06.0558 0x0528 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:38:06.0653 0x0528 FltMgr - ok
17:38:06.0783 0x0528 [ 8AC4CB4EA61E41009FAE9AE7B2B5DA3A, 6587B22ED91F98D3E3614967F62D7A58F42C12F45F8E1D47835D195CD350BC54 ] FontCache C:\Windows\system32\FntCache.dll
17:38:06.0829 0x0528 FontCache - ok
17:38:06.0916 0x0528 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:38:06.0923 0x0528 FontCache3.0.0.0 - ok
17:38:07.0009 0x0528 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
17:38:07.0016 0x0528 FsDepends - ok
17:38:07.0020 0x0528 [ E95EF8547DE20CF0603557C0CF7A9462, 55540B06B7B380CA2DA6EEE2D76C6CD6131ADB02B2D0B172A36536863A0C57B6 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:38:07.0029 0x0528 Fs_Rec - ok
17:38:07.0069 0x0528 [ AE87BA80D0EC3B57126ED2CDC15B24ED, 7E0EA3CDB78054D9A4E3B5142305943F2914536D80B8FC363414C8838D51D56C ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
17:38:07.0074 0x0528 fvevol - ok
17:38:07.0096 0x0528 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
17:38:07.0103 0x0528 gagp30kx - ok
17:38:07.0236 0x0528 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
17:38:07.0258 0x0528 gpsvc - ok
17:38:07.0320 0x0528 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
17:38:07.0340 0x0528 hcw85cir - ok
17:38:07.0442 0x0528 [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:38:07.0473 0x0528 HdAudAddService - ok
17:38:07.0747 0x0528 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:38:07.0807 0x0528 HDAudBus - ok
17:38:07.0912 0x0528 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
17:38:07.0928 0x0528 HidBatt - ok
17:38:07.0982 0x0528 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
17:38:08.0055 0x0528 HidBth - ok
17:38:08.0095 0x0528 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
17:38:08.0101 0x0528 HidIr - ok
17:38:08.0156 0x0528 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
17:38:08.0159 0x0528 hidserv - ok
17:38:08.0219 0x0528 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:38:08.0221 0x0528 HidUsb - ok
17:38:08.0244 0x0528 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
17:38:08.0248 0x0528 hkmsvc - ok
17:38:08.0298 0x0528 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:38:08.0305 0x0528 HomeGroupListener - ok
17:38:08.0370 0x0528 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:38:08.0377 0x0528 HomeGroupProvider - ok
17:38:08.0431 0x0528 [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
17:38:08.0436 0x0528 hpdskflt - ok
17:38:08.0490 0x0528 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
17:38:08.0499 0x0528 HpSAMD - ok
17:38:08.0559 0x0528 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv C:\Windows\system32\Hpservice.exe
17:38:08.0567 0x0528 hpsrv - ok
17:38:08.0626 0x0528 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:38:08.0654 0x0528 HTTP - ok
17:38:08.0660 0x0528 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
17:38:08.0662 0x0528 hwpolicy - ok
17:38:08.0692 0x0528 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:38:08.0701 0x0528 i8042prt - ok
17:38:08.0798 0x0528 [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
17:38:08.0815 0x0528 iaStorV - ok
17:38:08.0973 0x0528 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:38:09.0040 0x0528 idsvc - ok
17:38:09.0071 0x0528 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
17:38:09.0078 0x0528 iirsp - ok
17:38:09.0139 0x0528 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
17:38:09.0172 0x0528 IKEEXT - ok
17:38:09.0183 0x0528 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:38:09.0207 0x0528 intelide - ok
17:38:09.0226 0x0528 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:38:09.0228 0x0528 intelppm - ok
17:38:09.0281 0x0528 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:38:09.0296 0x0528 IPBusEnum - ok
17:38:09.0302 0x0528 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:38:09.0334 0x0528 IpFilterDriver - ok
17:38:09.0401 0x0528 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:38:09.0456 0x0528 iphlpsvc - ok
17:38:09.0491 0x0528 [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
17:38:09.0530 0x0528 IPMIDRV - ok
17:38:09.0568 0x0528 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
17:38:09.0595 0x0528 IPNAT - ok
17:38:09.0622 0x0528 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:38:09.0631 0x0528 IRENUM - ok
17:38:09.0636 0x0528 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
17:38:09.0641 0x0528 isapnp - ok
17:38:09.0696 0x0528 [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:38:09.0760 0x0528 iScsiPrt - ok
17:38:09.0816 0x0528 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:38:09.0835 0x0528 kbdclass - ok
17:38:09.0863 0x0528 [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:38:09.0892 0x0528 kbdhid - ok
17:38:09.0916 0x0528 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] KeyIso C:\Windows\system32\lsass.exe
17:38:09.0918 0x0528 KeyIso - ok
17:38:09.0925 0x0528 [ E8B6FCC9C83535C67F835D407620BD27, 74B63F3BFB756FF0B0AD6A6C1535C0A1A0630295ECCBC078B00F2449718B0870 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:38:09.0936 0x0528 KSecDD - ok
17:38:09.0968 0x0528 [ A8C63880EF6F4D3FEC7B616B9C060215, 036AE3ABBF991F5748C5C46E1DF62FBBC832BCDBF8C1B6E3C22A22A3703BBBCA ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
17:38:10.0007 0x0528 KSecPkg - ok
17:38:10.0030 0x0528 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
17:38:10.0057 0x0528 ksthunk - ok
17:38:10.0138 0x0528 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
17:38:10.0205 0x0528 KtmRm - ok
17:38:10.0264 0x0528 [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] LanmanServer C:\Windows\system32\srvsvc.dll
17:38:10.0271 0x0528 LanmanServer - ok
17:38:10.0329 0x0528 [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:38:10.0334 0x0528 LanmanWorkstation - ok
17:38:10.0376 0x0528 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:38:10.0413 0x0528 lltdio - ok
17:38:10.0459 0x0528 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:38:10.0507 0x0528 lltdsvc - ok
17:38:10.0514 0x0528 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:38:10.0571 0x0528 lmhosts - ok
17:38:10.0592 0x0528 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
17:38:10.0601 0x0528 LSI_FC - ok
17:38:10.0611 0x0528 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
17:38:10.0653 0x0528 LSI_SAS - ok
17:38:10.0674 0x0528 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
17:38:10.0681 0x0528 LSI_SAS2 - ok
17:38:10.0688 0x0528 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
17:38:10.0696 0x0528 LSI_SCSI - ok
17:38:10.0759 0x0528 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
17:38:10.0770 0x0528 luafv - ok
17:38:10.0800 0x0528 [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:38:10.0839 0x0528 Mcx2Svc - ok
17:38:10.0848 0x0528 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
17:38:10.0855 0x0528 megasas - ok
17:38:10.0882 0x0528 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
17:38:10.0895 0x0528 MegaSR - ok
17:38:10.0968 0x0528 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
17:38:10.0971 0x0528 MMCSS - ok
17:38:10.0990 0x0528 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
17:38:10.0995 0x0528 Modem - ok
17:38:11.0014 0x0528 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:38:11.0015 0x0528 monitor - ok
17:38:11.0021 0x0528 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:38:11.0023 0x0528 mouclass - ok
17:38:11.0034 0x0528 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:38:11.0037 0x0528 mouhid - ok
17:38:11.0044 0x0528 [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
17:38:11.0047 0x0528 mountmgr - ok
17:38:11.0069 0x0528 [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
17:38:11.0079 0x0528 mpio - ok
17:38:11.0117 0x0528 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:38:11.0139 0x0528 mpsdrv - ok
17:38:11.0196 0x0528 [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
17:38:11.0236 0x0528 MpsSvc - ok
17:38:11.0283 0x0528 [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:38:11.0324 0x0528 MRxDAV - ok
17:38:11.0426 0x0528 [ 767A4C3BCF9410C286CED15A2DB17108, D9EA9EF7D4048081B132B804E0AE5A60A58FA6B25B7F5B87D5D7E354B2D94C79 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:38:11.0438 0x0528 mrxsmb - ok
17:38:11.0450 0x0528 [ 920EE0FF995FCFDEB08C41605A959E1C, 977195011912166F7C7E209D90B973E3F507B5297504AF9B6797FA8D1051534C ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:38:11.0490 0x0528 mrxsmb10 - ok
17:38:11.0499 0x0528 [ 740D7EA9D72C981510A5292CF6ADC941, C55C2F73410C008F829D194EF072721A8D7945BCC48458982D2409761908E7AE ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:38:11.0508 0x0528 mrxsmb20 - ok
17:38:11.0549 0x0528 [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
17:38:11.0554 0x0528 msahci - ok
17:38:11.0584 0x0528 [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
17:38:11.0609 0x0528 msdsm - ok
17:38:11.0640 0x0528 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
17:38:11.0664 0x0528 MSDTC - ok
17:38:11.0670 0x0528 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:38:11.0677 0x0528 Msfs - ok
17:38:11.0682 0x0528 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
17:38:11.0857 0x0528 mshidkmdf - ok
17:38:11.0863 0x0528 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
17:38:11.0873 0x0528 msisadrv - ok
17:38:11.0907 0x0528 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:38:11.0971 0x0528 MSiSCSI - ok
17:38:11.0976 0x0528 msiserver - ok
17:38:12.0038 0x0528 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:38:12.0039 0x0528 MSKSSRV - ok
17:38:12.0068 0x0528 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:38:12.0075 0x0528 MSPCLOCK - ok
17:38:12.0080 0x0528 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:38:12.0086 0x0528 MSPQM - ok
17:38:12.0110 0x0528 [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:38:12.0135 0x0528 MsRPC - ok
17:38:12.0158 0x0528 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:38:12.0159 0x0528 mssmbios - ok
17:38:12.0164 0x0528 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:38:12.0169 0x0528 MSTEE - ok
17:38:12.0175 0x0528 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
17:38:12.0190 0x0528 MTConfig - ok
17:38:12.0197 0x0528 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
17:38:12.0207 0x0528 Mup - ok
17:38:12.0260 0x0528 [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
17:38:12.0282 0x0528 napagent - ok
17:38:12.0583 0x0528 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:38:12.0752 0x0528 NativeWifiP - ok
17:38:12.0871 0x0528 [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
17:38:12.0920 0x0528 NDIS - ok
17:38:12.0957 0x0528 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
17:38:12.0964 0x0528 NdisCap - ok
17:38:12.0993 0x0528 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:38:13.0002 0x0528 NdisTapi - ok
17:38:13.0018 0x0528 [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:38:13.0035 0x0528 Ndisuio - ok
17:38:13.0051 0x0528 [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:38:13.0080 0x0528 NdisWan - ok
17:38:13.0124 0x0528 [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:38:13.0130 0x0528 NDProxy - ok
17:38:13.0221 0x0528 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:38:13.0329 0x0528 NetBIOS - ok
17:38:13.0416 0x0528 [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
17:38:13.0422 0x0528 NetBT - ok
17:38:13.0450 0x0528 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] Netlogon C:\Windows\system32\lsass.exe
17:38:13.0452 0x0528 Netlogon - ok
17:38:13.0571 0x0528 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
17:38:13.0602 0x0528 Netman - ok
17:38:13.0734 0x0528 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
17:38:13.0759 0x0528 netprofm - ok
17:38:13.0807 0x0528 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:38:13.0840 0x0528 NetTcpPortSharing - ok
17:38:14.0347 0x0528 [ 39EDE676D17F37AF4573C2B33EC28ACA, 6C897C8B72D7AC1385302E58509688790CC5F428E967485F92C3CD646907EF59 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
17:38:14.0819 0x0528 NETw5s64 - ok
17:38:15.0149 0x0528 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
17:38:15.0406 0x0528 netw5v64 - ok
17:38:15.0493 0x0528 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
17:38:15.0499 0x0528 nfrd960 - ok
17:38:15.0546 0x0528 [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
17:38:15.0567 0x0528 NlaSvc - ok
17:38:15.0572 0x0528 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:38:15.0601 0x0528 Npfs - ok
17:38:15.0640 0x0528 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
17:38:15.0642 0x0528 nsi - ok
17:38:15.0693 0x0528 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:38:15.0694 0x0528 nsiproxy - ok
17:38:15.0786 0x0528 [ 356698A13C4630D5B31C37378D469196, BF5704AADE5C3DA370501747F12ED6E9C3349E342CCF89005AAE132B570BB42B ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:38:15.0834 0x0528 Ntfs - ok
17:38:15.0846 0x0528 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
17:38:15.0852 0x0528 Null - ok
17:38:15.0876 0x0528 [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
17:38:15.0893 0x0528 nvraid - ok
17:38:15.0917 0x0528 [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
17:38:15.0932 0x0528 nvstor - ok
17:38:16.0031 0x0528 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
17:38:16.0040 0x0528 nv_agp - ok
17:38:16.0046 0x0528 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:38:16.0054 0x0528 ohci1394 - ok
17:38:16.0093 0x0528 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
17:38:16.0125 0x0528 p2pimsvc - ok
17:38:16.0202 0x0528 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
17:38:16.0224 0x0528 p2psvc - ok
17:38:16.0277 0x0528 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
17:38:16.0293 0x0528 Parport - ok
17:38:16.0300 0x0528 [ 7DAA117143316C4A1537E074A5A9EAF0, D4F31F67BE09B6904C1B9702DC042BC0DAB628055B956C79FF760A9027679E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:38:16.0321 0x0528 partmgr - ok
17:38:16.0358 0x0528 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
17:38:16.0364 0x0528 PcaSvc - ok
17:38:16.0373 0x0528 [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
17:38:16.0377 0x0528 pci - ok
17:38:16.0393 0x0528 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
17:38:16.0405 0x0528 pciide - ok
17:38:16.0438 0x0528 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
17:38:16.0478 0x0528 pcmcia - ok
17:38:16.0485 0x0528 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
17:38:16.0506 0x0528 pcw - ok
17:38:16.0526 0x0528 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:38:16.0582 0x0528 PEAUTH - ok
17:38:16.0693 0x0528 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
17:38:16.0756 0x0528 PeerDistSvc - ok
17:38:17.0189 0x0528 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
17:38:17.0274 0x0528 PerfHost - ok
17:38:17.0381 0x0528 [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
17:38:17.0449 0x0528 pla - ok
17:38:17.0494 0x0528 [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:38:17.0503 0x0528 PlugPlay - ok
17:38:17.0516 0x0528 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
17:38:17.0545 0x0528 PNRPAutoReg - ok
17:38:17.0557 0x0528 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
17:38:17.0566 0x0528 PNRPsvc - ok
17:38:17.0681 0x0528 [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:38:17.0713 0x0528 PolicyAgent - ok
17:38:17.0738 0x0528 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
17:38:17.0744 0x0528 Power - ok
17:38:17.0791 0x0528 [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:38:17.0824 0x0528 PptpMiniport - ok
17:38:17.0847 0x0528 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
17:38:17.0854 0x0528 Processor - ok
17:38:17.0905 0x0528 [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] ProfSvc C:\Windows\system32\profsvc.dll
17:38:17.0910 0x0528 ProfSvc - ok
17:38:18.0017 0x0528 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] ProtectedStorage C:\Windows\system32\lsass.exe
17:38:18.0019 0x0528 ProtectedStorage - ok
17:38:18.0053 0x0528 [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
17:38:18.0057 0x0528 Psched - ok
17:38:18.0149 0x0528 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
17:38:18.0318 0x0528 ql2300 - ok
17:38:18.0362 0x0528 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
17:38:18.0371 0x0528 ql40xx - ok
17:38:18.0430 0x0528 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
17:38:18.0463 0x0528 QWAVE - ok
17:38:18.0472 0x0528 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:38:18.0477 0x0528 QWAVEdrv - ok
17:38:18.0486 0x0528 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:38:18.0490 0x0528 RasAcd - ok
17:38:18.0522 0x0528 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
17:38:18.0528 0x0528 RasAgileVpn - ok
17:38:18.0550 0x0528 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
17:38:18.0565 0x0528 RasAuto - ok
17:38:18.0576 0x0528 [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:38:18.0587 0x0528 Rasl2tp - ok
17:38:18.0616 0x0528 [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
17:38:18.0648 0x0528 RasMan - ok
17:38:18.0666 0x0528 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:38:18.0674 0x0528 RasPppoe - ok
17:38:18.0681 0x0528 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:38:18.0690 0x0528 RasSstp - ok
17:38:18.0710 0x0528 [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:38:18.0727 0x0528 rdbss - ok
17:38:18.0732 0x0528 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
17:38:18.0751 0x0528 rdpbus - ok
17:38:18.0757 0x0528 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:38:18.0758 0x0528 RDPCDD - ok
17:38:18.0783 0x0528 [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
17:38:18.0793 0x0528 RDPDR - ok
17:38:18.0806 0x0528 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:38:18.0806 0x0528 RDPENCDD - ok
17:38:18.0812 0x0528 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
17:38:18.0813 0x0528 RDPREFMP - ok
17:38:18.0852 0x0528 [ 074AC702D8B8B660B0E1371555995386, 4D038797AF891BB6FE4503178C3A9C918620FEA80AFB36083B836B2547271952 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:38:18.0874 0x0528 RDPWD - ok
17:38:18.0895 0x0528 [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
17:38:18.0912 0x0528 rdyboost - ok
17:38:18.0936 0x0528 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
17:38:18.0951 0x0528 RemoteAccess - ok
17:38:18.0984 0x0528 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:38:18.0996 0x0528 RemoteRegistry - ok
17:38:19.0035 0x0528 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
17:38:19.0039 0x0528 RpcEptMapper - ok
17:38:19.0085 0x0528 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
17:38:19.0104 0x0528 RpcLocator - ok
17:38:19.0199 0x0528 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
17:38:19.0213 0x0528 RpcSs - ok
17:38:19.0289 0x0528 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:38:19.0317 0x0528 rspndr - ok
17:38:19.0370 0x0528 [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
17:38:19.0415 0x0528 RTL8167 - ok
17:38:19.0456 0x0528 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
17:38:19.0464 0x0528 s3cap - ok
17:38:19.0495 0x0528 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] SamSs C:\Windows\system32\lsass.exe
17:38:19.0496 0x0528 SamSs - ok
17:38:19.0525 0x0528 [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
17:38:19.0546 0x0528 sbp2port - ok
17:38:19.0578 0x0528 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:38:19.0599 0x0528 SCardSvr - ok
17:38:19.0609 0x0528 [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
17:38:19.0615 0x0528 scfilter - ok
17:38:19.0694 0x0528 [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] Schedule C:\Windows\system32\schedsvc.dll
17:38:19.0752 0x0528 Schedule - ok
17:38:19.0784 0x0528 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:38:19.0786 0x0528 SCPolicySvc - ok
17:38:19.0885 0x0528 [ 2C8D162EFAF73ABD36D8BCBB6340CAE7, DC40B08D39941D4FD0C3D5BEF279F50B66FE2D5859A0C85EF0DB11F91289DA9E ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:38:19.0895 0x0528 sdbus - ok
17:38:19.0977 0x0528 [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:38:20.0032 0x0528 SDRSVC - ok
17:38:20.0073 0x0528 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:38:20.0077 0x0528 secdrv - ok
17:38:20.0126 0x0528 [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
17:38:20.0129 0x0528 seclogon - ok
17:38:20.0136 0x0528 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
17:38:20.0140 0x0528 SENS - ok
17:38:20.0154 0x0528 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
17:38:20.0169 0x0528 SensrSvc - ok
17:38:20.0174 0x0528 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
17:38:20.0183 0x0528 Serenum - ok
17:38:20.0190 0x0528 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
17:38:20.0206 0x0528 Serial - ok
17:38:20.0212 0x0528 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
17:38:20.0217 0x0528 sermouse - ok
17:38:20.0245 0x0528 [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
17:38:20.0249 0x0528 SessionEnv - ok
17:38:20.0267 0x0528 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
17:38:20.0271 0x0528 sffdisk - ok
17:38:20.0277 0x0528 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
17:38:20.0284 0x0528 sffp_mmc - ok
17:38:20.0289 0x0528 [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
17:38:20.0293 0x0528 sffp_sd - ok
17:38:20.0299 0x0528 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
17:38:20.0305 0x0528 sfloppy - ok
17:38:20.0334 0x0528 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:38:20.0379 0x0528 SharedAccess - ok
17:38:20.0410 0x0528 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:38:20.0431 0x0528 ShellHWDetection - ok
17:38:20.0438 0x0528 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
17:38:20.0447 0x0528 SiSRaid2 - ok
17:38:20.0459 0x0528 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
17:38:20.0471 0x0528 SiSRaid4 - ok
17:38:20.0625 0x0528 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
17:38:20.0629 0x0528 SkypeUpdate - ok
17:38:20.0717 0x0528 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:38:20.0725 0x0528 Smb - ok
17:38:20.0781 0x0528 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:38:20.0786 0x0528 SNMPTRAP - ok
17:38:20.0790 0x0528 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
17:38:20.0795 0x0528 spldr - ok
17:38:20.0839 0x0528 [ F8E1FA03CB70D54A9892AC88B91D1E7B, 55EECAAD4C7EC0868BE937F4ADDA026AFDFCC614E94DE4B3248BFF2BE7FF13E8 ] Spooler C:\Windows\System32\spoolsv.exe
17:38:20.0862 0x0528 Spooler - ok
17:38:21.0063 0x0528 [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
17:38:21.0240 0x0528 sppsvc - ok
17:38:21.0270 0x0528 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
17:38:21.0283 0x0528 sppuinotify - ok
17:38:21.0321 0x0528 [ 43067A65522EAEC33D31A12D6FA8E3F4, 244CE66A10B34DC756962D0A164B34B98D89AB41B64C7AAF1F31E8642D8B013B ] srv C:\Windows\system32\DRIVERS\srv.sys
17:38:21.0351 0x0528 srv - ok
17:38:21.0392 0x0528 [ 03715CF9C30B563DA35FC5F2B8F7B8E0, 694EE380955AAD3E21DD72D2656141017E113EC726E5CBE856EF4D7E4FE10387 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:38:21.0411 0x0528 srv2 - ok
17:38:21.0419 0x0528 [ FBD09635227A8026C0F7790F604343C6, 582D40DD57D33BF79642E6DF069E82187EF79978B7192D669FD21678B0D8A9C4 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:38:21.0429 0x0528 srvnet - ok
17:38:21.0489 0x0528 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:38:21.0495 0x0528 SSDPSRV - ok
17:38:21.0533 0x0528 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:38:21.0541 0x0528 SstpSvc - ok
17:38:21.0605 0x0528 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
17:38:21.0611 0x0528 stexstor - ok
17:38:21.0763 0x0528 [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
17:38:21.0800 0x0528 stisvc - ok
17:38:21.0831 0x0528 [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
17:38:21.0838 0x0528 storflt - ok
17:38:21.0866 0x0528 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
17:38:21.0878 0x0528 StorSvc - ok
17:38:21.0883 0x0528 [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
17:38:21.0888 0x0528 storvsc - ok
17:38:21.0919 0x0528 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:38:21.0924 0x0528 swenum - ok
17:38:22.0026 0x0528 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
17:38:22.0060 0x0528 swprv - ok
17:38:22.0135 0x0528 [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
17:38:22.0203 0x0528 SysMain - ok
17:38:22.0235 0x0528 [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:38:22.0239 0x0528 TabletInputService - ok
17:38:22.0296 0x0528 [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:38:22.0418 0x0528 TapiSrv - ok
17:38:22.0442 0x0528 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
17:38:22.0445 0x0528 TBS - ok
17:38:22.0535 0x0528 [ 90A2D722CF64D911879D6C4A4F802A4D, 2D825BC1FD73315BF51F36CAEF6A8EFE9042A4C260151C6351064260CF699194 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:38:22.0656 0x0528 Tcpip - ok
17:38:22.0722 0x0528 [ 90A2D722CF64D911879D6C4A4F802A4D, 2D825BC1FD73315BF51F36CAEF6A8EFE9042A4C260151C6351064260CF699194 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
17:38:22.0759 0x0528 TCPIP6 - ok
17:38:22.0788 0x0528 [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:38:22.0794 0x0528 tcpipreg - ok
17:38:22.0802 0x0528 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:38:22.0814 0x0528 TDPIPE - ok
17:38:22.0897 0x0528 [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:38:22.0901 0x0528 TDTCP - ok
17:38:22.0925 0x0528 [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:38:22.0932 0x0528 tdx - ok
17:38:22.0937 0x0528 [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:38:22.0955 0x0528 TermDD - ok
17:38:23.0024 0x0528 [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
17:38:23.0058 0x0528 TermService - ok
17:38:23.0086 0x0528 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
17:38:23.0089 0x0528 Themes - ok
17:38:23.0124 0x0528 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
17:38:23.0127 0x0528 THREADORDER - ok
17:38:23.0172 0x0528 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
17:38:23.0177 0x0528 TrkWks - ok
17:38:23.0245 0x0528 [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:38:23.0249 0x0528 TrustedInstaller - ok
17:38:23.0283 0x0528 [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:38:23.0300 0x0528 tssecsrv - ok
17:38:23.0362 0x0528 [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:38:23.0371 0x0528 tunnel - ok
17:38:23.0377 0x0528 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
17:38:23.0383 0x0528 uagp35 - ok
17:38:23.0423 0x0528 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:38:23.0480 0x0528 udfs - ok
17:38:23.0515 0x0528 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:38:23.0524 0x0528 UI0Detect - ok
17:38:23.0560 0x0528 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
17:38:23.0586 0x0528 uliagpkx - ok
17:38:23.0627 0x0528 [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:38:23.0634 0x0528 umbus - ok
17:38:23.0638 0x0528 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
17:38:23.0642 0x0528 UmPass - ok
17:38:23.0672 0x0528 [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService C:\Windows\System32\umrdp.dll
17:38:23.0678 0x0528 UmRdpService - ok
17:38:23.0732 0x0528 [ B1EC2CAA074A857BF98CA990E576BC2D, FBEBBFBC0EF3174C934A7D03CBC1DDEC3EE5A37E4AC853056BEA5E38620CD8B9 ] Update Whilokii C:\Program Files (x86)\Whilokii\updateWhilokii.exe
17:38:23.0734 0x0528 Update Whilokii - ok
17:38:23.0791 0x0528 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
17:38:23.0812 0x0528 upnphost - ok
17:38:23.0883 0x0528 [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:38:23.0886 0x0528 usbccgp - ok
17:38:23.0921 0x0528 [ C3D1D402FD39EE517E2CEEE0A937FCBA, 05F2ECC2E6F844ACFACE02DE846B81BBBC9A6C4980EF0B4D3D943759C339A7C5 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
17:38:23.0987 0x0528 usbcir - ok
17:38:24.0023 0x0528 [ DF9F9AFC9AAABD8ED47975D44E38169A, 3EB9E900F35B13208D4B3F9FF3B42972EF3FAFEE1225CC144AC2340410B991C8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:38:24.0035 0x0528 usbehci - ok
17:38:24.0066 0x0528 [ 372A91BC3C6603080A793880B0873785, DC24793760922B92278335AF3B752EBE4373132A1D5CD02EF86466DCC90EB560 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:38:24.0073 0x0528 usbhub - ok
17:38:24.0102 0x0528 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
17:38:24.0120 0x0528 usbohci - ok
17:38:24.0155 0x0528 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:38:24.0179 0x0528 usbprint - ok
17:38:24.0187 0x0528 [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:38:24.0212 0x0528 USBSTOR - ok
17:38:24.0246 0x0528 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:38:24.0265 0x0528 usbuhci - ok
17:38:24.0328 0x0528 [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
17:38:24.0366 0x0528 usbvideo - ok
17:38:24.0425 0x0528 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
17:38:24.0428 0x0528 UxSms - ok
17:38:24.0472 0x0528 [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] VaultSvc C:\Windows\system32\lsass.exe
17:38:24.0475 0x0528 VaultSvc - ok
17:38:24.0525 0x0528 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
17:38:24.0562 0x0528 vdrvroot - ok
17:38:24.0608 0x0528 [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
17:38:24.0691 0x0528 vds - ok
17:38:24.0701 0x0528 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:38:24.0706 0x0528 vga - ok
17:38:24.0711 0x0528 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:38:24.0719 0x0528 VgaSave - ok
17:38:24.0747 0x0528 [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
17:38:24.0775 0x0528 vhdmp - ok
17:38:24.0802 0x0528 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
17:38:24.0815 0x0528 viaide - ok
17:38:24.0855 0x0528 [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
17:38:24.0948 0x0528 vmbus - ok
17:38:24.0972 0x0528 [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
17:38:25.0024 0x0528 VMBusHID - ok
17:38:25.0032 0x0528 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
17:38:25.0039 0x0528 volmgr - ok
17:38:25.0119 0x0528 [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:38:25.0127 0x0528 volmgrx - ok
17:38:25.0139 0x0528 [ 58F82EED8CA24B461441F9C3E4F0BF5C, 40B8C9C9D1BEDD1507138273A3C000C753C8765E1873F2170DE63555A042928C ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
17:38:25.0154 0x0528 volsnap - ok
17:38:25.0182 0x0528 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
17:38:25.0231 0x0528 vsmraid - ok
17:38:25.0365 0x0528 [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
17:38:25.0466 0x0528 VSS - ok
17:38:25.0480 0x0528 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
17:38:25.0534 0x0528 vwifibus - ok
17:38:25.0584 0x0528 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
17:38:25.0592 0x0528 vwififlt - ok
17:38:25.0655 0x0528 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
17:38:25.0690 0x0528 W32Time - ok
17:38:25.0702 0x0528 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
17:38:25.0727 0x0528 WacomPen - ok
17:38:25.0766 0x0528 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
17:38:25.0818 0x0528 WANARP - ok
17:38:25.0836 0x0528 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:38:25.0839 0x0528 Wanarpv6 - ok
17:38:25.0943 0x0528 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
17:38:26.0051 0x0528 WatAdminSvc - ok
17:38:26.0134 0x0528 [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
17:38:26.0234 0x0528 wbengine - ok
17:38:26.0249 0x0528 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
17:38:26.0270 0x0528 WbioSrvc - ok
17:38:26.0303 0x0528 [ 8321C2CA3B62B61B293CDA3451984468, 856A079C2CCC75D633EA23E410D7F3ECDF368EAAAFF634CB82DDA545FD3A2F9C ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:38:26.0336 0x0528 wcncsvc - ok
17:38:26.0352 0x0528 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:38:26.0382 0x0528 WcsPlugInService - ok
17:38:26.0418 0x0528 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
17:38:26.0423 0x0528 Wd - ok
17:38:26.0449 0x0528 [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:38:26.0475 0x0528 Wdf01000 - ok
17:38:26.0509 0x0528 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:38:26.0513 0x0528 WdiServiceHost - ok
17:38:26.0519 0x0528 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:38:26.0523 0x0528 WdiSystemHost - ok
17:38:26.0574 0x0528 [ 8A438CBB8C032A0C798B0C642FFBE572, 3200B9B6A7B87C1C47295FA416C99DE1FBB2DBBA3DA78D5CC88C26DCC4189D45 ] WebClient C:\Windows\System32\webclnt.dll
17:38:26.0618 0x0528 WebClient - ok
17:38:26.0655 0x0528 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:38:26.0706 0x0528 Wecsvc - ok
17:38:26.0774 0x0528 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:38:26.0785 0x0528 wercplsupport - ok
17:38:26.0905 0x0528 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
17:38:26.0915 0x0528 WerSvc - ok
17:38:27.0005 0x0528 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
17:38:27.0009 0x0528 WfpLwf - ok
17:38:27.0019 0x0528 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
17:38:27.0024 0x0528 WIMMount - ok
17:38:27.0043 0x0528 WinDefend - ok
17:38:27.0055 0x0528 WinHttpAutoProxySvc - ok
17:38:27.0445 0x0528 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:38:27.0517 0x0528 Winmgmt - ok
17:38:27.0648 0x0528 [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
17:38:27.0756 0x0528 WinRM - ok
17:38:27.0867 0x0528 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:38:27.0909 0x0528 Wlansvc - ok
17:38:27.0928 0x0528 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:38:27.0929 0x0528 WmiAcpi - ok
17:38:27.0960 0x0528 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:38:27.0994 0x0528 wmiApSrv - ok
17:38:28.0034 0x0528 WMPNetworkSvc - ok
17:38:28.0062 0x0528 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:38:28.0072 0x0528 WPCSvc - ok
17:38:28.0079 0x0528 [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:38:28.0084 0x0528 WPDBusEnum - ok
17:38:28.0141 0x0528 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:38:28.0145 0x0528 ws2ifsl - ok
17:38:28.0275 0x0528 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
17:38:28.0293 0x0528 wscsvc - ok
17:38:28.0302 0x0528 WSearch - ok
17:38:28.0462 0x0528 [ B4F54911FD477012FDABF5EF7EFAA945, FD1A29E7647EAE37750EC24AF3325045D00E43DF1CE070510D86A86FF8F92484 ] WsysSvc C:\ProgramData\eSafe\eGdpSvc.exe
17:38:28.0494 0x0528 WsysSvc - ok
17:38:28.0647 0x0528 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
17:38:28.0749 0x0528 wuauserv - ok
17:38:28.0790 0x0528 [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
17:38:28.0800 0x0528 WudfPf - ok
17:38:28.0821 0x0528 [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:38:28.0861 0x0528 wudfsvc - ok
17:38:28.0920 0x0528 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
17:38:28.0975 0x0528 WwanSvc - ok
17:38:29.0032 0x0528 ================ Scan global ===============================
17:38:29.0141 0x0528 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:38:29.0184 0x0528 [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
17:38:29.0295 0x0528 [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\system32\winsrv.dll
17:38:29.0341 0x0528 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:38:29.0393 0x0528 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
17:38:29.0412 0x0528 [ Global ] - ok
17:38:29.0413 0x0528 ================ Scan MBR ==================================
17:38:29.0478 0x0528 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:38:30.0070 0x0528 \Device\Harddisk0\DR0 - ok
17:38:30.0070 0x0528 ================ Scan VBR ==================================
17:38:30.0125 0x0528 [ 5A021CF36B7C8FF7F6B0F0150B7457E1 ] \Device\Harddisk0\DR0\Partition1
17:38:30.0192 0x0528 \Device\Harddisk0\DR0\Partition1 - ok
17:38:30.0223 0x0528 [ 0F863E609F781DFB426ECAC11B0DD732 ] \Device\Harddisk0\DR0\Partition2
17:38:30.0259 0x0528 \Device\Harddisk0\DR0\Partition2 - ok
17:38:30.0260 0x0528 Waiting for KSN requests completion. In queue: 58
17:38:31.0261 0x0528 Waiting for KSN requests completion. In queue: 58
17:38:32.0261 0x0528 Waiting for KSN requests completion. In queue: 58
17:38:33.0266 0x0528 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.0.307 ), 0x41000 ( enabled : updated )
17:38:33.0270 0x0528 Win FW state via NFP2: enabled
17:38:35.0704 0x0528 ============================================================
17:38:35.0704 0x0528 Scan finished
17:38:35.0704 0x0528 ============================================================
17:38:35.0716 0x136c Detected object count: 0
17:38:35.0716 0x136c Actual detected object count: 0
17:42:03.0112 0x1380 Deinitialize success
__________________

Alt 15.10.2013, 09:15   #4
usernamejuli
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Schritt 2

FRS
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Juli (administrator) on JULI-PC on 14-10-2013 17:51:22
Running from C:\Users\Juli\Downloads
Windows 7 Professional (X64) OS Language: German Standard
Internet Explorer Version 8
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
(Whilokii) C:\Program Files (x86)\Whilokii\updateWhilokii.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKLM-x32\...\Runonce: [Del9822119] - cmd.exe /Q /D /c del "C:\Users\Juli\AppData\Local\Temp\0.del" [x]
HKCU\...\Run: [Google Update] - C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-13] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-09-30] (Avira Operations GmbH & Co. KG)
AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll  [2704352 2013-09-23] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8280B0C63EC8CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=CAAB00238B890D3D&affID=125035&tsp=5035
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CAAB00238B890D3D&affID=125035&tsp=5035
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
BHO-x32: Whilokii - {204df522-9a96-4a72-abb0-60f7a216d6d2} - C:\Program Files (x86)\Whilokii\Whilokiibho.dll (Whilokii)
BHO-x32: searchgol Helper Object - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD)
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM-x32 - searchgol Toolbar - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR HomePage: hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
CHR RestoreOnStartup: "hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679"
CHR Extension: (Search-Gol Toolbar) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aipfmkinhleccnodemkoofnnofpbbpac\1.0_0
CHR Extension: (Google Docs) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Whilokii) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0_0
CHR Extension: (BonanzaDeals) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0
CHR Extension: (Lightning Newtab) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.6.6_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [aipfmkinhleccnodemkoofnnofpbbpac] - C:\Users\Juli\AppData\Roaming\BabSolution\CR\searchgol.crx
CHR HKLM-x32\...\Chrome\Extension: [iaimhpklononapfjngelgdokckfjekfc] - C:\Program Files (x86)\Whilokii\iaimhpklononapfjngelgdokckfjekfc.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-09-30] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845664 2013-09-23] ()
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-14] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-14] (BonanzaDeals)
R2 Update Whilokii; C:\Program Files (x86)\Whilokii\updateWhilokii.exe [65304 2013-10-05] (Whilokii)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [1706064 2013-10-14] (Wsys Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-09-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-09-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-09-30] (Avira Operations GmbH & Co. KG)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-14 17:51 - 2013-10-14 17:51 - 00000000 ____D C:\FRST
2013-10-14 17:49 - 2013-10-14 17:49 - 01954124 _____ (Farbar) C:\Users\Juli\Downloads\FRST64.exe
2013-10-14 17:49 - 2013-10-14 17:49 - 00000000 ____D C:\Users\Juli\Documents\My Received Files
2013-10-14 17:49 - 2013-10-14 17:49 - 00000000 ____D C:\Users\Juli\AppData\Roaming\MusicNet
2013-10-14 17:47 - 2013-10-14 17:47 - 01332104 _____ (iMesh Inc) C:\Users\Juli\Downloads\iMeshSetup-r1487-w-bc.exe
2013-10-14 17:35 - 2013-10-14 17:36 - 04101172 _____ C:\Users\Juli\Downloads\tdsskiller.zip
2013-10-14 17:33 - 2013-10-14 17:43 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-14 17:33 - 2013-10-14 17:34 - 02240864 _____ (Kaspersky Lab ZAO) C:\Users\Juli\Downloads\tdsskiller.exe
2013-10-14 17:31 - 2013-10-14 17:42 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Systweak
2013-10-14 17:31 - 2013-10-14 17:36 - 00000922 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-14 17:31 - 2013-10-14 17:36 - 00000918 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-14 17:31 - 2013-10-14 17:31 - 00003918 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-10-14 17:31 - 2013-10-14 17:31 - 00003666 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-10-14 17:31 - 2013-10-14 17:31 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00003384 _____ C:\Windows\System32\Tasks\BonanzaDealsUpdate
2013-10-14 17:31 - 2013-10-14 17:31 - 00003382 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\searchgol
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\BabSolution
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Local\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\eSafe
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\searchgol
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-14 17:31 - 2013-07-22 16:07 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-10-14 17:30 - 2013-10-14 17:30 - 00003224 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-14 17:30 - 2013-10-14 17:30 - 00000288 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-14 17:30 - 2013-10-14 17:30 - 00000000 ____D C:\Users\Juli\AppData\Roaming\DigitalSite
2013-10-14 17:30 - 2013-10-14 17:30 - 00000000 ____D C:\ProgramData\Babylon
2013-10-14 17:29 - 2013-10-14 17:29 - 00753504 _____ C:\Users\Juli\Downloads\ZipExtractorSetup.exe
2013-10-14 17:25 - 2013-10-14 17:47 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Skype
2013-10-14 17:25 - 2013-10-14 17:25 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-10-14 17:25 - 2013-10-14 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-14 17:25 - 2013-10-14 17:25 - 00000000 ____D C:\ProgramData\Skype
2013-10-14 17:23 - 2013-10-14 17:25 - 32542880 _____ (Skype Technologies S.A.) C:\Users\Juli\Downloads\Skype69SetupFull.exe
2013-10-14 14:46 - 2013-10-14 14:46 - 00097328 _____ C:\Windows\PFRO.log
2013-10-13 20:50 - 2013-10-13 20:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-13 20:37 - 2013-10-13 20:37 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Avira
2013-10-13 20:35 - 2013-10-13 20:41 - 163606685 _____ C:\Users\Juli\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-10-13 20:31 - 2013-10-13 20:31 - 00000000 ____D C:\ProgramData\Avira
2013-10-13 20:31 - 2013-10-13 20:31 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-13 20:31 - 2013-09-30 11:01 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-13 20:31 - 2013-09-30 11:01 - 00105856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-13 20:31 - 2013-09-30 11:01 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-13 20:31 - 2013-09-30 11:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-13 20:26 - 2013-10-13 20:30 - 122946048 _____ C:\Users\Juli\Downloads\avira14_free_antivirus_de.exe
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\Photo
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\Games
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\College
2013-10-13 20:18 - 2013-10-14 15:08 - 00063568 _____ C:\Users\Juli\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-13 20:10 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-10-13 20:10 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-10-13 20:10 - 2012-02-15 06:47 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-10-13 20:10 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-10-13 20:08 - 2013-10-13 20:08 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-13 20:07 - 2013-10-14 15:17 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA.job
2013-10-13 20:07 - 2013-10-13 20:17 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core.job
2013-10-13 20:07 - 2013-10-13 20:12 - 00004084 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA
2013-10-13 20:07 - 2013-10-13 20:12 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core
2013-10-13 20:07 - 2013-10-13 20:08 - 00000000 ____D C:\Users\Juli\AppData\Local\Google
2013-10-13 20:03 - 2013-10-14 17:43 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-13 20:03 - 2013-10-14 17:31 - 00001741 _____ C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-13 20:03 - 2013-10-14 17:31 - 00001719 _____ C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-10-13 20:03 - 2013-10-13 20:03 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-13 20:02 - 2013-10-13 20:03 - 00000000 ____D C:\Users\Juli
2013-10-13 20:02 - 2013-10-13 20:02 - 00003532 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-10-13 20:02 - 2013-10-13 20:02 - 00000020 ___SH C:\Users\Juli\ntuser.ini
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Vorlagen
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Startmenü
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Netzwerkumgebung
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Lokale Einstellungen
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Eigene Dateien
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Druckumgebung
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Documents\Eigene Musik
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Documents\Eigene Bilder
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Local\Verlauf
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Local\Anwendungsdaten
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Anwendungsdaten
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 ____D C:\Users\Juli\AppData\Local\VirtualStore
2013-10-13 20:02 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-13 20:02 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-13 20:01 - 2013-10-13 20:01 - 00206312 __RSH C:\MYMXU
2013-10-13 20:01 - 2013-10-13 20:01 - 00000009 __RSH C:\Windows\installed
2013-10-13 20:01 - 2013-10-13 20:01 - 00000009 __RSH C:\wedaolu
2013-10-13 20:01 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-10-13 20:01 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-10-13 20:01 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-10-13 20:01 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-10-13 20:01 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-10-13 20:01 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-10-13 20:01 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-10-13 20:01 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-10-13 20:01 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-10-13 20:00 - 2013-10-13 20:00 - 00000019 ____H C:\Windows\Slic.log
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 __SHD C:\Recovery
2013-10-13 18:35 - 2013-10-13 20:01 - 00000000 ____D C:\Windows\Panther
2013-10-13 18:35 - 2013-10-13 18:35 - 00008192 __RSH C:\BOOTSECT.BAK
2013-10-13 18:35 - 2009-07-14 03:38 - 00383562 __RSH C:\bootmgr
2013-10-13 17:39 - 2013-10-14 17:34 - 01502611 _____ C:\Windows\WindowsUpdate.log
2013-10-13 17:39 - 2013-10-13 17:39 - 00001313 _____ C:\Windows\TSSysprep.log
2013-10-13 17:38 - 2013-10-13 17:38 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-10-09 15:01 - 2013-10-14 17:37 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Juli\Desktop\TDSSKiller.exe

==================== One Month Modified Files and Folders =======

2013-10-14 17:51 - 2013-10-14 17:51 - 00000000 ____D C:\FRST
2013-10-14 17:49 - 2013-10-14 17:49 - 01954124 _____ (Farbar) C:\Users\Juli\Downloads\FRST64.exe
2013-10-14 17:49 - 2013-10-14 17:49 - 00000000 ____D C:\Users\Juli\Documents\My Received Files
2013-10-14 17:49 - 2013-10-14 17:49 - 00000000 ____D C:\Users\Juli\AppData\Roaming\MusicNet
2013-10-14 17:47 - 2013-10-14 17:47 - 01332104 _____ (iMesh Inc) C:\Users\Juli\Downloads\iMeshSetup-r1487-w-bc.exe
2013-10-14 17:47 - 2013-10-14 17:25 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Skype
2013-10-14 17:43 - 2013-10-14 17:33 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-14 17:43 - 2013-10-13 20:03 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-14 17:42 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Systweak
2013-10-14 17:37 - 2013-10-09 15:01 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Juli\Desktop\TDSSKiller.exe
2013-10-14 17:36 - 2013-10-14 17:35 - 04101172 _____ C:\Users\Juli\Downloads\tdsskiller.zip
2013-10-14 17:36 - 2013-10-14 17:31 - 00000922 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-14 17:36 - 2013-10-14 17:31 - 00000918 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-14 17:34 - 2013-10-14 17:33 - 02240864 _____ (Kaspersky Lab ZAO) C:\Users\Juli\Downloads\tdsskiller.exe
2013-10-14 17:34 - 2013-10-13 17:39 - 01502611 _____ C:\Windows\WindowsUpdate.log
2013-10-14 17:31 - 2013-10-14 17:31 - 00003918 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-10-14 17:31 - 2013-10-14 17:31 - 00003666 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-10-14 17:31 - 2013-10-14 17:31 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00003384 _____ C:\Windows\System32\Tasks\BonanzaDealsUpdate
2013-10-14 17:31 - 2013-10-14 17:31 - 00003382 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\searchgol
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\BabSolution
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Local\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\eSafe
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\searchgol
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-14 17:31 - 2013-10-13 20:03 - 00001741 _____ C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-14 17:31 - 2013-10-13 20:03 - 00001719 _____ C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-10-14 17:30 - 2013-10-14 17:30 - 00003224 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-14 17:30 - 2013-10-14 17:30 - 00000288 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-14 17:30 - 2013-10-14 17:30 - 00000000 ____D C:\Users\Juli\AppData\Roaming\DigitalSite
2013-10-14 17:30 - 2013-10-14 17:30 - 00000000 ____D C:\ProgramData\Babylon
2013-10-14 17:29 - 2013-10-14 17:29 - 00753504 _____ C:\Users\Juli\Downloads\ZipExtractorSetup.exe
2013-10-14 17:28 - 2009-07-14 06:51 - 00016173 _____ C:\Windows\setupact.log
2013-10-14 17:25 - 2013-10-14 17:25 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-10-14 17:25 - 2013-10-14 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-14 17:25 - 2013-10-14 17:25 - 00000000 ____D C:\ProgramData\Skype
2013-10-14 17:25 - 2013-10-14 17:23 - 32542880 _____ (Skype Technologies S.A.) C:\Users\Juli\Downloads\Skype69SetupFull.exe
2013-10-14 15:17 - 2013-10-13 20:07 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA.job
2013-10-14 15:08 - 2013-10-13 20:18 - 00063568 _____ C:\Users\Juli\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-14 14:55 - 2009-07-14 06:45 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-14 14:55 - 2009-07-14 06:45 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-14 14:53 - 2009-07-14 19:58 - 00643866 _____ C:\Windows\system32\perfh007.dat
2013-10-14 14:53 - 2009-07-14 19:58 - 00126394 _____ C:\Windows\system32\perfc007.dat
2013-10-14 14:53 - 2009-07-14 07:13 - 01472002 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-14 14:47 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-14 14:47 - 2009-07-14 06:45 - 00293320 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-14 14:46 - 2013-10-14 14:46 - 00097328 _____ C:\Windows\PFRO.log
2013-10-13 20:51 - 2013-10-13 20:50 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-13 20:44 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-13 20:41 - 2013-10-13 20:35 - 163606685 _____ C:\Users\Juli\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-10-13 20:37 - 2013-10-13 20:37 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Avira
2013-10-13 20:31 - 2013-10-13 20:31 - 00000000 ____D C:\ProgramData\Avira
2013-10-13 20:31 - 2013-10-13 20:31 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-13 20:30 - 2013-10-13 20:26 - 122946048 _____ C:\Users\Juli\Downloads\avira14_free_antivirus_de.exe
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\Photo
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\Games
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\College
2013-10-13 20:17 - 2013-10-13 20:07 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core.job
2013-10-13 20:12 - 2013-10-13 20:07 - 00004084 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA
2013-10-13 20:12 - 2013-10-13 20:07 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core
2013-10-13 20:08 - 2013-10-13 20:08 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-13 20:08 - 2013-10-13 20:07 - 00000000 ____D C:\Users\Juli\AppData\Local\Google
2013-10-13 20:03 - 2013-10-13 20:03 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-13 20:03 - 2013-10-13 20:02 - 00000000 ____D C:\Users\Juli
2013-10-13 20:02 - 2013-10-13 20:02 - 00003532 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-10-13 20:02 - 2013-10-13 20:02 - 00000020 ___SH C:\Users\Juli\ntuser.ini
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Vorlagen
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Startmenü
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Netzwerkumgebung
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Lokale Einstellungen
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Eigene Dateien
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Druckumgebung
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Documents\Eigene Musik
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Documents\Eigene Bilder
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Local\Verlauf
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Local\Anwendungsdaten
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Anwendungsdaten
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 ____D C:\Users\Juli\AppData\Local\VirtualStore
2013-10-13 20:01 - 2013-10-13 20:01 - 00206312 __RSH C:\MYMXU
2013-10-13 20:01 - 2013-10-13 20:01 - 00000009 __RSH C:\Windows\installed
2013-10-13 20:01 - 2013-10-13 20:01 - 00000009 __RSH C:\wedaolu
2013-10-13 20:01 - 2013-10-13 18:35 - 00000000 ____D C:\Windows\Panther
2013-10-13 20:01 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2013-10-13 20:01 - 2009-07-14 06:45 - 00000000 ____D C:\Windows\Setup
2013-10-13 20:00 - 2013-10-13 20:00 - 00000019 ____H C:\Windows\Slic.log
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 __SHD C:\Recovery
2013-10-13 20:00 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-13 20:00 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-10-13 20:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Recovery
2013-10-13 20:00 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2013-10-13 19:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-13 18:35 - 2013-10-13 18:35 - 00008192 __RSH C:\BOOTSECT.BAK
2013-10-13 18:35 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-10-13 18:35 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-10-13 17:39 - 2013-10-13 17:39 - 00001313 _____ C:\Windows\TSSysprep.log
2013-10-13 17:39 - 2009-07-14 06:46 - 00001774 _____ C:\Windows\DtcInstall.log
2013-10-13 17:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-10-13 17:38 - 2013-10-13 17:38 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-10-13 17:36 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\CSC
2013-09-30 11:01 - 2013-10-13 20:31 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-30 11:01 - 2013-10-13 20:31 - 00105856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-30 11:01 - 2013-10-13 20:31 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-30 11:01 - 2013-10-13 20:31 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

Some content of TEMP:
====================
C:\Users\Juli\AppData\Local\Temp\avgnt.exe
C:\Users\Juli\AppData\Local\Temp\BackupSetup.exe
C:\Users\Juli\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-13 17:36

==================== End Of Log ============================
         
--- --- ---

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Juli at 2013-10-14 17:52:04
Running from C:\Users\Juli\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Avira Free Antivirus (x32 Version: 14.0.0.383)
BitGuard (x32)
Bonanza Deals (remove only) (x32 Version: 5.0.1.0)
Google Chrome (HKCU Version: 30.0.1599.69)
Google Update Helper (x32 Version: 1.3.23.0)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
Search-Gol Chrome Toolbar (x32)
searchgol toolbar (x32 Version: 1.8.16.19)
Skype™ 6.9 (x32 Version: 6.9.106)
Update for Zip Extractor (HKCU)
Whilokii 1.0.0 (Version: 1.0.0)
Wsys Control 10.2.1.2652 (x32 Version: 10.2.1.2652)

==================== Restore Points =========================

13-10-2013 18:01:00 Windows Update
13-10-2013 18:11:09 Windows Update
13-10-2013 18:44:29 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
13-10-2013 18:45:30 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
13-10-2013 18:50:31 OpenOffice 4.0.1 wird installiert

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1FD998E1-DE97-4B6B-86A7-903DA75A8FA4} - System32\Tasks\EPUpdater => C:\Users\Juli\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-09-01] ()
Task: {21CF6B4C-75BD-4E4F-B662-08F0617666F1} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-14] (BonanzaDeals)
Task: {31C87A3F-D9DD-4731-8B24-7F76073F7CA6} - System32\Tasks\BonanzaDealsUpdate => C:\Program
Task: {3C35ADCB-C581-42CF-98A7-BCB3019B11DE} - System32\Tasks\DigitalSite => C:\Users\Juli\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {735A626E-462A-41E3-94F6-750158F6F79D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core => C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-13] (Google Inc.)
Task: {81FFDFFF-AB5D-4203-BCCE-93472A040B5B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA => C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-13] (Google Inc.)
Task: {CFDAC951-7928-4074-9C94-E3C9DC25429D} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-14] (BonanzaDeals)
Task: {E19D36C1-6633-4518-8F23-C4CD59FEED33} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-06-24] (Microsoft Corporation)
Task: {FE23D955-510E-40D9-B296-8CDC4EE66E96} - System32\Tasks\BitGuard => Sc.exe start BitGuard
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Juli\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core.job => C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA.job => C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-13 20:31 - 2013-09-30 11:01 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-14 17:31 - 2013-09-23 13:55 - 02704352 _____ () C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
2013-10-13 20:08 - 2013-10-03 08:02 - 00698832 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\libglesv2.dll
2013-10-13 20:08 - 2013-10-03 08:02 - 00099792 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\libegl.dll
2013-10-13 20:08 - 2013-10-03 08:03 - 04055504 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
2013-10-13 20:08 - 2013-10-03 08:03 - 00415184 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
2013-10-13 20:08 - 2013-10-03 08:02 - 01604560 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
2013-10-13 20:08 - 2013-10-03 08:03 - 13611984 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/13/2013 07:58:44 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004F050
Teil-Pkey=VF3FW
ACID=?
Genauer Fehler[?]


System errors:
=============
Error: (10/14/2013 05:23:01 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (10/14/2013 02:47:12 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (10/14/2013 02:47:12 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/13/2013 08:13:45 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (10/13/2013 08:13:45 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/13/2013 08:11:53 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (10/13/2013 08:11:53 PM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/13/2013 08:02:30 PM) (Source: NetBT) (User: )
Description: Der Treiber konnte nicht erstellt werden.

Error: (10/13/2013 08:02:30 PM) (Source: NetBT) (User: )
Description: Der Treiber konnte nicht erstellt werden.


Microsoft Office Sessions:
=========================
Error: (10/13/2013 07:58:44 PM) (Source: Software Protection Platform Service)(User: )
Description: 0xC004F050VF3FW??

Alt 15.10.2013, 09:39   #5
aharonov
/// TB-Ausbilder
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Hallo,

die Addition.txt ist unvollständig. Kannst du sie bitte nochmals komplett nachreichen?

Zitat:
Nach wenigen Sekunden poppte die Meldung wieder auf.
Kannst du bitte mal die Meldungen, die nach dem Formatieren aufgetaucht sind, raussuchen und posten. Siehe hier: http://www.trojaner-board.de/125889-...en-posten.html

__________________
cheers,
Leo

Alt 15.10.2013, 09:54   #6
usernamejuli
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Sorry das die Addition Datei unvollständig war aber war leider im Editor so gespeichert. Neuer Versuch
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Juli (administrator) on JULI-PC on 15-10-2013 10:47:43
Running from C:\Users\Juli\Downloads
Windows 7 Professional (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Whilokii) C:\Program Files (x86)\Whilokii\updateWhilokii.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\LogonUI.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
() C:\Users\Juli\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
(Microsoft Corporation) C:\Windows\system32\msiexec.exe
(Avira Operations GmbH & Co. KG) C:\program files (x86)\avira\antivir desktop\avcenter.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [Google Update] - C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-13] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-09-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll  [2704352 2013-09-23] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://de.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8280B0C63EC8CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = hxxp://www.searchgol.com/?babsrc=HP_ss&mntrId=CAAB00238B890D3D&affID=125035&tsp=5035
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=hp&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe hxxp://www.qvo6.com/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=sc&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CAAB00238B890D3D&affID=125035&tsp=5035
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
BHO-x32: Whilokii - {204df522-9a96-4a72-abb0-60f7a216d6d2} - C:\Program Files (x86)\Whilokii\Whilokiibho.dll (Whilokii)
BHO-x32: searchgol Helper Object - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD)
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM-x32 - searchgol Toolbar - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR Extension: (Search-Gol Toolbar) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aipfmkinhleccnodemkoofnnofpbbpac\1.0_0
CHR Extension: (Google Docs) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Whilokii) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0_0
CHR Extension: (BonanzaDeals) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0
CHR Extension: (Lightning Newtab) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.6.6_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [aipfmkinhleccnodemkoofnnofpbbpac] - C:\Users\Juli\AppData\Roaming\BabSolution\CR\searchgol.crx
CHR HKLM-x32\...\Chrome\Extension: [iaimhpklononapfjngelgdokckfjekfc] - C:\Program Files (x86)\Whilokii\iaimhpklononapfjngelgdokckfjekfc.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-09-30] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845664 2013-09-23] ()
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-14] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-14] (BonanzaDeals)
R2 Update Whilokii; C:\Program Files (x86)\Whilokii\updateWhilokii.exe [65304 2013-10-05] (Whilokii)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [1706064 2013-10-14] (Wsys Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-09-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-09-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-09-30] (Avira Operations GmbH & Co. KG)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-15 10:42 - 2013-10-15 10:42 - 00011152 _____ C:\Users\Juli\Desktop\Ereignisse.txt
2013-10-15 10:38 - 2013-10-15 10:38 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-15 10:38 - 2013-10-15 10:38 - 00000000 ____D C:\ProgramData\Adobe
2013-10-15 10:38 - 2013-10-15 10:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-15 10:35 - 2013-10-15 10:41 - 00000000 ____D C:\Users\Juli\AppData\Local\Adobe
2013-10-15 01:40 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-10-15 01:40 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2013-10-15 01:20 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-15 01:20 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-15 01:20 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-10-15 01:20 - 2012-06-02 16:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-10-15 01:10 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2013-10-15 01:10 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2013-10-15 01:10 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 17833984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-10-15 01:08 - 2013-10-15 01:08 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-10-15 01:08 - 2013-10-15 01:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-15 01:08 - 2013-10-15 01:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-15 01:08 - 2013-10-15 01:08 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-15 01:08 - 2013-10-15 01:08 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-10-15 01:08 - 2013-10-15 01:08 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-10-15 01:08 - 2013-10-15 01:08 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-10-15 01:08 - 2013-10-15 01:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-10-15 01:08 - 2013-10-15 01:08 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-10-15 01:08 - 2013-10-15 01:08 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-10-15 01:04 - 2013-10-15 01:10 - 00004905 _____ C:\Windows\IE9_main.log
2013-10-15 00:57 - 2012-12-16 18:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-15 00:57 - 2012-12-16 16:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-15 00:57 - 2012-12-16 16:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-15 00:57 - 2012-12-16 16:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-15 00:56 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-10-15 00:56 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-10-15 00:56 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-10-15 00:56 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-10-15 00:56 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-10-15 00:56 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-10-15 00:56 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-10-15 00:56 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-10-15 00:52 - 2012-03-01 08:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2013-10-15 00:52 - 2012-03-01 08:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-10-15 00:52 - 2012-03-01 08:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2013-10-15 00:52 - 2012-03-01 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-10-15 00:52 - 2012-03-01 07:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-10-14 18:54 - 2013-10-14 18:54 - 00000000 ____D C:\Users\Juli\AppData\Local\avgchrome
2013-10-14 18:30 - 2013-10-14 18:30 - 00000088 _____ C:\Users\Juli\AppData\Roaming\WB.CFG
2013-10-14 18:30 - 2013-10-14 18:30 - 00000006 _____ C:\Users\Juli\AppData\Roaming\WBPU-TTL.DAT
2013-10-14 17:52 - 2013-10-14 17:52 - 00009358 _____ C:\Users\Juli\Downloads\Addition.txt
2013-10-14 17:51 - 2013-10-14 17:51 - 00000000 ____D C:\FRST
2013-10-14 17:49 - 2013-10-14 17:49 - 01954124 _____ (Farbar) C:\Users\Juli\Downloads\FRST64.exe
2013-10-14 17:49 - 2013-10-14 17:49 - 00000000 ____D C:\Users\Juli\Documents\My Received Files
2013-10-14 17:49 - 2013-10-14 17:49 - 00000000 ____D C:\Users\Juli\AppData\Roaming\MusicNet
2013-10-14 17:47 - 2013-10-14 17:47 - 01332104 _____ (iMesh Inc) C:\Users\Juli\Downloads\iMeshSetup-r1487-w-bc.exe
2013-10-14 17:35 - 2013-10-14 17:36 - 04101172 _____ C:\Users\Juli\Downloads\tdsskiller.zip
2013-10-14 17:33 - 2013-10-14 17:43 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-14 17:33 - 2013-10-14 17:34 - 02240864 _____ (Kaspersky Lab ZAO) C:\Users\Juli\Downloads\tdsskiller.exe
2013-10-14 17:31 - 2013-10-15 10:36 - 00000922 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-14 17:31 - 2013-10-15 10:00 - 00000918 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-14 17:31 - 2013-10-15 10:00 - 00000000 ____D C:\ProgramData\eSafe
2013-10-14 17:31 - 2013-10-15 09:58 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-10-14 17:31 - 2013-10-14 17:42 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Systweak
2013-10-14 17:31 - 2013-10-14 17:31 - 00003918 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-10-14 17:31 - 2013-10-14 17:31 - 00003666 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-10-14 17:31 - 2013-10-14 17:31 - 00003384 _____ C:\Windows\System32\Tasks\BonanzaDealsUpdate
2013-10-14 17:31 - 2013-10-14 17:31 - 00003382 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\searchgol
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\BabSolution
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Local\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\searchgol
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-14 17:31 - 2013-07-22 16:07 - 00020312 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2013-10-14 17:30 - 2013-10-15 10:30 - 00000288 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-14 17:30 - 2013-10-14 17:30 - 00003224 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-14 17:30 - 2013-10-14 17:30 - 00000000 ____D C:\Users\Juli\AppData\Roaming\DigitalSite
2013-10-14 17:30 - 2013-10-14 17:30 - 00000000 ____D C:\ProgramData\Babylon
2013-10-14 17:29 - 2013-10-14 17:29 - 00753504 _____ C:\Users\Juli\Downloads\ZipExtractorSetup.exe
2013-10-14 17:25 - 2013-10-15 10:35 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Skype
2013-10-14 17:25 - 2013-10-14 17:25 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-10-14 17:25 - 2013-10-14 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-14 17:25 - 2013-10-14 17:25 - 00000000 ____D C:\ProgramData\Skype
2013-10-14 17:23 - 2013-10-14 17:25 - 32542880 _____ (Skype Technologies S.A.) C:\Users\Juli\Downloads\Skype69SetupFull.exe
2013-10-14 15:38 - 2012-09-06 19:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-10-14 15:38 - 2012-05-02 07:32 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-10-14 15:38 - 2010-12-21 08:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-10-14 15:38 - 2010-12-21 08:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-14 15:38 - 2010-12-21 08:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2013-10-14 15:38 - 2010-12-21 08:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2013-10-14 15:38 - 2010-12-21 08:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2013-10-14 15:38 - 2010-12-21 08:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2013-10-14 15:38 - 2010-12-21 08:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-14 15:38 - 2010-12-21 07:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-10-14 15:38 - 2010-12-21 07:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-14 15:38 - 2010-12-21 07:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2013-10-14 15:38 - 2010-12-21 07:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-10-14 15:38 - 2010-12-21 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2013-10-14 15:38 - 2010-12-21 07:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-14 15:37 - 2013-02-12 17:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-10-14 15:37 - 2013-02-12 17:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-10-14 15:37 - 2013-02-12 17:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-10-14 15:37 - 2013-02-12 17:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-10-14 15:37 - 2013-02-12 17:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-10-14 15:37 - 2013-02-12 15:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-10-14 15:37 - 2012-11-09 07:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-10-14 15:37 - 2012-11-09 06:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-10-14 15:37 - 2012-03-03 08:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-14 15:37 - 2012-03-03 08:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-14 15:37 - 2012-03-03 08:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-14 15:37 - 2012-03-03 08:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-14 15:37 - 2012-03-03 08:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-14 15:37 - 2012-03-03 07:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-10-14 15:37 - 2012-03-03 07:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-10-14 15:37 - 2012-03-03 07:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-10-14 15:37 - 2012-03-03 07:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-10-14 15:37 - 2012-03-03 07:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-10-14 15:37 - 2011-06-16 07:31 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2013-10-14 15:37 - 2011-06-16 06:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2013-10-14 15:37 - 2011-06-15 11:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2013-10-14 15:37 - 2011-06-15 11:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2013-10-14 15:37 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2013-10-14 15:37 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2013-10-14 15:37 - 2011-06-15 11:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2013-10-14 15:37 - 2011-06-15 11:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2013-10-14 15:37 - 2011-06-15 11:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2013-10-14 15:37 - 2011-06-15 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2013-10-14 15:37 - 2011-06-15 11:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2013-10-14 15:37 - 2011-04-27 04:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2013-10-14 15:37 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-10-14 15:37 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-10-14 15:37 - 2011-02-26 08:23 - 02870272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-10-14 15:37 - 2011-02-26 07:33 - 02614784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-10-14 15:37 - 2010-10-16 07:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2013-10-14 15:37 - 2010-10-16 06:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2013-10-14 15:36 - 2013-03-01 05:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-14 15:36 - 2012-11-09 07:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-10-14 15:36 - 2012-11-09 06:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-10-14 15:36 - 2011-10-26 07:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2013-10-14 15:36 - 2011-10-26 07:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-10-14 15:36 - 2011-10-26 06:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2013-10-14 15:36 - 2011-10-26 06:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-10-14 15:36 - 2010-12-23 08:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2013-10-14 15:36 - 2010-12-23 08:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2013-10-14 15:36 - 2010-12-23 08:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2013-10-14 15:36 - 2010-12-23 07:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2013-10-14 15:36 - 2010-12-23 07:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2013-10-14 15:36 - 2010-12-23 07:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2013-10-14 15:36 - 2010-08-26 07:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2013-10-14 15:36 - 2010-08-26 06:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2013-10-14 15:35 - 2012-01-04 11:58 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2013-10-14 15:35 - 2012-01-04 11:03 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2013-10-14 15:35 - 2011-11-17 09:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2013-10-14 15:35 - 2011-11-17 07:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-10-14 15:35 - 2011-07-09 04:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2013-10-14 15:35 - 2011-05-04 07:30 - 02326016 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2013-10-14 15:35 - 2011-05-04 07:28 - 02228224 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2013-10-14 15:35 - 2011-05-04 07:28 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2013-10-14 15:35 - 2011-05-04 07:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2013-10-14 15:35 - 2011-05-04 07:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2013-10-14 15:35 - 2011-05-04 07:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2013-10-14 15:35 - 2011-05-04 07:24 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2013-10-14 15:35 - 2011-05-04 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2013-10-14 15:35 - 2011-05-04 07:24 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-10-14 15:35 - 2011-05-04 06:53 - 01553920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-10-14 15:35 - 2011-05-04 06:52 - 01401856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-10-14 15:35 - 2011-05-04 06:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-10-14 15:35 - 2011-05-04 06:52 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-10-14 15:35 - 2011-05-04 06:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-10-14 15:35 - 2011-05-04 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-10-14 15:35 - 2011-05-04 06:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-10-14 15:35 - 2011-05-04 06:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-10-14 15:35 - 2011-05-04 06:52 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-10-14 15:35 - 2011-05-04 04:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2013-10-14 15:35 - 2011-05-04 04:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2013-10-14 15:35 - 2010-11-02 07:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2013-10-14 15:35 - 2010-11-02 07:17 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2013-10-14 15:35 - 2010-11-02 07:17 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2013-10-14 15:35 - 2010-11-02 07:16 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2013-10-14 15:35 - 2010-11-02 07:10 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2013-10-14 15:35 - 2010-11-02 07:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2013-10-14 15:35 - 2010-11-02 06:40 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2013-10-14 15:35 - 2010-11-02 06:40 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2013-10-14 15:35 - 2010-11-02 06:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2013-10-14 15:35 - 2010-11-02 06:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2013-10-14 15:35 - 2010-06-29 07:39 - 02085376 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2013-10-14 15:35 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-10-14 15:35 - 2010-05-05 09:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2013-10-14 15:35 - 2010-05-05 08:46 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-10-14 15:34 - 2013-04-12 16:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-10-14 15:34 - 2012-01-03 08:24 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2013-10-14 15:34 - 2012-01-03 07:44 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2013-10-14 15:34 - 2011-03-12 14:03 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-10-14 15:34 - 2011-03-12 13:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-10-14 15:34 - 2011-03-11 08:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2013-10-14 15:34 - 2011-03-11 08:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2013-10-14 15:34 - 2011-03-11 07:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2013-10-14 15:34 - 2011-03-11 07:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2013-10-14 15:34 - 2011-02-24 08:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-10-14 15:34 - 2011-02-24 07:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-10-14 15:34 - 2010-08-21 08:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-14 15:34 - 2010-08-21 07:33 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-14 15:34 - 2010-08-04 09:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2013-10-14 15:33 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-10-14 15:33 - 2012-11-02 07:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-10-14 15:33 - 2012-11-02 07:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-10-14 15:33 - 2012-11-02 06:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-10-14 15:33 - 2012-11-02 06:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-10-14 15:33 - 2012-08-02 19:55 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-14 15:33 - 2012-08-02 19:05 - 00490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-10-14 15:33 - 2012-06-09 07:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-14 15:33 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-14 15:33 - 2012-06-02 07:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-10-14 15:33 - 2012-06-02 07:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-10-14 15:33 - 2012-06-02 07:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-10-14 15:33 - 2012-06-02 07:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-10-14 15:33 - 2012-06-02 06:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-10-14 15:33 - 2012-06-02 06:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-10-14 15:33 - 2012-06-02 06:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-10-14 15:33 - 2012-04-26 07:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2013-10-14 15:33 - 2012-04-26 07:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2013-10-14 15:33 - 2012-04-26 07:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2013-10-14 15:33 - 2011-11-17 09:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-10-14 15:33 - 2011-11-17 09:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-10-14 15:33 - 2011-11-17 09:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-10-14 15:33 - 2011-11-17 09:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-10-14 15:33 - 2011-11-17 09:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-10-14 15:33 - 2011-04-22 22:18 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2013-10-14 15:33 - 2011-01-26 08:53 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-14 15:33 - 2011-01-26 08:53 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-10-14 15:33 - 2011-01-26 08:31 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-14 15:33 - 2010-11-02 07:18 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-10-14 15:33 - 2010-11-02 07:12 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-14 15:33 - 2010-11-02 06:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-10-14 15:33 - 2010-06-26 07:31 - 01863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2013-10-14 15:33 - 2010-06-26 07:14 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2013-10-14 15:33 - 2010-05-23 12:15 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-10-14 15:33 - 2010-05-23 12:11 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2013-10-14 15:33 - 2010-05-23 12:11 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-10-14 15:33 - 2010-05-23 10:37 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-10-14 15:33 - 2010-05-23 10:35 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2013-10-14 15:33 - 2010-05-23 10:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-10-14 15:33 - 2010-05-23 10:35 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2013-10-14 15:32 - 2013-01-04 07:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-10-14 15:32 - 2013-01-04 07:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-14 15:32 - 2013-01-04 07:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-10-14 15:32 - 2013-01-04 07:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-10-14 15:32 - 2013-01-04 07:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-10-14 15:32 - 2013-01-04 07:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-10-14 15:32 - 2013-01-04 07:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-10-14 15:32 - 2013-01-04 06:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-10-14 15:32 - 2013-01-04 06:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 05:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-10-14 15:32 - 2013-01-04 04:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-14 15:32 - 2013-01-04 04:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-14 15:32 - 2013-01-04 04:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-14 15:32 - 2013-01-04 04:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-14 15:32 - 2013-01-04 04:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 04:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 04:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 04:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-10-14 15:32 - 2012-11-20 07:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-10-14 15:32 - 2012-11-20 07:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-10-14 15:32 - 2012-11-02 07:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-10-14 15:32 - 2012-11-02 06:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-10-14 15:32 - 2012-08-24 20:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-10-14 15:32 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-10-14 15:32 - 2011-03-03 08:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2013-10-14 15:32 - 2011-03-03 08:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2013-10-14 15:32 - 2011-03-03 08:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2013-10-14 15:32 - 2011-03-03 07:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-10-14 15:32 - 2011-03-03 07:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2013-10-14 15:32 - 2010-08-21 08:38 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-10-14 15:32 - 2010-08-21 07:36 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2013-10-14 15:31 - 2013-01-04 07:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-14 15:31 - 2013-01-04 07:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-10-14 15:31 - 2012-12-07 07:41 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-10-14 15:31 - 2012-12-07 07:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-10-14 15:31 - 2012-12-07 07:04 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-10-14 15:31 - 2012-12-07 06:57 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-10-14 15:31 - 2012-12-07 05:45 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-10-14 15:31 - 2012-11-22 12:32 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-10-14 15:31 - 2012-11-22 11:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-10-14 15:31 - 2011-04-29 05:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2013-10-14 15:31 - 2011-04-29 05:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2013-10-14 15:31 - 2011-04-29 05:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2013-10-14 15:30 - 2012-11-30 01:21 - 00420032 _____ C:\Windows\SysWOW64\locale.nls
2013-10-14 15:30 - 2012-11-30 01:19 - 00420032 _____ C:\Windows\system32\locale.nls
2013-10-14 15:30 - 2012-08-11 02:53 - 00714752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-10-14 15:30 - 2012-08-11 01:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-10-14 15:30 - 2012-04-28 05:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-10-14 15:30 - 2012-04-07 14:18 - 03213824 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2013-10-14 15:30 - 2012-04-07 13:34 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2013-10-14 15:30 - 2012-03-17 09:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-10-14 15:30 - 2011-12-28 05:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-14 15:30 - 2011-08-17 07:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2013-10-14 15:30 - 2011-08-17 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2013-10-14 15:30 - 2011-08-17 07:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2013-10-14 15:30 - 2011-08-17 07:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2013-10-14 15:30 - 2011-08-17 07:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2013-10-14 15:30 - 2011-08-17 06:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2013-10-14 15:30 - 2011-08-17 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2013-10-14 15:30 - 2011-08-17 06:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2013-10-14 15:30 - 2011-08-17 06:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2013-10-14 15:30 - 2011-08-17 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2013-10-14 15:29 - 2012-09-26 00:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-10-14 15:29 - 2012-09-25 23:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-10-14 15:29 - 2011-02-05 14:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-10-14 15:29 - 2011-02-05 14:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-10-14 15:29 - 2011-02-05 14:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2013-10-14 15:29 - 2011-02-05 14:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2013-10-14 15:29 - 2011-02-05 14:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2013-10-14 15:29 - 2011-02-05 14:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-10-14 15:29 - 2011-02-05 14:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-10-14 15:29 - 2010-08-31 06:32 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2013-10-14 15:29 - 2010-08-31 06:32 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2013-10-14 15:28 - 2013-01-24 07:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-10-14 15:28 - 2012-07-05 00:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2013-10-14 15:28 - 2012-07-05 00:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2013-10-14 15:28 - 2012-07-05 00:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2013-10-14 15:28 - 2012-07-04 23:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-10-14 15:28 - 2012-07-04 23:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-10-14 15:28 - 2012-05-05 10:30 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2013-10-14 15:28 - 2012-05-05 09:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2013-10-14 15:28 - 2011-05-24 13:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2013-10-14 15:28 - 2011-05-24 12:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2013-10-14 15:28 - 2011-05-24 12:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2013-10-14 15:28 - 2011-05-24 12:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2013-10-14 15:28 - 2011-05-24 12:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-10-14 15:28 - 2011-02-18 08:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2013-10-14 15:28 - 2011-02-18 07:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2013-10-14 15:28 - 2010-12-18 08:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-10-14 15:28 - 2010-12-18 07:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-10-14 15:28 - 2010-09-01 07:21 - 14627840 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-10-14 15:28 - 2010-09-01 07:12 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-10-14 15:28 - 2010-09-01 06:29 - 11406848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-10-14 15:28 - 2010-09-01 06:23 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-10-14 15:27 - 2011-12-16 10:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2013-10-14 15:27 - 2011-12-16 09:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2013-10-14 15:27 - 2011-05-03 07:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2013-10-14 15:27 - 2011-05-03 06:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2013-10-14 15:27 - 2011-02-12 08:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2013-10-14 15:27 - 2010-10-16 07:23 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-10-14 15:26 - 2013-03-19 08:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-14 15:26 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-10-14 15:26 - 2013-03-19 07:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-14 15:26 - 2013-03-19 07:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-14 15:26 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-10-14 15:26 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-10-14 15:26 - 2012-05-14 07:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-10-14 15:26 - 2012-02-11 08:29 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2013-10-14 15:26 - 2012-02-11 08:29 - 00067584 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2013-10-14 15:26 - 2011-11-17 09:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-14 15:26 - 2011-11-17 07:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-14 15:26 - 2011-10-15 08:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2013-10-14 15:26 - 2011-10-15 07:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2013-10-14 15:26 - 2011-08-27 07:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-10-14 15:26 - 2011-08-27 07:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2013-10-14 15:26 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-10-14 15:26 - 2011-08-27 06:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2013-10-14 15:26 - 2011-02-23 07:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2013-10-14 15:26 - 2010-08-27 08:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2013-10-14 15:26 - 2010-08-27 07:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2013-10-14 15:25 - 2012-06-02 07:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-10-14 15:25 - 2012-06-02 07:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-10-14 15:25 - 2012-06-02 07:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-10-14 15:25 - 2012-06-02 06:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-10-14 15:25 - 2012-06-02 06:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-10-14 15:25 - 2012-06-02 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-10-14 14:59 - 2011-11-19 17:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2013-10-14 14:59 - 2011-11-19 16:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2013-10-14 14:46 - 2013-10-15 09:50 - 00097900 _____ C:\Windows\PFRO.log
2013-10-13 20:50 - 2013-10-13 20:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-13 20:37 - 2013-10-13 20:37 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Avira
2013-10-13 20:35 - 2013-10-13 20:41 - 163606685 _____ C:\Users\Juli\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-10-13 20:31 - 2013-10-13 20:31 - 00000000 ____D C:\ProgramData\Avira
2013-10-13 20:31 - 2013-10-13 20:31 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-13 20:31 - 2013-09-30 11:01 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-13 20:31 - 2013-09-30 11:01 - 00105856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-13 20:31 - 2013-09-30 11:01 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-13 20:31 - 2013-09-30 11:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-13 20:26 - 2013-10-13 20:30 - 122946048 _____ C:\Users\Juli\Downloads\avira14_free_antivirus_de.exe
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\Photo
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\Games
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\College
2013-10-13 20:18 - 2013-10-14 15:08 - 00063568 _____ C:\Users\Juli\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-13 20:10 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-10-13 20:10 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-10-13 20:10 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-10-13 20:08 - 2013-10-13 20:08 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-13 20:07 - 2013-10-15 10:30 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA.job
2013-10-13 20:07 - 2013-10-15 00:30 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core.job
2013-10-13 20:07 - 2013-10-15 00:25 - 00004084 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA
2013-10-13 20:07 - 2013-10-15 00:25 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core
2013-10-13 20:07 - 2013-10-13 20:08 - 00000000 ____D C:\Users\Juli\AppData\Local\Google
2013-10-13 20:03 - 2013-10-15 10:00 - 00001439 _____ C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-13 20:03 - 2013-10-15 10:00 - 00001405 _____ C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-10-13 20:03 - 2013-10-15 10:00 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-13 20:03 - 2013-10-15 10:00 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-13 20:02 - 2013-10-13 20:03 - 00000000 ____D C:\Users\Juli
2013-10-13 20:02 - 2013-10-13 20:02 - 00003532 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-10-13 20:02 - 2013-10-13 20:02 - 00000020 ___SH C:\Users\Juli\ntuser.ini
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Vorlagen
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Startmenü
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Netzwerkumgebung
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Lokale Einstellungen
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Eigene Dateien
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Druckumgebung
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Documents\Eigene Musik
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Documents\Eigene Bilder
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Local\Verlauf
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Local\Anwendungsdaten
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Anwendungsdaten
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 ____D C:\Users\Juli\AppData\Local\VirtualStore
2013-10-13 20:02 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-13 20:02 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-13 20:01 - 2013-10-13 20:01 - 00206312 __RSH C:\MYMXU
2013-10-13 20:01 - 2013-10-13 20:01 - 00000009 __RSH C:\Windows\installed
2013-10-13 20:01 - 2013-10-13 20:01 - 00000009 __RSH C:\wedaolu
2013-10-13 20:01 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-10-13 20:01 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-10-13 20:01 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-10-13 20:01 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-10-13 20:01 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-10-13 20:01 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-10-13 20:01 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-10-13 20:01 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-10-13 20:01 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-10-13 20:00 - 2013-10-13 20:00 - 00000019 ____H C:\Windows\Slic.log
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 __SHD C:\Recovery
2013-10-13 18:35 - 2013-10-13 20:01 - 00000000 ____D C:\Windows\Panther
2013-10-13 18:35 - 2013-10-13 18:35 - 00008192 __RSH C:\BOOTSECT.BAK
2013-10-13 18:35 - 2009-07-14 03:38 - 00383562 __RSH C:\bootmgr
2013-10-13 17:39 - 2013-10-15 10:13 - 01802109 _____ C:\Windows\WindowsUpdate.log
2013-10-13 17:39 - 2013-10-13 17:39 - 00001313 _____ C:\Windows\TSSysprep.log
2013-10-13 17:38 - 2013-10-13 17:38 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-10-09 15:01 - 2013-10-14 17:37 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Juli\Desktop\TDSSKiller.exe

==================== One Month Modified Files and Folders =======

2013-10-15 10:42 - 2013-10-15 10:42 - 00011152 _____ C:\Users\Juli\Desktop\Ereignisse.txt
2013-10-15 10:41 - 2013-10-15 10:35 - 00000000 ____D C:\Users\Juli\AppData\Local\Adobe
2013-10-15 10:38 - 2013-10-15 10:38 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-15 10:38 - 2013-10-15 10:38 - 00000000 ____D C:\ProgramData\Adobe
2013-10-15 10:38 - 2013-10-15 10:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-15 10:36 - 2013-10-14 17:31 - 00000922 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-15 10:35 - 2013-10-14 17:25 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Skype
2013-10-15 10:30 - 2013-10-14 17:30 - 00000288 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-15 10:30 - 2013-10-13 20:07 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA.job
2013-10-15 10:13 - 2013-10-13 17:39 - 01802109 _____ C:\Windows\WindowsUpdate.log
2013-10-15 10:12 - 2009-07-14 19:58 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-10-15 10:12 - 2009-07-14 19:58 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-10-15 10:12 - 2009-07-14 07:13 - 01514526 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-15 10:04 - 2009-07-14 06:45 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-15 10:04 - 2009-07-14 06:45 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-15 10:00 - 2013-10-14 17:31 - 00000918 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-15 10:00 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\eSafe
2013-10-15 10:00 - 2013-10-13 20:03 - 00001439 _____ C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-15 10:00 - 2013-10-13 20:03 - 00001405 _____ C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-10-15 10:00 - 2013-10-13 20:03 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-15 10:00 - 2013-10-13 20:03 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-15 09:58 - 2013-10-14 17:31 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-10-15 09:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-15 09:56 - 2009-07-14 06:51 - 00016733 _____ C:\Windows\setupact.log
2013-10-15 09:56 - 2009-07-14 06:45 - 00294752 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-15 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-10-15 09:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-10-15 09:52 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-15 09:50 - 2013-10-14 14:46 - 00097900 _____ C:\Windows\PFRO.log
2013-10-15 01:10 - 2013-10-15 01:04 - 00004905 _____ C:\Windows\IE9_main.log
2013-10-15 01:08 - 2013-10-15 01:08 - 17833984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-10-15 01:08 - 2013-10-15 01:08 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-10-15 01:08 - 2013-10-15 01:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-15 01:08 - 2013-10-15 01:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-15 01:08 - 2013-10-15 01:08 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-15 01:08 - 2013-10-15 01:08 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-10-15 01:08 - 2013-10-15 01:08 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-10-15 01:08 - 2013-10-15 01:08 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-10-15 01:08 - 2013-10-15 01:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-10-15 01:08 - 2013-10-15 01:08 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-10-15 01:08 - 2013-10-15 01:08 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-10-15 00:30 - 2013-10-13 20:07 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core.job
2013-10-15 00:25 - 2013-10-13 20:07 - 00004084 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA
2013-10-15 00:25 - 2013-10-13 20:07 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core
2013-10-14 18:54 - 2013-10-14 18:54 - 00000000 ____D C:\Users\Juli\AppData\Local\avgchrome
2013-10-14 18:30 - 2013-10-14 18:30 - 00000088 _____ C:\Users\Juli\AppData\Roaming\WB.CFG
2013-10-14 18:30 - 2013-10-14 18:30 - 00000006 _____ C:\Users\Juli\AppData\Roaming\WBPU-TTL.DAT
2013-10-14 17:52 - 2013-10-14 17:52 - 00009358 _____ C:\Users\Juli\Downloads\Addition.txt
2013-10-14 17:51 - 2013-10-14 17:51 - 00000000 ____D C:\FRST
2013-10-14 17:49 - 2013-10-14 17:49 - 01954124 _____ (Farbar) C:\Users\Juli\Downloads\FRST64.exe
2013-10-14 17:49 - 2013-10-14 17:49 - 00000000 ____D C:\Users\Juli\Documents\My Received Files
2013-10-14 17:49 - 2013-10-14 17:49 - 00000000 ____D C:\Users\Juli\AppData\Roaming\MusicNet
2013-10-14 17:47 - 2013-10-14 17:47 - 01332104 _____ (iMesh Inc) C:\Users\Juli\Downloads\iMeshSetup-r1487-w-bc.exe
2013-10-14 17:43 - 2013-10-14 17:33 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-14 17:42 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Systweak
2013-10-14 17:37 - 2013-10-09 15:01 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Juli\Desktop\TDSSKiller.exe
2013-10-14 17:36 - 2013-10-14 17:35 - 04101172 _____ C:\Users\Juli\Downloads\tdsskiller.zip
2013-10-14 17:34 - 2013-10-14 17:33 - 02240864 _____ (Kaspersky Lab ZAO) C:\Users\Juli\Downloads\tdsskiller.exe
2013-10-14 17:31 - 2013-10-14 17:31 - 00003918 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-10-14 17:31 - 2013-10-14 17:31 - 00003666 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-10-14 17:31 - 2013-10-14 17:31 - 00003384 _____ C:\Windows\System32\Tasks\BonanzaDealsUpdate
2013-10-14 17:31 - 2013-10-14 17:31 - 00003382 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\searchgol
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\BabSolution
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Local\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\searchgol
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-14 17:30 - 2013-10-14 17:30 - 00003224 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-14 17:30 - 2013-10-14 17:30 - 00000000 ____D C:\Users\Juli\AppData\Roaming\DigitalSite
2013-10-14 17:30 - 2013-10-14 17:30 - 00000000 ____D C:\ProgramData\Babylon
2013-10-14 17:29 - 2013-10-14 17:29 - 00753504 _____ C:\Users\Juli\Downloads\ZipExtractorSetup.exe
2013-10-14 17:25 - 2013-10-14 17:25 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-10-14 17:25 - 2013-10-14 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-14 17:25 - 2013-10-14 17:25 - 00000000 ____D C:\ProgramData\Skype
2013-10-14 17:25 - 2013-10-14 17:23 - 32542880 _____ (Skype Technologies S.A.) C:\Users\Juli\Downloads\Skype69SetupFull.exe
2013-10-14 15:08 - 2013-10-13 20:18 - 00063568 _____ C:\Users\Juli\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-13 20:51 - 2013-10-13 20:50 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-13 20:44 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-13 20:41 - 2013-10-13 20:35 - 163606685 _____ C:\Users\Juli\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-10-13 20:37 - 2013-10-13 20:37 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Avira
2013-10-13 20:31 - 2013-10-13 20:31 - 00000000 ____D C:\ProgramData\Avira
2013-10-13 20:31 - 2013-10-13 20:31 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-13 20:30 - 2013-10-13 20:26 - 122946048 _____ C:\Users\Juli\Downloads\avira14_free_antivirus_de.exe
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\Photo
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\Games
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\College
2013-10-13 20:08 - 2013-10-13 20:08 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-13 20:08 - 2013-10-13 20:07 - 00000000 ____D C:\Users\Juli\AppData\Local\Google
2013-10-13 20:03 - 2013-10-13 20:02 - 00000000 ____D C:\Users\Juli
2013-10-13 20:02 - 2013-10-13 20:02 - 00003532 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-10-13 20:02 - 2013-10-13 20:02 - 00000020 ___SH C:\Users\Juli\ntuser.ini
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Vorlagen
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Startmenü
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Netzwerkumgebung
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Lokale Einstellungen
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Eigene Dateien
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Druckumgebung
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Documents\Eigene Musik
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Documents\Eigene Bilder
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Local\Verlauf
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Local\Anwendungsdaten
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Anwendungsdaten
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 ____D C:\Users\Juli\AppData\Local\VirtualStore
2013-10-13 20:01 - 2013-10-13 20:01 - 00206312 __RSH C:\MYMXU
2013-10-13 20:01 - 2013-10-13 20:01 - 00000009 __RSH C:\Windows\installed
2013-10-13 20:01 - 2013-10-13 20:01 - 00000009 __RSH C:\wedaolu
2013-10-13 20:01 - 2013-10-13 18:35 - 00000000 ____D C:\Windows\Panther
2013-10-13 20:01 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2013-10-13 20:01 - 2009-07-14 06:45 - 00000000 ____D C:\Windows\Setup
2013-10-13 20:00 - 2013-10-13 20:00 - 00000019 ____H C:\Windows\Slic.log
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 __SHD C:\Recovery
2013-10-13 20:00 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-13 20:00 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-10-13 20:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Recovery
2013-10-13 20:00 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2013-10-13 19:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-13 18:35 - 2013-10-13 18:35 - 00008192 __RSH C:\BOOTSECT.BAK
2013-10-13 18:35 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-10-13 18:35 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-10-13 17:39 - 2013-10-13 17:39 - 00001313 _____ C:\Windows\TSSysprep.log
2013-10-13 17:39 - 2009-07-14 06:46 - 00001774 _____ C:\Windows\DtcInstall.log
2013-10-13 17:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-10-13 17:38 - 2013-10-13 17:38 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-10-13 17:36 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\CSC
2013-09-30 11:01 - 2013-10-13 20:31 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-30 11:01 - 2013-10-13 20:31 - 00105856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-30 11:01 - 2013-10-13 20:31 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-30 11:01 - 2013-10-13 20:31 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

Some content of TEMP:
====================
C:\Users\Juli\AppData\Local\Temp\avgnt.exe
C:\Users\Juli\AppData\Local\Temp\BackupSetup.exe
C:\Users\Juli\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-13 17:36

==================== End Of Log ============================
         
--- --- ---

Alt 15.10.2013, 09:58   #7
usernamejuli
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



AdditionFRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Juli at 2013-10-15 10:48:39
Running from C:\Users\Juli\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Reader XI (11.0.04) - Deutsch (x32 Version: 11.0.04)
Avira Free Antivirus (x32 Version: 14.0.0.383)
BitGuard (x32)
Bonanza Deals (remove only) (x32 Version: 5.0.1.0)
Google Chrome (HKCU Version: 30.0.1599.69)
Google Update Helper (x32 Version: 1.3.23.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
Search-Gol Chrome Toolbar (x32)
searchgol toolbar   (x32 Version: 1.8.16.19)
Skype™ 6.9 (x32 Version: 6.9.106)
Update for Zip Extractor (HKCU)
Whilokii 1.0.0 (Version: 1.0.0)
Wsys Control 10.2.1.2652 (x32 Version: 10.2.1.2652)

==================== Restore Points  =========================

13-10-2013 18:01:00 Windows Update
13-10-2013 18:11:09 Windows Update
13-10-2013 18:44:29 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
13-10-2013 18:45:30 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
13-10-2013 18:50:31 OpenOffice 4.0.1 wird installiert
14-10-2013 22:48:03 Windows Update
15-10-2013 08:02:38 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1FD998E1-DE97-4B6B-86A7-903DA75A8FA4} - System32\Tasks\EPUpdater => C:\Users\Juli\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-09-01] ()
Task: {21CF6B4C-75BD-4E4F-B662-08F0617666F1} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-14] (BonanzaDeals)
Task: {31C87A3F-D9DD-4731-8B24-7F76073F7CA6} - System32\Tasks\BonanzaDealsUpdate => C:\Program
Task: {3C35ADCB-C581-42CF-98A7-BCB3019B11DE} - System32\Tasks\DigitalSite => C:\Users\Juli\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {735A626E-462A-41E3-94F6-750158F6F79D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core => C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-13] (Google Inc.)
Task: {76083B94-767D-40F4-909A-EB8DEB47E42B} - System32\Tasks\BitGuard => Sc.exe start BitGuard
Task: {81FFDFFF-AB5D-4203-BCCE-93472A040B5B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA => C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-13] (Google Inc.)
Task: {CFDAC951-7928-4074-9C94-E3C9DC25429D} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-14] (BonanzaDeals)
Task: {E19D36C1-6633-4518-8F23-C4CD59FEED33} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-06-24] (Microsoft Corporation)
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Juli\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core.job => C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA.job => C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-14 17:31 - 2013-09-23 13:55 - 02704352 _____ () C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
2013-10-13 20:31 - 2013-09-30 11:01 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-13 20:08 - 2013-10-03 08:02 - 00698832 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\libglesv2.dll
2013-10-13 20:08 - 2013-10-03 08:02 - 00099792 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\libegl.dll
2013-10-13 20:08 - 2013-10-03 08:03 - 04055504 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
2013-10-13 20:08 - 2013-10-03 08:03 - 00415184 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
2013-10-13 20:08 - 2013-10-03 08:02 - 01604560 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
2013-10-15 00:31 - 2013-10-15 00:31 - 13584776 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\pepflashplayer.dll
2013-10-13 20:31 - 2013-09-30 11:01 - 00394824 _____ () C:\program files (x86)\avira\antivir desktop\sqlite3.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/15/2013 10:09:18 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.Runtime.Serialization, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070005

Error: (10/15/2013 09:55:32 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: updateWhilokii.exe, Version: 1.0.5024.30748, Zeitstempel: 0x524db1d7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6fe66a64
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xupdateWhilokii.exe0
Pfad der fehlerhaften Anwendung: updateWhilokii.exe1
Pfad des fehlerhaften Moduls: updateWhilokii.exe2
Berichtskennung: updateWhilokii.exe3

Error: (10/15/2013 09:55:28 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avguard.exe, Version: 14.0.0.335, Zeitstempel: 0x523c406e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6fe66a64
ID des fehlerhaften Prozesses: 0xa58
Startzeit der fehlerhaften Anwendung: 0xavguard.exe0
Pfad der fehlerhaften Anwendung: avguard.exe1
Pfad des fehlerhaften Moduls: avguard.exe2
Berichtskennung: avguard.exe3

Error: (10/15/2013 09:55:25 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: updateWhilokii.exe, Version: 1.0.5024.30748, Zeitstempel: 0x524db1d7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6fe66a64
ID des fehlerhaften Prozesses: 0x7c8
Startzeit der fehlerhaften Anwendung: 0xupdateWhilokii.exe0
Pfad der fehlerhaften Anwendung: updateWhilokii.exe1
Pfad des fehlerhaften Moduls: updateWhilokii.exe2
Berichtskennung: updateWhilokii.exe3

Error: (10/15/2013 09:55:20 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: BitGuard.exe, Version: 2.6.1694.246, Zeitstempel: 0x52402c9d
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6fe66a64
ID des fehlerhaften Prozesses: 0x69c
Startzeit der fehlerhaften Anwendung: 0xBitGuard.exe0
Pfad der fehlerhaften Anwendung: BitGuard.exe1
Pfad des fehlerhaften Moduls: BitGuard.exe2
Berichtskennung: BitGuard.exe3

Error: (10/15/2013 09:55:17 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: eGdpSvc.exe, Version: 10.2.1.2652, Zeitstempel: 0x5253e230
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6fe66a64
ID des fehlerhaften Prozesses: 0x4c8
Startzeit der fehlerhaften Anwendung: 0xeGdpSvc.exe0
Pfad der fehlerhaften Anwendung: eGdpSvc.exe1
Pfad des fehlerhaften Moduls: eGdpSvc.exe2
Berichtskennung: eGdpSvc.exe3

Error: (10/13/2013 07:58:44 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004F050
Teil-Pkey=VF3FW
ACID=?
Genauer Fehler[?]


System errors:
=============
Error: (10/15/2013 10:02:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für Internet Explorer*8 für Windows 7 für x64-basierte Systeme (KB2598845)

Error: (10/15/2013 09:59:56 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%16405

Error: (10/15/2013 09:58:21 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.

Error: (10/15/2013 09:56:44 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (10/15/2013 09:56:44 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/15/2013 09:55:33 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (10/15/2013 09:55:33 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update Whilokii" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/15/2013 09:55:33 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Update Whilokii erreicht.

Error: (10/15/2013 09:55:28 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Avira Planer" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (10/15/2013 09:55:27 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 2 Mal vorgekommen. Folgende Korrekturmaßnahmen werden in 0 Millisekunden durchgeführt: Neustart des Diensts.


Microsoft Office Sessions:
=========================
Error: (10/15/2013 10:09:18 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.Runtime.Serialization, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070005 
System.Runtime.Serialization, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (10/15/2013 09:55:32 AM) (Source: Application Error)(User: )
Description: updateWhilokii.exe1.0.5024.30748524db1d7unknown0.0.0.000000000c00000056fe66a64

Error: (10/15/2013 09:55:28 AM) (Source: Application Error)(User: )
Description: avguard.exe14.0.0.335523c406eunknown0.0.0.000000000c00000056fe66a64a5801cec97be992299fC:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeunknown277312c5-356f-11e3-8d83-00238b890d3d

Error: (10/15/2013 09:55:25 AM) (Source: Application Error)(User: )
Description: updateWhilokii.exe1.0.5024.30748524db1d7unknown0.0.0.000000000c00000056fe66a647c801cec97b6ffec180C:\Program Files (x86)\Whilokii\updateWhilokii.exeunknown2631b900-356f-11e3-8d83-00238b890d3d

Error: (10/15/2013 09:55:20 AM) (Source: Application Error)(User: )
Description: BitGuard.exe2.6.1694.24652402c9dunknown0.0.0.000000000c00000056fe66a6469c01cec97b6e4b25aeC:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exeunknown23359f48-356f-11e3-8d83-00238b890d3d

Error: (10/15/2013 09:55:17 AM) (Source: Application Error)(User: )
Description: eGdpSvc.exe10.2.1.26525253e230unknown0.0.0.000000000c00000056fe66a644c801cec97b39548795C:\ProgramData\eSafe\eGdpSvc.exeunknown216ef874-356f-11e3-8d83-00238b890d3d

Error: (10/13/2013 07:58:44 PM) (Source: Software Protection Platform Service)(User: )
Description: 0xC004F050VF3FW??


==================== Memory info =========================== 

Percentage of memory in use: 60%
Total physical RAM: 4093.2 MB
Available physical RAM: 1625.19 MB
Total Pagefile: 8184.53 MB
Available Pagefile: 5095.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:453.74 GB) (Free:428.18 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:12.02 GB) (Free:1.93 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5ABD451A)
Partition 1: (Active) - (Size=454 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=3 MB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 3

==================== End Of Log ============================
         
--- --- ---


AVIRA

Exportierte Ereignisse:

15.10.2013 09:59 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

15.10.2013 09:59 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

15.10.2013 09:59 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'D:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

15.10.2013 09:59 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

15.10.2013 09:52 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

15.10.2013 09:52 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

15.10.2013 09:52 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'D:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

15.10.2013 09:52 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

14.10.2013 17:39 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\Users\Juli\AppData\Local\Temp\is1590112554\9804323_stp\uninstaller.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

14.10.2013 17:39 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\Users\Juli\AppData\Local\Temp\sptemp\wajam_validate.exe_635173691440160528'
wurde ein Virus oder unerwünschtes Programm 'TR/Crypt.XPACK.Gen8' [trojan]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

14.10.2013 17:31 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\Users\Juli\AppData\Local\Temp\is1590112554\9804323_stp\uninstaller.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

14.10.2013 17:31 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\Users\Juli\AppData\Local\Temp\is1590112554\9804323_stp\uninstaller.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware]
gefunden.
Ausgeführte Aktion: Übergeben an Scanner

14.10.2013 17:31 [Echtzeit-Scanner] Malware gefunden
In der Datei
'C:\Users\Juli\AppData\Local\Temp\is1590112554\9804323_stp\uninstaller.exe'
wurde ein Virus oder unerwünschtes Programm 'ADWARE/InstallCore.Gen' [adware]
gefunden.
Ausgeführte Aktion: Zugriff verweigern

14.10.2013 14:48 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

14.10.2013 14:48 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

14.10.2013 14:48 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'D:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

14.10.2013 14:48 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

13.10.2013 20:44 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'C:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

13.10.2013 20:44 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

13.10.2013 20:44 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Bootsektor von Laufwerk 'D:' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

13.10.2013 20:44 [Echtzeit-Scanner] Malware in Bootsektor gefunden
Im Masterbootsektor von Laufwerk 'Masterbootsektor HD0' wurde ein Virus oder
unerwünschtes Programm 'BOO/TDss.O' [virus] gefunden.
Ausgeführte Aktion: Zugriff verweigern

Geändert von usernamejuli (15.10.2013 um 10:16 Uhr)

Alt 15.10.2013, 10:52   #8
aharonov
/// TB-Ausbilder
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Hallo,

bitte nochmals einen Scan mit dem TDSSKiller machen, aber dieses Mal noch auf "Change parameters" wählen, bevor du "Start scan" drückst. Und dort dann bei "Additional options" einen Haken setzen bei "Verify file digital signatures" und "Detect TDLFS file system". Dann mit OK bestätigen und den Scan starten.
__________________
cheers,
Leo

Alt 15.10.2013, 17:11   #9
usernamejuli
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Hier der Bericht:

18:07:45.0823 0x1058 TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
18:07:58.0989 0x1058 ============================================================
18:07:58.0989 0x1058 Current date / time: 2013/10/15 18:07:58.0988
18:07:58.0989 0x1058 SystemInfo:
18:07:58.0989 0x1058
18:07:58.0989 0x1058 OS Version: 6.1.7600 ServicePack: 0.0
18:07:58.0989 0x1058 Product type: Workstation
18:07:58.0989 0x1058 ComputerName: JULI-PC
18:07:58.0990 0x1058 UserName: Juli
18:07:58.0990 0x1058 Windows directory: C:\Windows
18:07:58.0990 0x1058 System windows directory: C:\Windows
18:07:58.0990 0x1058 Running under WOW64
18:07:58.0990 0x1058 Processor architecture: Intel x64
18:07:58.0990 0x1058 Number of processors: 2
18:07:58.0990 0x1058 Page size: 0x1000
18:07:58.0990 0x1058 Boot type: Normal boot
18:07:58.0990 0x1058 ============================================================
18:08:04.0899 0x1058 System UUID: {DB0ED304-A260-E2DE-358C-966A96D13B9C}
18:08:05.0805 0x1058 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:08:05.0810 0x1058 ============================================================
18:08:05.0810 0x1058 \Device\Harddisk0\DR0:
18:08:05.0811 0x1058 MBR partitions:
18:08:05.0811 0x1058 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38B7A000
18:08:05.0811 0x1058 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38B7A800, BlocksNum 0x180A000
18:08:05.0811 0x1058 ============================================================
18:08:05.0911 0x1058 C: <-> \Device\Harddisk0\DR0\Partition1
18:08:06.0091 0x1058 D: <-> \Device\Harddisk0\DR0\Partition2
18:08:06.0091 0x1058 ============================================================
18:08:06.0091 0x1058 Initialize success
18:08:06.0091 0x1058 ============================================================
18:08:50.0301 0x1164 ============================================================
18:08:50.0301 0x1164 Scan started
18:08:50.0301 0x1164 Mode: Manual; SigCheck; TDLFS;
18:08:50.0301 0x1164 ============================================================
18:08:50.0301 0x1164 KSN ping started
18:08:52.0710 0x1164 KSN ping finished: true
18:08:54.0165 0x1164 ================ Scan system memory ========================
18:08:54.0166 0x1164 System memory - ok
18:08:54.0167 0x1164 ================ Scan services =============================
18:08:54.0603 0x1164 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
18:08:54.0765 0x1164 1394ohci - ok
18:08:54.0814 0x1164 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
18:08:54.0834 0x1164 Accelerometer - ok
18:08:54.0873 0x1164 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
18:08:54.0910 0x1164 ACPI - ok
18:08:54.0920 0x1164 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
18:08:54.0977 0x1164 AcpiPmi - ok
18:08:55.0061 0x1164 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:08:55.0087 0x1164 AdobeARMservice - ok
18:08:55.0156 0x1164 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:08:55.0193 0x1164 adp94xx - ok
18:08:55.0240 0x1164 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:08:55.0263 0x1164 adpahci - ok
18:08:55.0272 0x1164 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:08:55.0291 0x1164 adpu320 - ok
18:08:55.0322 0x1164 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:08:55.0489 0x1164 AeLookupSvc - ok
18:08:55.0551 0x1164 [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD C:\Windows\system32\drivers\afd.sys
18:08:55.0649 0x1164 AFD - ok
18:08:55.0689 0x1164 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
18:08:55.0704 0x1164 agp440 - ok
18:08:55.0732 0x1164 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:08:55.0775 0x1164 ALG - ok
18:08:55.0801 0x1164 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
18:08:55.0817 0x1164 aliide - ok
18:08:55.0865 0x1164 [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:08:55.0974 0x1164 AMD External Events Utility - ok
18:08:55.0981 0x1164 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
18:08:56.0001 0x1164 amdide - ok
18:08:56.0012 0x1164 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:08:56.0042 0x1164 AmdK8 - ok
18:08:56.0048 0x1164 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:08:56.0066 0x1164 AmdPPM - ok
18:08:56.0086 0x1164 [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
18:08:56.0103 0x1164 amdsata - ok
18:08:56.0112 0x1164 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:08:56.0132 0x1164 amdsbs - ok
18:08:56.0137 0x1164 [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
18:08:56.0153 0x1164 amdxata - ok
18:08:56.0340 0x1164 [ 3478F48B23A0D9F6EADD4A2405BA70EF, 421BDDCEFEF491915EF8D9BFB756A56778437D98B136758A15AE5A0672738C9D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:08:56.0384 0x1164 AntiVirSchedulerService - ok
18:08:56.0438 0x1164 [ AFFE7C21A4FCA1963371F10066911D3A, DC7A94A784C9389792F3C9A1F435CD9B2D5F74AC9E56F35831B65820FA6A0EDE ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:08:56.0479 0x1164 AntiVirService - ok
18:08:56.0526 0x1164 [ 8397F57D246078C72365A7BE76B2195B, FCA8FF98D48DF28D1F2978658D1D0B21393A82D6AA86AF39A146CBDF5F9DF28F ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:08:56.0579 0x1164 AntiVirWebService - ok
18:08:56.0616 0x1164 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
18:08:56.0756 0x1164 AppID - ok
18:08:56.0774 0x1164 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:08:56.0832 0x1164 AppIDSvc - ok
18:08:56.0843 0x1164 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
18:08:56.0894 0x1164 Appinfo - ok
18:08:56.0953 0x1164 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
18:08:56.0988 0x1164 AppMgmt - ok
18:08:57.0030 0x1164 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:08:57.0046 0x1164 arc - ok
18:08:57.0053 0x1164 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:08:57.0073 0x1164 arcsas - ok
18:08:57.0090 0x1164 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:08:57.0137 0x1164 AsyncMac - ok
18:08:57.0142 0x1164 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
18:08:57.0158 0x1164 atapi - ok
18:08:57.0416 0x1164 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E, E96DD29A2FCE1403340CB29D34F657DF17F483F62A2E8E24890F9BC4812B2971 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:08:57.0776 0x1164 atikmdag - ok
18:08:57.0854 0x1164 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:08:57.0940 0x1164 AudioEndpointBuilder - ok
18:08:57.0960 0x1164 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:08:58.0013 0x1164 AudioSrv - ok
18:08:58.0051 0x1164 [ 29F9901C22E7BFE23DF8389AFC530D3D, DBD3537AF3E4BF9AC033E109C8CA737A2EC1EE1F95EDC31E2855F9A9595B03DE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:08:58.0067 0x1164 avgntflt - ok
18:08:58.0106 0x1164 [ 033CA7F2EABD7EFDC482FE45DD7E1B60, 5D02BB7ED45AA64F8A9D8F29E25D29FE26881EEE55B2962AD99F655EB22692DB ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:08:58.0122 0x1164 avipbb - ok
18:08:58.0152 0x1164 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:08:58.0167 0x1164 avkmgr - ok
18:08:58.0185 0x1164 [ 09E9CA6E7C6BD01D6AE7BECDEC224D06, 34FBB2C3565C21CE6245EB1CDADE7CE24A6B93F8EBAAAEA53B560E634AAA639D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
18:08:58.0201 0x1164 avnetflt - ok
18:08:58.0260 0x1164 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:08:58.0324 0x1164 AxInstSV - ok
18:08:58.0399 0x1164 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:08:58.0455 0x1164 b06bdrv - ok
18:08:58.0493 0x1164 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:08:58.0527 0x1164 b57nd60a - ok
18:08:58.0565 0x1164 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:08:58.0606 0x1164 BDESVC - ok
18:08:58.0610 0x1164 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:08:58.0678 0x1164 Beep - ok
18:08:58.0760 0x1164 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
18:08:58.0842 0x1164 BFE - ok
18:08:59.0093 0x1164 [ 425622F8DB2694C34D1908A77612ACFC, C8ADB9731552F276E89CF9B0D86E033E2DA6454B289ED12C2062DA426808344B ] BitGuard C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
18:08:59.0244 0x1164 BitGuard - ok
18:08:59.0300 0x1164 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
18:08:59.0395 0x1164 BITS - ok
18:08:59.0425 0x1164 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:08:59.0442 0x1164 blbdrive - ok
18:08:59.0501 0x1164 bonanzadealslive - ok
18:08:59.0508 0x1164 bonanzadealslivem - ok
18:08:59.0552 0x1164 [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:08:59.0632 0x1164 bowser - ok
18:08:59.0668 0x1164 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:08:59.0701 0x1164 BrFiltLo - ok
18:08:59.0706 0x1164 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:08:59.0725 0x1164 BrFiltUp - ok
18:08:59.0760 0x1164 [ 6B054C67AAA87843504E8E3C09102009, 284AA58625FBDBFECB851A35407331B40BAEC141F2DCEDB9F15733BAB22F5C81 ] Browser C:\Windows\System32\browser.dll
18:08:59.0820 0x1164 Browser - ok
18:08:59.0852 0x1164 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:08:59.0888 0x1164 Brserid - ok
18:08:59.0894 0x1164 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:08:59.0924 0x1164 BrSerWdm - ok
18:08:59.0929 0x1164 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:08:59.0954 0x1164 BrUsbMdm - ok
18:08:59.0959 0x1164 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:08:59.0987 0x1164 BrUsbSer - ok
18:08:59.0993 0x1164 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:09:00.0029 0x1164 BTHMODEM - ok
18:09:00.0133 0x1164 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:09:00.0191 0x1164 bthserv - ok
18:09:00.0328 0x1164 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:09:00.0390 0x1164 cdfs - ok
18:09:00.0457 0x1164 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:09:00.0507 0x1164 cdrom - ok
18:09:00.0540 0x1164 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
18:09:00.0612 0x1164 CertPropSvc - ok
18:09:00.0631 0x1164 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:09:00.0652 0x1164 circlass - ok
18:09:00.0678 0x1164 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
18:09:00.0701 0x1164 CLFS - ok
18:09:00.0851 0x1164 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:09:00.0891 0x1164 clr_optimization_v2.0.50727_32 - ok
18:09:00.0983 0x1164 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:09:01.0015 0x1164 clr_optimization_v2.0.50727_64 - ok
18:09:01.0232 0x1164 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:09:01.0264 0x1164 clr_optimization_v4.0.30319_32 - ok
18:09:01.0408 0x1164 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:09:01.0437 0x1164 clr_optimization_v4.0.30319_64 - ok
18:09:01.0464 0x1164 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:09:01.0490 0x1164 CmBatt - ok
18:09:01.0512 0x1164 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
18:09:01.0529 0x1164 cmdide - ok
18:09:01.0581 0x1164 [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG C:\Windows\system32\Drivers\cng.sys
18:09:01.0648 0x1164 CNG - ok
18:09:01.0678 0x1164 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:09:01.0693 0x1164 Compbatt - ok
18:09:01.0701 0x1164 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:09:01.0733 0x1164 CompositeBus - ok
18:09:01.0751 0x1164 COMSysApp - ok
18:09:01.0758 0x1164 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:09:01.0774 0x1164 crcdisk - ok
18:09:01.0806 0x1164 [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:09:01.0854 0x1164 CryptSvc - ok
18:09:01.0908 0x1164 [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC C:\Windows\system32\drivers\csc.sys
18:09:01.0968 0x1164 CSC - ok
18:09:02.0001 0x1164 [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService C:\Windows\System32\cscsvc.dll
18:09:02.0057 0x1164 CscService - ok
18:09:02.0116 0x1164 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:09:02.0191 0x1164 DcomLaunch - ok
18:09:02.0255 0x1164 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:09:02.0322 0x1164 defragsvc - ok
18:09:02.0370 0x1164 [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:09:02.0434 0x1164 DfsC - ok
18:09:02.0473 0x1164 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:09:02.0576 0x1164 Dhcp - ok
18:09:02.0596 0x1164 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:09:02.0646 0x1164 discache - ok
18:09:02.0678 0x1164 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:09:02.0694 0x1164 Disk - ok
18:09:02.0739 0x1164 [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:09:02.0811 0x1164 Dnscache - ok
18:09:02.0879 0x1164 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
18:09:02.0963 0x1164 dot3svc - ok
18:09:02.0979 0x1164 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
18:09:03.0020 0x1164 DPS - ok
18:09:03.0057 0x1164 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:09:03.0076 0x1164 drmkaud - ok
18:09:03.0175 0x1164 [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:09:03.0252 0x1164 DXGKrnl - ok
18:09:03.0279 0x1164 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:09:03.0330 0x1164 EapHost - ok
18:09:03.0454 0x1164 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:09:03.0632 0x1164 ebdrv - ok
18:09:03.0736 0x1164 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS C:\Windows\System32\lsass.exe
18:09:03.0828 0x1164 EFS - ok
18:09:03.0989 0x1164 [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:09:04.0099 0x1164 ehRecvr - ok
18:09:04.0141 0x1164 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:09:04.0179 0x1164 ehSched - ok
18:09:04.0260 0x1164 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:09:04.0324 0x1164 elxstor - ok
18:09:04.0329 0x1164 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
18:09:04.0355 0x1164 ErrDev - ok
18:09:04.0413 0x1164 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:09:04.0473 0x1164 EventSystem - ok
18:09:04.0504 0x1164 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:09:04.0559 0x1164 exfat - ok
18:09:04.0584 0x1164 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:09:04.0641 0x1164 fastfat - ok
18:09:04.0680 0x1164 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
18:09:04.0732 0x1164 Fax - ok
18:09:04.0739 0x1164 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:09:04.0761 0x1164 fdc - ok
18:09:04.0771 0x1164 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:09:04.0808 0x1164 fdPHost - ok
18:09:04.0813 0x1164 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:09:04.0851 0x1164 FDResPub - ok
18:09:04.0858 0x1164 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:09:04.0874 0x1164 FileInfo - ok
18:09:04.0879 0x1164 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:09:04.0928 0x1164 Filetrace - ok
18:09:04.0933 0x1164 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:09:04.0961 0x1164 flpydisk - ok
18:09:04.0990 0x1164 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:09:05.0011 0x1164 FltMgr - ok
18:09:05.0096 0x1164 [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] FontCache C:\Windows\system32\FntCache.dll
18:09:05.0200 0x1164 FontCache - ok
18:09:05.0274 0x1164 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:09:05.0303 0x1164 FontCache3.0.0.0 - ok
18:09:05.0314 0x1164 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:09:05.0330 0x1164 FsDepends - ok
18:09:05.0348 0x1164 [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:09:05.0363 0x1164 Fs_Rec - ok
18:09:05.0415 0x1164 [ 1F44F8559E61A8306ECC67BB1E168B7C, 5B7CDD4EDF128B48817145357BB36E2107F0D081C26004B44BFF7C63AD29D99B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:09:05.0438 0x1164 fvevol - ok
18:09:05.0500 0x1164 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:09:05.0522 0x1164 gagp30kx - ok
18:09:05.0697 0x1164 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
18:09:05.0785 0x1164 gpsvc - ok
18:09:05.0826 0x1164 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:09:06.0025 0x1164 hcw85cir - ok
18:09:06.0079 0x1164 [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:09:06.0137 0x1164 HdAudAddService - ok
18:09:06.0157 0x1164 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:09:06.0190 0x1164 HDAudBus - ok
18:09:06.0200 0x1164 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:09:06.0239 0x1164 HidBatt - ok
18:09:06.0262 0x1164 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:09:06.0293 0x1164 HidBth - ok
18:09:06.0299 0x1164 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:09:06.0328 0x1164 HidIr - ok
18:09:06.0357 0x1164 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:09:06.0403 0x1164 hidserv - ok
18:09:06.0419 0x1164 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:09:06.0447 0x1164 HidUsb - ok
18:09:06.0467 0x1164 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
18:09:06.0517 0x1164 hkmsvc - ok
18:09:06.0544 0x1164 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:09:06.0583 0x1164 HomeGroupListener - ok
18:09:06.0616 0x1164 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:09:06.0646 0x1164 HomeGroupProvider - ok
18:09:06.0676 0x1164 [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
18:09:06.0710 0x1164 hpdskflt - ok
18:09:06.0758 0x1164 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
18:09:06.0774 0x1164 HpSAMD - ok
18:09:06.0805 0x1164 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv C:\Windows\system32\Hpservice.exe
18:09:06.0818 0x1164 hpsrv - ok
18:09:06.0868 0x1164 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:09:06.0930 0x1164 HTTP - ok
18:09:06.0936 0x1164 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:09:06.0952 0x1164 hwpolicy - ok
18:09:06.0958 0x1164 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:09:06.0977 0x1164 i8042prt - ok
18:09:07.0011 0x1164 [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
18:09:07.0046 0x1164 iaStorV - ok
18:09:07.0134 0x1164 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:09:07.0179 0x1164 idsvc - ok
18:09:07.0200 0x1164 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:09:07.0215 0x1164 iirsp - ok
18:09:07.0288 0x1164 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
18:09:07.0395 0x1164 IKEEXT - ok
18:09:07.0404 0x1164 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
18:09:07.0419 0x1164 intelide - ok
18:09:07.0438 0x1164 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:09:07.0472 0x1164 intelppm - ok
18:09:07.0504 0x1164 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:09:07.0549 0x1164 IPBusEnum - ok
18:09:07.0556 0x1164 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:09:07.0595 0x1164 IpFilterDriver - ok
18:09:07.0632 0x1164 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:09:07.0704 0x1164 iphlpsvc - ok
18:09:07.0712 0x1164 [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:09:07.0730 0x1164 IPMIDRV - ok
18:09:07.0736 0x1164 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:09:07.0787 0x1164 IPNAT - ok
18:09:07.0813 0x1164 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:09:07.0834 0x1164 IRENUM - ok
18:09:07.0846 0x1164 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
18:09:07.0861 0x1164 isapnp - ok
18:09:07.0885 0x1164 [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:09:07.0904 0x1164 iScsiPrt - ok
18:09:07.0916 0x1164 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:09:07.0932 0x1164 kbdclass - ok
18:09:07.0937 0x1164 [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:09:07.0966 0x1164 kbdhid - ok
18:09:07.0991 0x1164 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso C:\Windows\system32\lsass.exe
18:09:08.0007 0x1164 KeyIso - ok
18:09:08.0053 0x1164 [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:09:08.0069 0x1164 KSecDD - ok
18:09:08.0098 0x1164 [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:09:08.0115 0x1164 KSecPkg - ok
18:09:08.0120 0x1164 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:09:08.0179 0x1164 ksthunk - ok
18:09:08.0227 0x1164 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:09:08.0295 0x1164 KtmRm - ok
18:09:08.0355 0x1164 [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer C:\Windows\system32\srvsvc.dll
18:09:08.0411 0x1164 LanmanServer - ok
18:09:08.0441 0x1164 [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:09:08.0490 0x1164 LanmanWorkstation - ok
18:09:08.0533 0x1164 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:09:08.0571 0x1164 lltdio - ok
18:09:08.0605 0x1164 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:09:08.0664 0x1164 lltdsvc - ok
18:09:08.0670 0x1164 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:09:08.0707 0x1164 lmhosts - ok
18:09:08.0738 0x1164 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:09:08.0755 0x1164 LSI_FC - ok
18:09:08.0762 0x1164 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:09:08.0779 0x1164 LSI_SAS - ok
18:09:08.0797 0x1164 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:09:08.0813 0x1164 LSI_SAS2 - ok
18:09:08.0820 0x1164 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:09:08.0837 0x1164 LSI_SCSI - ok
18:09:08.0849 0x1164 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:09:08.0889 0x1164 luafv - ok
18:09:08.0922 0x1164 [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:09:08.0965 0x1164 Mcx2Svc - ok
18:09:08.0981 0x1164 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:09:09.0003 0x1164 megasas - ok
18:09:09.0026 0x1164 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:09:09.0047 0x1164 MegaSR - ok
18:09:09.0068 0x1164 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:09:09.0120 0x1164 MMCSS - ok
18:09:09.0125 0x1164 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:09:09.0163 0x1164 Modem - ok
18:09:09.0177 0x1164 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:09:09.0217 0x1164 monitor - ok
18:09:09.0223 0x1164 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:09:09.0239 0x1164 mouclass - ok
18:09:09.0244 0x1164 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:09:09.0261 0x1164 mouhid - ok
18:09:09.0267 0x1164 [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:09:09.0284 0x1164 mountmgr - ok
18:09:09.0302 0x1164 [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
18:09:09.0321 0x1164 mpio - ok
18:09:09.0339 0x1164 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:09:09.0378 0x1164 mpsdrv - ok
18:09:09.0429 0x1164 [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
18:09:09.0512 0x1164 MpsSvc - ok
18:09:09.0522 0x1164 [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:09:09.0553 0x1164 MRxDAV - ok
18:09:09.0594 0x1164 [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:09:09.0634 0x1164 mrxsmb - ok
18:09:09.0660 0x1164 [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:09:09.0696 0x1164 mrxsmb10 - ok
18:09:09.0725 0x1164 [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:09:09.0760 0x1164 mrxsmb20 - ok
18:09:09.0764 0x1164 [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
18:09:09.0780 0x1164 msahci - ok
18:09:09.0794 0x1164 [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
18:09:09.0812 0x1164 msdsm - ok
18:09:09.0829 0x1164 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:09:09.0858 0x1164 MSDTC - ok
18:09:09.0867 0x1164 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:09:09.0904 0x1164 Msfs - ok
18:09:09.0915 0x1164 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:09:09.0961 0x1164 mshidkmdf - ok
18:09:09.0965 0x1164 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
18:09:09.0981 0x1164 msisadrv - ok
18:09:10.0018 0x1164 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:09:10.0070 0x1164 MSiSCSI - ok
18:09:10.0075 0x1164 msiserver - ok
18:09:10.0103 0x1164 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:09:10.0146 0x1164 MSKSSRV - ok
18:09:10.0150 0x1164 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:09:10.0187 0x1164 MSPCLOCK - ok
18:09:10.0192 0x1164 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:09:10.0240 0x1164 MSPQM - ok
18:09:10.0265 0x1164 [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:09:10.0302 0x1164 MsRPC - ok
18:09:10.0310 0x1164 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:09:10.0326 0x1164 mssmbios - ok
18:09:10.0331 0x1164 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:09:10.0379 0x1164 MSTEE - ok
18:09:10.0384 0x1164 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:09:10.0405 0x1164 MTConfig - ok
18:09:10.0423 0x1164 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:09:10.0439 0x1164 Mup - ok
18:09:10.0481 0x1164 [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
18:09:10.0542 0x1164 napagent - ok
18:09:10.0594 0x1164 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:09:10.0629 0x1164 NativeWifiP - ok
18:09:10.0670 0x1164 [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
18:09:10.0825 0x1164 NDIS - ok
18:09:10.0892 0x1164 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:09:10.0939 0x1164 NdisCap - ok
18:09:10.0956 0x1164 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:09:11.0007 0x1164 NdisTapi - ok
18:09:11.0018 0x1164 [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:09:11.0066 0x1164 Ndisuio - ok
18:09:11.0074 0x1164 [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:09:11.0115 0x1164 NdisWan - ok
18:09:11.0121 0x1164 [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:09:11.0160 0x1164 NDProxy - ok
18:09:11.0166 0x1164 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:09:11.0204 0x1164 NetBIOS - ok
18:09:11.0214 0x1164 [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:09:11.0257 0x1164 NetBT - ok
18:09:11.0280 0x1164 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon C:\Windows\system32\lsass.exe
18:09:11.0296 0x1164 Netlogon - ok
18:09:11.0341 0x1164 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:09:11.0408 0x1164 Netman - ok
18:09:11.0434 0x1164 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:09:11.0502 0x1164 netprofm - ok
18:09:11.0529 0x1164 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:09:11.0543 0x1164 NetTcpPortSharing - ok
18:09:11.0898 0x1164 [ 39EDE676D17F37AF4573C2B33EC28ACA, 6C897C8B72D7AC1385302E58509688790CC5F428E967485F92C3CD646907EF59 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
18:09:12.0414 0x1164 NETw5s64 - ok
18:09:12.0652 0x1164 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
18:09:12.0906 0x1164 netw5v64 - ok
18:09:12.0971 0x1164 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:09:12.0987 0x1164 nfrd960 - ok
18:09:13.0013 0x1164 [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
18:09:13.0093 0x1164 NlaSvc - ok
18:09:13.0099 0x1164 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:09:13.0143 0x1164 Npfs - ok
18:09:13.0151 0x1164 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:09:13.0190 0x1164 nsi - ok
18:09:13.0195 0x1164 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:09:13.0247 0x1164 nsiproxy - ok
18:09:13.0363 0x1164 [ 9A6089B056EA1B83B36424FC9D0A300E, EA60282C5A32B497921B568C1FE735F5BDB9D954DDC4E609F7F3CAE5ED823CEC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:09:13.0444 0x1164 Ntfs - ok
18:09:13.0473 0x1164 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:09:13.0514 0x1164 Null - ok
18:09:13.0532 0x1164 [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
18:09:13.0550 0x1164 nvraid - ok
18:09:13.0574 0x1164 [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
18:09:13.0592 0x1164 nvstor - ok
18:09:13.0606 0x1164 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
18:09:13.0623 0x1164 nv_agp - ok
18:09:13.0629 0x1164 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:09:13.0647 0x1164 ohci1394 - ok
18:09:13.0683 0x1164 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:09:13.0736 0x1164 p2pimsvc - ok
18:09:13.0768 0x1164 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:09:13.0808 0x1164 p2psvc - ok
18:09:13.0844 0x1164 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:09:13.0862 0x1164 Parport - ok
18:09:13.0889 0x1164 [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:09:13.0905 0x1164 partmgr - ok
18:09:13.0915 0x1164 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
18:09:13.0940 0x1164 PcaSvc - ok
18:09:13.0950 0x1164 [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
18:09:13.0969 0x1164 pci - ok
18:09:13.0993 0x1164 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
18:09:14.0008 0x1164 pciide - ok
18:09:14.0027 0x1164 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:09:14.0046 0x1164 pcmcia - ok
18:09:14.0052 0x1164 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:09:14.0068 0x1164 pcw - ok
18:09:14.0099 0x1164 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:09:14.0159 0x1164 PEAUTH - ok
18:09:14.0221 0x1164 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:09:14.0324 0x1164 PeerDistSvc - ok
18:09:14.0534 0x1164 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:09:14.0574 0x1164 PerfHost - ok
18:09:14.0647 0x1164 [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
18:09:14.0752 0x1164 pla - ok
18:09:14.0807 0x1164 [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:09:14.0869 0x1164 PlugPlay - ok
18:09:14.0894 0x1164 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:09:14.0914 0x1164 PNRPAutoReg - ok
18:09:14.0927 0x1164 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:09:14.0952 0x1164 PNRPsvc - ok
18:09:14.0990 0x1164 [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:09:15.0057 0x1164 PolicyAgent - ok
18:09:15.0082 0x1164 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:09:15.0124 0x1164 Power - ok
18:09:15.0157 0x1164 [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:09:15.0205 0x1164 PptpMiniport - ok
18:09:15.0225 0x1164 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:09:15.0249 0x1164 Processor - ok
18:09:15.0277 0x1164 [ 97293447431311C06703368AD0F6C4BE, 302A3CA8F6961717D95469B20A8A71954D4ECFCDF4638238D3D44AAE5A8D9B8B ] ProfSvc C:\Windows\system32\profsvc.dll
18:09:15.0321 0x1164 ProfSvc - ok
18:09:15.0335 0x1164 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:09:15.0352 0x1164 ProtectedStorage - ok
18:09:15.0387 0x1164 [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:09:15.0428 0x1164 Psched - ok
18:09:15.0503 0x1164 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:09:15.0581 0x1164 ql2300 - ok
18:09:15.0606 0x1164 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:09:15.0623 0x1164 ql40xx - ok
18:09:15.0652 0x1164 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:09:15.0678 0x1164 QWAVE - ok
18:09:15.0684 0x1164 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:09:15.0706 0x1164 QWAVEdrv - ok
18:09:15.0710 0x1164 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:09:15.0759 0x1164 RasAcd - ok
18:09:15.0802 0x1164 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:09:15.0857 0x1164 RasAgileVpn - ok
18:09:15.0872 0x1164 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:09:15.0917 0x1164 RasAuto - ok
18:09:15.0937 0x1164 [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:09:15.0977 0x1164 Rasl2tp - ok
18:09:16.0004 0x1164 [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
18:09:16.0054 0x1164 RasMan - ok
18:09:16.0077 0x1164 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:09:16.0128 0x1164 RasPppoe - ok
18:09:16.0147 0x1164 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:09:16.0191 0x1164 RasSstp - ok
18:09:16.0225 0x1164 [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:09:16.0286 0x1164 rdbss - ok
18:09:16.0292 0x1164 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:09:16.0311 0x1164 rdpbus - ok
18:09:16.0315 0x1164 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:09:16.0353 0x1164 RDPCDD - ok
18:09:16.0384 0x1164 [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:09:16.0422 0x1164 RDPDR - ok
18:09:16.0440 0x1164 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:09:16.0490 0x1164 RDPENCDD - ok
18:09:16.0497 0x1164 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:09:16.0542 0x1164 RDPREFMP - ok
18:09:16.0579 0x1164 [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:09:16.0635 0x1164 RDPWD - ok
18:09:16.0684 0x1164 [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:09:16.0713 0x1164 rdyboost - ok
18:09:16.0737 0x1164 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:09:16.0781 0x1164 RemoteAccess - ok
18:09:16.0818 0x1164 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:09:16.0890 0x1164 RemoteRegistry - ok
18:09:16.0925 0x1164 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:09:16.0964 0x1164 RpcEptMapper - ok
18:09:16.0997 0x1164 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:09:17.0052 0x1164 RpcLocator - ok
18:09:17.0085 0x1164 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
18:09:17.0135 0x1164 RpcSs - ok
18:09:17.0178 0x1164 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:09:17.0216 0x1164 rspndr - ok
18:09:17.0249 0x1164 [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:09:17.0270 0x1164 RTL8167 - ok
18:09:17.0301 0x1164 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
18:09:17.0333 0x1164 s3cap - ok
18:09:17.0359 0x1164 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs C:\Windows\system32\lsass.exe
18:09:17.0375 0x1164 SamSs - ok
18:09:17.0382 0x1164 [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
18:09:17.0399 0x1164 sbp2port - ok
18:09:17.0434 0x1164 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:09:17.0477 0x1164 SCardSvr - ok
18:09:17.0482 0x1164 [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:09:17.0533 0x1164 scfilter - ok
18:09:17.0596 0x1164 [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule C:\Windows\system32\schedsvc.dll
18:09:17.0721 0x1164 Schedule - ok
18:09:17.0763 0x1164 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:09:17.0801 0x1164 SCPolicySvc - ok
18:09:17.0852 0x1164 [ 2C8D162EFAF73ABD36D8BCBB6340CAE7, DC40B08D39941D4FD0C3D5BEF279F50B66FE2D5859A0C85EF0DB11F91289DA9E ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:09:17.0880 0x1164 sdbus - ok
18:09:17.0922 0x1164 [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:09:17.0954 0x1164 SDRSVC - ok
18:09:18.0008 0x1164 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:09:18.0071 0x1164 secdrv - ok
18:09:18.0083 0x1164 [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
18:09:18.0132 0x1164 seclogon - ok
18:09:18.0138 0x1164 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:09:18.0184 0x1164 SENS - ok
18:09:18.0200 0x1164 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:09:18.0225 0x1164 SensrSvc - ok
18:09:18.0231 0x1164 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:09:18.0247 0x1164 Serenum - ok
18:09:18.0253 0x1164 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:09:18.0282 0x1164 Serial - ok
18:09:18.0287 0x1164 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:09:18.0305 0x1164 sermouse - ok
18:09:18.0324 0x1164 [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
18:09:18.0364 0x1164 SessionEnv - ok
18:09:18.0379 0x1164 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
18:09:18.0409 0x1164 sffdisk - ok
18:09:18.0414 0x1164 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:09:18.0438 0x1164 sffp_mmc - ok
18:09:18.0443 0x1164 [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
18:09:18.0459 0x1164 sffp_sd - ok
18:09:18.0463 0x1164 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:09:18.0486 0x1164 sfloppy - ok
18:09:18.0512 0x1164 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:09:18.0581 0x1164 SharedAccess - ok
18:09:18.0610 0x1164 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:09:18.0657 0x1164 ShellHWDetection - ok
18:09:18.0695 0x1164 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:09:18.0710 0x1164 SiSRaid2 - ok
18:09:18.0727 0x1164 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:09:18.0743 0x1164 SiSRaid4 - ok
18:09:18.0831 0x1164 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:09:18.0882 0x1164 SkypeUpdate - ok
18:09:18.0902 0x1164 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:09:18.0947 0x1164 Smb - ok
18:09:18.0993 0x1164 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:09:19.0011 0x1164 SNMPTRAP - ok
18:09:19.0015 0x1164 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:09:19.0030 0x1164 spldr - ok
18:09:19.0101 0x1164 [ 567977DC43CC13C4C35ED7084C0B84D5, 93EEC3ABA66DA83157F49F056EF1CB3355122204F2BB0F8B618064AF47D59A61 ] Spooler C:\Windows\System32\spoolsv.exe
18:09:19.0196 0x1164 Spooler - ok
18:09:19.0339 0x1164 [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
18:09:19.0536 0x1164 sppsvc - ok
18:09:19.0551 0x1164 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:09:19.0591 0x1164 sppuinotify - ok
18:09:19.0638 0x1164 [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:09:19.0718 0x1164 srv - ok
18:09:19.0742 0x1164 [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:09:19.0783 0x1164 srv2 - ok
18:09:19.0817 0x1164 [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:09:19.0857 0x1164 srvnet - ok
18:09:19.0879 0x1164 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:09:19.0927 0x1164 SSDPSRV - ok
18:09:19.0945 0x1164 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:09:19.0995 0x1164 SstpSvc - ok
18:09:20.0018 0x1164 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:09:20.0033 0x1164 stexstor - ok
18:09:20.0081 0x1164 [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
18:09:20.0130 0x1164 stisvc - ok
18:09:20.0154 0x1164 [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
18:09:20.0170 0x1164 storflt - ok
18:09:20.0190 0x1164 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
18:09:20.0229 0x1164 StorSvc - ok
18:09:20.0235 0x1164 [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
18:09:20.0250 0x1164 storvsc - ok
18:09:20.0276 0x1164 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:09:20.0290 0x1164 swenum - ok
18:09:20.0326 0x1164 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:09:20.0388 0x1164 swprv - ok
18:09:20.0457 0x1164 [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
18:09:20.0563 0x1164 SysMain - ok
18:09:20.0581 0x1164 [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:09:20.0616 0x1164 TabletInputService - ok
18:09:20.0642 0x1164 [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:09:20.0695 0x1164 TapiSrv - ok
18:09:20.0709 0x1164 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:09:20.0749 0x1164 TBS - ok
18:09:20.0861 0x1164 [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:09:20.0941 0x1164 Tcpip - ok
18:09:21.0026 0x1164 [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:09:21.0084 0x1164 TCPIP6 - ok
18:09:21.0111 0x1164 [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:09:21.0150 0x1164 tcpipreg - ok
18:09:21.0166 0x1164 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:09:21.0212 0x1164 TDPIPE - ok
18:09:21.0242 0x1164 [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:09:21.0282 0x1164 TDTCP - ok
18:09:21.0305 0x1164 [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:09:21.0350 0x1164 tdx - ok
18:09:21.0356 0x1164 [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:09:21.0373 0x1164 TermDD - ok
18:09:21.0441 0x1164 [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
18:09:21.0518 0x1164 TermService - ok
18:09:21.0531 0x1164 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:09:21.0553 0x1164 Themes - ok
18:09:21.0569 0x1164 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:09:21.0608 0x1164 THREADORDER - ok
18:09:21.0628 0x1164 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:09:21.0675 0x1164 TrkWks - ok
18:09:21.0719 0x1164 [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:09:21.0753 0x1164 TrustedInstaller - ok
18:09:21.0773 0x1164 [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:09:21.0881 0x1164 tssecsrv - ok
18:09:21.0908 0x1164 [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:09:21.0961 0x1164 tunnel - ok
18:09:21.0967 0x1164 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:09:21.0983 0x1164 uagp35 - ok
18:09:22.0002 0x1164 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:09:22.0054 0x1164 udfs - ok
18:09:22.0094 0x1164 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:09:22.0116 0x1164 UI0Detect - ok
18:09:22.0127 0x1164 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
18:09:22.0143 0x1164 uliagpkx - ok
18:09:22.0158 0x1164 [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:09:22.0183 0x1164 umbus - ok
18:09:22.0187 0x1164 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:09:22.0217 0x1164 UmPass - ok
18:09:22.0240 0x1164 [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService C:\Windows\System32\umrdp.dll
18:09:22.0271 0x1164 UmRdpService - ok
18:09:22.0300 0x1164 [ B1EC2CAA074A857BF98CA990E576BC2D, FBEBBFBC0EF3174C934A7D03CBC1DDEC3EE5A37E4AC853056BEA5E38620CD8B9 ] Update Whilokii C:\Program Files (x86)\Whilokii\updateWhilokii.exe
18:09:22.0314 0x1164 Update Whilokii - ok
18:09:22.0347 0x1164 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:09:22.0406 0x1164 upnphost - ok
18:09:22.0428 0x1164 [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:09:22.0459 0x1164 usbccgp - ok
18:09:22.0489 0x1164 [ C3D1D402FD39EE517E2CEEE0A937FCBA, 05F2ECC2E6F844ACFACE02DE846B81BBBC9A6C4980EF0B4D3D943759C339A7C5 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
18:09:22.0523 0x1164 usbcir - ok
18:09:22.0535 0x1164 [ DF9F9AFC9AAABD8ED47975D44E38169A, 3EB9E900F35B13208D4B3F9FF3B42972EF3FAFEE1225CC144AC2340410B991C8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:09:22.0563 0x1164 usbehci - ok
18:09:22.0589 0x1164 [ 372A91BC3C6603080A793880B0873785, DC24793760922B92278335AF3B752EBE4373132A1D5CD02EF86466DCC90EB560 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:09:22.0618 0x1164 usbhub - ok
18:09:22.0636 0x1164 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:09:22.0652 0x1164 usbohci - ok
18:09:22.0667 0x1164 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:09:22.0691 0x1164 usbprint - ok
18:09:22.0697 0x1164 [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:09:22.0719 0x1164 USBSTOR - ok
18:09:22.0725 0x1164 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:09:22.0741 0x1164 usbuhci - ok
18:09:22.0784 0x1164 [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:09:22.0819 0x1164 usbvideo - ok
18:09:22.0837 0x1164 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:09:22.0876 0x1164 UxSms - ok
18:09:22.0903 0x1164 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc C:\Windows\system32\lsass.exe
18:09:22.0920 0x1164 VaultSvc - ok
18:09:22.0948 0x1164 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
18:09:22.0965 0x1164 vdrvroot - ok
18:09:23.0026 0x1164 [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
18:09:23.0085 0x1164 vds - ok
18:09:23.0091 0x1164 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:09:23.0110 0x1164 vga - ok
18:09:23.0116 0x1164 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:09:23.0162 0x1164 VgaSave - ok
18:09:23.0181 0x1164 [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
18:09:23.0202 0x1164 vhdmp - ok
18:09:23.0217 0x1164 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
18:09:23.0233 0x1164 viaide - ok
18:09:23.0267 0x1164 [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
18:09:23.0288 0x1164 vmbus - ok
18:09:23.0306 0x1164 [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
18:09:23.0333 0x1164 VMBusHID - ok
18:09:23.0345 0x1164 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
18:09:23.0363 0x1164 volmgr - ok
18:09:23.0398 0x1164 [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:09:23.0421 0x1164 volmgrx - ok
18:09:23.0464 0x1164 [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
18:09:23.0485 0x1164 volsnap - ok
18:09:23.0528 0x1164 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:09:23.0546 0x1164 vsmraid - ok
18:09:23.0621 0x1164 [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
18:09:23.0721 0x1164 VSS - ok
18:09:23.0729 0x1164 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:09:23.0749 0x1164 vwifibus - ok
18:09:23.0754 0x1164 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:09:23.0784 0x1164 vwififlt - ok
18:09:23.0809 0x1164 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:09:23.0858 0x1164 W32Time - ok
18:09:23.0867 0x1164 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:09:23.0896 0x1164 WacomPen - ok
18:09:23.0911 0x1164 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:09:23.0962 0x1164 WANARP - ok
18:09:23.0981 0x1164 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:09:24.0019 0x1164 Wanarpv6 - ok
18:09:24.0122 0x1164 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:09:24.0183 0x1164 WatAdminSvc - ok
18:09:24.0274 0x1164 [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
18:09:24.0366 0x1164 wbengine - ok
18:09:24.0378 0x1164 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:09:24.0404 0x1164 WbioSrvc - ok
18:09:24.0459 0x1164 [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:09:24.0560 0x1164 wcncsvc - ok
18:09:24.0580 0x1164 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:09:24.0602 0x1164 WcsPlugInService - ok
18:09:24.0630 0x1164 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:09:24.0645 0x1164 Wd - ok
18:09:24.0710 0x1164 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:09:24.0743 0x1164 Wdf01000 - ok
18:09:24.0788 0x1164 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:09:24.0818 0x1164 WdiServiceHost - ok
18:09:24.0824 0x1164 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:09:24.0847 0x1164 WdiSystemHost - ok
18:09:24.0888 0x1164 [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient C:\Windows\System32\webclnt.dll
18:09:24.0980 0x1164 WebClient - ok
18:09:25.0025 0x1164 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:09:25.0110 0x1164 Wecsvc - ok
18:09:25.0127 0x1164 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:09:25.0183 0x1164 wercplsupport - ok
18:09:25.0250 0x1164 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:09:25.0308 0x1164 WerSvc - ok
18:09:25.0351 0x1164 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:09:25.0387 0x1164 WfpLwf - ok
18:09:25.0392 0x1164 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:09:25.0407 0x1164 WIMMount - ok
18:09:25.0422 0x1164 WinDefend - ok
18:09:25.0427 0x1164 WinHttpAutoProxySvc - ok
18:09:25.0546 0x1164 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:09:25.0605 0x1164 Winmgmt - ok
18:09:25.0689 0x1164 [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
18:09:25.0822 0x1164 WinRM - ok
18:09:25.0919 0x1164 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:09:25.0989 0x1164 Wlansvc - ok
18:09:26.0007 0x1164 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:09:26.0023 0x1164 WmiAcpi - ok
18:09:26.0050 0x1164 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:09:26.0083 0x1164 wmiApSrv - ok
18:09:26.0124 0x1164 WMPNetworkSvc - ok
18:09:26.0141 0x1164 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:09:26.0184 0x1164 WPCSvc - ok
18:09:26.0193 0x1164 [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:09:26.0225 0x1164 WPDBusEnum - ok
18:09:26.0252 0x1164 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:09:26.0296 0x1164 ws2ifsl - ok
18:09:26.0323 0x1164 [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc C:\Windows\System32\wscsvc.dll
18:09:26.0389 0x1164 wscsvc - ok
18:09:26.0393 0x1164 WSearch - ok
18:09:26.0527 0x1164 [ B4F54911FD477012FDABF5EF7EFAA945, FD1A29E7647EAE37750EC24AF3325045D00E43DF1CE070510D86A86FF8F92484 ] WsysSvc C:\ProgramData\eSafe\eGdpSvc.exe
18:09:26.0581 0x1164 WsysSvc - ok
18:09:26.0715 0x1164 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
18:09:26.0852 0x1164 wuauserv - ok
18:09:26.0896 0x1164 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:09:26.0967 0x1164 WudfPf - ok
18:09:27.0002 0x1164 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:09:27.0043 0x1164 wudfsvc - ok
18:09:27.0077 0x1164 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:09:27.0123 0x1164 WwanSvc - ok
18:09:27.0137 0x1164 ================ Scan global ===============================
18:09:27.0163 0x1164 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:09:27.0210 0x1164 [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
18:09:27.0240 0x1164 [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
18:09:27.0286 0x1164 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:09:27.0329 0x1164 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:09:27.0340 0x1164 [ Global ] - ok
18:09:27.0340 0x1164 ================ Scan MBR ==================================
18:09:27.0356 0x1164 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:09:27.0860 0x1164 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
18:09:27.0860 0x1164 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:09:30.0315 0x1164 ================ Scan VBR ==================================
18:09:30.0322 0x1164 [ 5A021CF36B7C8FF7F6B0F0150B7457E1 ] \Device\Harddisk0\DR0\Partition1
18:09:30.0325 0x1164 \Device\Harddisk0\DR0\Partition1 - ok
18:09:30.0346 0x1164 [ 0F863E609F781DFB426ECAC11B0DD732 ] \Device\Harddisk0\DR0\Partition2
18:09:30.0348 0x1164 \Device\Harddisk0\DR0\Partition2 - ok
18:09:30.0348 0x1164 Waiting for KSN requests completion. In queue: 60
18:09:31.0348 0x1164 Waiting for KSN requests completion. In queue: 60
18:09:32.0349 0x1164 Waiting for KSN requests completion. In queue: 60
18:09:33.0452 0x1164 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.0.307 ), 0x41000 ( enabled : updated )
18:09:33.0463 0x1164 Win FW state via NFP2: enabled
18:09:35.0849 0x1164 ============================================================
18:09:35.0849 0x1164 Scan finished
18:09:35.0849 0x1164 ============================================================
18:09:35.0869 0x0e8c Detected object count: 1
18:09:35.0869 0x0e8c Actual detected object count: 1
18:10:19.0059 0x0e8c \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
18:10:19.0059 0x0e8c \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Alt 15.10.2013, 17:25   #10
aharonov
/// TB-Ausbilder
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Ok, jetzt ist es zu sehen.


Schritt 1

Starte bitte TDSSkiller.exe.
Vista und Win7 User mit Rechtsklick "als Administrator ausführen".
  • Wähle wieder "Change parameters" und setze die Haken wie beim letzten Scan.
  • Drücke auf Start Scan.
    Mache während des Scans nichts am Rechner!
  • Gehe sicher, dass bei TDSS File System die Option Cure (default) oder Delete angehakt ist.
  • Drücke Continue --> Reboot.
  • TDSSKiller wird ein Logfile auf deinem Systemlaufwerk speichern (C:\TDSSKiller.<version_date_time>log.txt).
  • Poste bitte den Inhalt dieses Logfiles in deinen Thread.



Schritt 2

Starte noch einmal FRST.
  • Setze bei Optional Scan den Haken bei Addition.txt und drücke Scan.
  • Wenn der Scan abgeschlossen ist, werden zwei neue Logfiles FRST.txt und Addition.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieser beiden Logfiles bitte hier in deinen Thread.
__________________
cheers,
Leo

Alt 15.10.2013, 17:31   #11
usernamejuli
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Schritt 1

18:29:02.0087 0x1010 TDSS rootkit removing tool 3.0.0.14 Oct 15 2013 15:35:38
18:29:04.0028 0x1010 ============================================================
18:29:04.0028 0x1010 Current date / time: 2013/10/15 18:29:04.0028
18:29:04.0028 0x1010 SystemInfo:
18:29:04.0028 0x1010
18:29:04.0028 0x1010 OS Version: 6.1.7600 ServicePack: 0.0
18:29:04.0028 0x1010 Product type: Workstation
18:29:04.0029 0x1010 ComputerName: JULI-PC
18:29:04.0029 0x1010 UserName: Juli
18:29:04.0029 0x1010 Windows directory: C:\Windows
18:29:04.0029 0x1010 System windows directory: C:\Windows
18:29:04.0029 0x1010 Running under WOW64
18:29:04.0029 0x1010 Processor architecture: Intel x64
18:29:04.0029 0x1010 Number of processors: 2
18:29:04.0029 0x1010 Page size: 0x1000
18:29:04.0029 0x1010 Boot type: Normal boot
18:29:04.0030 0x1010 ============================================================
18:29:05.0794 0x1010 System UUID: {DB0ED304-A260-E2DE-358C-966A96D13B9C}
18:29:06.0292 0x1010 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:29:06.0310 0x1010 ============================================================
18:29:06.0310 0x1010 \Device\Harddisk0\DR0:
18:29:06.0310 0x1010 MBR partitions:
18:29:06.0310 0x1010 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x38B7A000
18:29:06.0310 0x1010 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x38B7A800, BlocksNum 0x180A000
18:29:06.0310 0x1010 ============================================================
18:29:06.0364 0x1010 C: <-> \Device\Harddisk0\DR0\Partition1
18:29:06.0429 0x1010 D: <-> \Device\Harddisk0\DR0\Partition2
18:29:06.0430 0x1010 ============================================================
18:29:06.0430 0x1010 Initialize success
18:29:06.0430 0x1010 ============================================================
18:29:12.0175 0x0f48 ============================================================
18:29:12.0175 0x0f48 Scan started
18:29:12.0175 0x0f48 Mode: Manual; SigCheck; TDLFS;
18:29:12.0175 0x0f48 ============================================================
18:29:12.0175 0x0f48 KSN ping started
18:29:25.0808 0x0f48 KSN ping finished: true
18:29:26.0483 0x0f48 ================ Scan system memory ========================
18:29:26.0483 0x0f48 System memory - ok
18:29:26.0484 0x0f48 ================ Scan services =============================
18:29:26.0910 0x0f48 [ 1B00662092F9F9568B995902F0CC40D5, D345014CF146FA57B2682C189D5E7F27D4C78F321F2723D912D623E777C2BB70 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
18:29:26.0988 0x0f48 1394ohci - ok
18:29:27.0043 0x0f48 [ 5C368F4B04ED2A923E6AFCA2D37BAFF5, C3CC58D636B18DF77C4C4B384AD1DE78418716A0606E564DBC63782D5EA02905 ] Accelerometer C:\Windows\system32\DRIVERS\Accelerometer.sys
18:29:27.0063 0x0f48 Accelerometer - ok
18:29:27.0102 0x0f48 [ 6F11E88748CDEFD2F76AA215F97DDFE5, BD0B3561EDCDE5EFD89372793CFD09DF879709BF469542F4A049705CBA9FD060 ] ACPI C:\Windows\system32\DRIVERS\ACPI.sys
18:29:27.0124 0x0f48 ACPI - ok
18:29:27.0137 0x0f48 [ 63B05A0420CE4BF0E4AF6DCC7CADA254, 56BCC219D6B886FD42B7D335B4A7BBA3C9BC148220CBD99F8583FB505DAE63BF ] AcpiPmi C:\Windows\system32\DRIVERS\acpipmi.sys
18:29:27.0156 0x0f48 AcpiPmi - ok
18:29:27.0243 0x0f48 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
18:29:27.0258 0x0f48 AdobeARMservice - ok
18:29:27.0356 0x0f48 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
18:29:27.0397 0x0f48 adp94xx - ok
18:29:27.0411 0x0f48 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
18:29:27.0434 0x0f48 adpahci - ok
18:29:27.0449 0x0f48 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
18:29:27.0468 0x0f48 adpu320 - ok
18:29:27.0495 0x0f48 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
18:29:27.0534 0x0f48 AeLookupSvc - ok
18:29:27.0619 0x0f48 [ DB9D6C6B2CD95A9CA414D045B627422E, A4A0B2ACBFE311C20EF9F06A49DBE02CE90433C2364B292F6E8F78F6C274DF88 ] AFD C:\Windows\system32\drivers\afd.sys
18:29:27.0648 0x0f48 AFD - ok
18:29:27.0673 0x0f48 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\DRIVERS\agp440.sys
18:29:27.0689 0x0f48 agp440 - ok
18:29:27.0716 0x0f48 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
18:29:27.0736 0x0f48 ALG - ok
18:29:27.0751 0x0f48 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\DRIVERS\aliide.sys
18:29:27.0766 0x0f48 aliide - ok
18:29:27.0841 0x0f48 [ D696F317BD465A602566F8E1DCCE15F7, 6CE77CD4221C0854986F760D1944DF9F4255192D99630D43A0527A6D58D83406 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
18:29:27.0868 0x0f48 AMD External Events Utility - ok
18:29:27.0895 0x0f48 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\DRIVERS\amdide.sys
18:29:27.0910 0x0f48 amdide - ok
18:29:27.0929 0x0f48 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
18:29:27.0948 0x0f48 AmdK8 - ok
18:29:27.0953 0x0f48 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
18:29:27.0971 0x0f48 AmdPPM - ok
18:29:27.0993 0x0f48 [ 7A4B413614C055935567CF88A9734D38, A3BB7CDF3EE0EEF67F89263E81145E73C7142EF5F0AF265375C2ECCE74F932C4 ] amdsata C:\Windows\system32\DRIVERS\amdsata.sys
18:29:28.0010 0x0f48 amdsata - ok
18:29:28.0019 0x0f48 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
18:29:28.0037 0x0f48 amdsbs - ok
18:29:28.0043 0x0f48 [ B4AD0CACBAB298671DD6F6EF7E20679D, FB566C892D0A3DC0A523AE20F35011996958D670937DD5C1A1FCCD36AAC714D7 ] amdxata C:\Windows\system32\DRIVERS\amdxata.sys
18:29:28.0059 0x0f48 amdxata - ok
18:29:28.0243 0x0f48 [ 3478F48B23A0D9F6EADD4A2405BA70EF, 421BDDCEFEF491915EF8D9BFB756A56778437D98B136758A15AE5A0672738C9D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
18:29:28.0264 0x0f48 AntiVirSchedulerService - ok
18:29:28.0297 0x0f48 [ AFFE7C21A4FCA1963371F10066911D3A, DC7A94A784C9389792F3C9A1F435CD9B2D5F74AC9E56F35831B65820FA6A0EDE ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
18:29:28.0317 0x0f48 AntiVirService - ok
18:29:28.0364 0x0f48 [ 8397F57D246078C72365A7BE76B2195B, FCA8FF98D48DF28D1F2978658D1D0B21393A82D6AA86AF39A146CBDF5F9DF28F ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
18:29:28.0400 0x0f48 AntiVirWebService - ok
18:29:28.0423 0x0f48 [ 42FD751B27FA0E9C69BB39F39E409594, DE349CAA570957868CA1CB0BE0FAF551CD4D44FD53EBC4391B9C1C7B9CF295D2 ] AppID C:\Windows\system32\drivers\appid.sys
18:29:28.0445 0x0f48 AppID - ok
18:29:28.0469 0x0f48 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
18:29:28.0507 0x0f48 AppIDSvc - ok
18:29:28.0512 0x0f48 [ D065BE66822847B7F127D1F90158376E, 20F911F390FF23C2C42361A449C4344DB59F1DC21EDD1E7EBC4E80914DEF7824 ] Appinfo C:\Windows\System32\appinfo.dll
18:29:28.0531 0x0f48 Appinfo - ok
18:29:28.0570 0x0f48 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
18:29:28.0591 0x0f48 AppMgmt - ok
18:29:28.0619 0x0f48 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
18:29:28.0635 0x0f48 arc - ok
18:29:28.0644 0x0f48 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
18:29:28.0661 0x0f48 arcsas - ok
18:29:28.0676 0x0f48 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
18:29:28.0713 0x0f48 AsyncMac - ok
18:29:28.0717 0x0f48 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\DRIVERS\atapi.sys
18:29:28.0733 0x0f48 atapi - ok
18:29:28.0997 0x0f48 [ 52BD95CAA9CAE8977FE043E9AD6D2D0E, E96DD29A2FCE1403340CB29D34F657DF17F483F62A2E8E24890F9BC4812B2971 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
18:29:29.0171 0x0f48 atikmdag - ok
18:29:29.0301 0x0f48 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
18:29:29.0405 0x0f48 AudioEndpointBuilder - ok
18:29:29.0428 0x0f48 [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] AudioSrv C:\Windows\System32\Audiosrv.dll
18:29:29.0483 0x0f48 AudioSrv - ok
18:29:29.0525 0x0f48 [ 29F9901C22E7BFE23DF8389AFC530D3D, DBD3537AF3E4BF9AC033E109C8CA737A2EC1EE1F95EDC31E2855F9A9595B03DE ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
18:29:29.0541 0x0f48 avgntflt - ok
18:29:29.0580 0x0f48 [ 033CA7F2EABD7EFDC482FE45DD7E1B60, 5D02BB7ED45AA64F8A9D8F29E25D29FE26881EEE55B2962AD99F655EB22692DB ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
18:29:29.0597 0x0f48 avipbb - ok
18:29:29.0637 0x0f48 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
18:29:29.0651 0x0f48 avkmgr - ok
18:29:29.0681 0x0f48 [ 09E9CA6E7C6BD01D6AE7BECDEC224D06, 34FBB2C3565C21CE6245EB1CDADE7CE24A6B93F8EBAAAEA53B560E634AAA639D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
18:29:29.0696 0x0f48 avnetflt - ok
18:29:29.0734 0x0f48 [ B20B5FA5CA050E9926E4D1DB81501B32, 91B9038349BA07E32DE809E6798167EE44087809EB1174B84EC16580040F1BE0 ] AxInstSV C:\Windows\System32\AxInstSV.dll
18:29:29.0758 0x0f48 AxInstSV - ok
18:29:29.0823 0x0f48 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
18:29:29.0929 0x0f48 b06bdrv - ok
18:29:29.0966 0x0f48 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
18:29:29.0994 0x0f48 b57nd60a - ok
18:29:30.0050 0x0f48 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
18:29:30.0069 0x0f48 BDESVC - ok
18:29:30.0079 0x0f48 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
18:29:30.0116 0x0f48 Beep - ok
18:29:30.0171 0x0f48 [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] BFE C:\Windows\System32\bfe.dll
18:29:30.0249 0x0f48 BFE - ok
18:29:30.0513 0x0f48 [ 425622F8DB2694C34D1908A77612ACFC, C8ADB9731552F276E89CF9B0D86E033E2DA6454B289ED12C2062DA426808344B ] BitGuard C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
18:29:30.0630 0x0f48 BitGuard - ok
18:29:30.0683 0x0f48 [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] BITS C:\Windows\System32\qmgr.dll
18:29:30.0760 0x0f48 BITS - ok
18:29:30.0786 0x0f48 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
18:29:30.0803 0x0f48 blbdrive - ok
18:29:30.0862 0x0f48 bonanzadealslive - ok
18:29:30.0869 0x0f48 bonanzadealslivem - ok
18:29:30.0924 0x0f48 [ 19D20159708E152267E53B66677A4995, 6401FA5C3EFF26BED075FEC68F868CD8D0598FDB45EA9381810615F7252F7A9A ] bowser C:\Windows\system32\DRIVERS\bowser.sys
18:29:30.0957 0x0f48 bowser - ok
18:29:30.0996 0x0f48 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
18:29:31.0018 0x0f48 BrFiltLo - ok
18:29:31.0023 0x0f48 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
18:29:31.0042 0x0f48 BrFiltUp - ok
18:29:31.0088 0x0f48 [ 6B054C67AAA87843504E8E3C09102009, 284AA58625FBDBFECB851A35407331B40BAEC141F2DCEDB9F15733BAB22F5C81 ] Browser C:\Windows\System32\browser.dll
18:29:31.0109 0x0f48 Browser - ok
18:29:31.0136 0x0f48 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
18:29:31.0163 0x0f48 Brserid - ok
18:29:31.0168 0x0f48 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
18:29:31.0189 0x0f48 BrSerWdm - ok
18:29:31.0193 0x0f48 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
18:29:31.0213 0x0f48 BrUsbMdm - ok
18:29:31.0217 0x0f48 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
18:29:31.0234 0x0f48 BrUsbSer - ok
18:29:31.0249 0x0f48 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
18:29:31.0270 0x0f48 BTHMODEM - ok
18:29:31.0304 0x0f48 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
18:29:31.0344 0x0f48 bthserv - ok
18:29:31.0364 0x0f48 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
18:29:31.0403 0x0f48 cdfs - ok
18:29:31.0426 0x0f48 [ 83D2D75E1EFB81B3450C18131443F7DB, F2C686C980D818E797818E75B808E1E0B51B2045840A4BFC32D860B7DB4DFA22 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
18:29:31.0447 0x0f48 cdrom - ok
18:29:31.0478 0x0f48 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] CertPropSvc C:\Windows\System32\certprop.dll
18:29:31.0518 0x0f48 CertPropSvc - ok
18:29:31.0526 0x0f48 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
18:29:31.0546 0x0f48 circlass - ok
18:29:31.0573 0x0f48 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
18:29:31.0608 0x0f48 CLFS - ok
18:29:31.0757 0x0f48 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
18:29:31.0792 0x0f48 clr_optimization_v2.0.50727_32 - ok
18:29:31.0886 0x0f48 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
18:29:31.0908 0x0f48 clr_optimization_v2.0.50727_64 - ok
18:29:32.0115 0x0f48 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
18:29:32.0141 0x0f48 clr_optimization_v4.0.30319_32 - ok
18:29:32.0291 0x0f48 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
18:29:32.0331 0x0f48 clr_optimization_v4.0.30319_64 - ok
18:29:32.0359 0x0f48 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
18:29:32.0375 0x0f48 CmBatt - ok
18:29:32.0385 0x0f48 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\DRIVERS\cmdide.sys
18:29:32.0400 0x0f48 cmdide - ok
18:29:32.0442 0x0f48 [ CA7720B73446FDDEC5C69519C1174C98, F24796765587CC1D653A04783B1659564F42E600DA3AFA3DED724592B291D033 ] CNG C:\Windows\system32\Drivers\cng.sys
18:29:32.0486 0x0f48 CNG - ok
18:29:32.0505 0x0f48 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
18:29:32.0521 0x0f48 Compbatt - ok
18:29:32.0529 0x0f48 [ F26B3A86F6FA87CA360B879581AB4123, 723904362614FE47F6CC0EA0656BA1B47EA32D73BAFB61688A5E5CAE4340B1BF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
18:29:32.0549 0x0f48 CompositeBus - ok
18:29:32.0557 0x0f48 COMSysApp - ok
18:29:32.0564 0x0f48 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
18:29:32.0580 0x0f48 crcdisk - ok
18:29:32.0612 0x0f48 [ BAF19B633933A9FB4883D27D66C39E9A, 2D8ABB5161736CCCADA67B3E6A8D70B0B5E1E3FE6084561891F394DA191B3439 ] CryptSvc C:\Windows\system32\cryptsvc.dll
18:29:32.0649 0x0f48 CryptSvc - ok
18:29:32.0725 0x0f48 [ 4A6173C2279B498CD8F57CAE504564CB, FF3CD404FD91EDE38C21780362CE892BFBBC2526B146BEBD139C7413EB29A216 ] CSC C:\Windows\system32\drivers\csc.sys
18:29:32.0813 0x0f48 CSC - ok
18:29:32.0857 0x0f48 [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] CscService C:\Windows\System32\cscsvc.dll
18:29:32.0904 0x0f48 CscService - ok
18:29:32.0983 0x0f48 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] DcomLaunch C:\Windows\system32\rpcss.dll
18:29:33.0038 0x0f48 DcomLaunch - ok
18:29:33.0083 0x0f48 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
18:29:33.0131 0x0f48 defragsvc - ok
18:29:33.0273 0x0f48 [ 9C253CE7311CA60FC11C774692A13208, 23507138576DB75AA8B7415140F7B5D8A90CB2661796223870461C721A36AEBF ] DfsC C:\Windows\system32\Drivers\dfsc.sys
18:29:33.0297 0x0f48 DfsC - ok
18:29:33.0346 0x0f48 [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] Dhcp C:\Windows\system32\dhcpcore.dll
18:29:33.0377 0x0f48 Dhcp - ok
18:29:33.0413 0x0f48 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
18:29:33.0450 0x0f48 discache - ok
18:29:33.0467 0x0f48 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
18:29:33.0484 0x0f48 Disk - ok
18:29:33.0523 0x0f48 [ 85CF424C74A1D5EC33533E1DBFF9920A, 882D5FA0D5EC053D76A0C46A6047A621D607651693CF94E5506219EECCC8D079 ] Dnscache C:\Windows\System32\dnsrslvr.dll
18:29:33.0545 0x0f48 Dnscache - ok
18:29:33.0571 0x0f48 [ 14452ACDB09B70964C8C21BF80A13ACB, DA0AAAC04626EFF4256D7095FF1DDA1F1B17676E26990C418BDF5090476F2AB4 ] dot3svc C:\Windows\System32\dot3svc.dll
18:29:33.0615 0x0f48 dot3svc - ok
18:29:33.0657 0x0f48 [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] DPS C:\Windows\system32\dps.dll
18:29:33.0725 0x0f48 DPS - ok
18:29:33.0762 0x0f48 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
18:29:33.0781 0x0f48 drmkaud - ok
18:29:33.0871 0x0f48 [ 1633B9ABF52784A1331476397A48CBEF, 697780697C4C55FCCF5FB65C93FB37B3F5A43BF0C59FDBB9EF822D0E993E47BD ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
18:29:33.0934 0x0f48 DXGKrnl - ok
18:29:33.0962 0x0f48 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
18:29:34.0002 0x0f48 EapHost - ok
18:29:34.0144 0x0f48 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
18:29:34.0304 0x0f48 ebdrv - ok
18:29:34.0341 0x0f48 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] EFS C:\Windows\System32\lsass.exe
18:29:34.0438 0x0f48 EFS - ok
18:29:34.0627 0x0f48 [ 47C071994C3F649F23D9CD075AC9304A, B7AA2DD6AD14F18A19620F5FB79D50C630D3750E72DD67BF8D105CC4F5CE1D46 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
18:29:34.0682 0x0f48 ehRecvr - ok
18:29:34.0703 0x0f48 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
18:29:34.0723 0x0f48 ehSched - ok
18:29:34.0781 0x0f48 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
18:29:34.0820 0x0f48 elxstor - ok
18:29:34.0825 0x0f48 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\DRIVERS\errdev.sys
18:29:34.0842 0x0f48 ErrDev - ok
18:29:34.0896 0x0f48 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
18:29:34.0943 0x0f48 EventSystem - ok
18:29:34.0965 0x0f48 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
18:29:35.0008 0x0f48 exfat - ok
18:29:35.0017 0x0f48 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
18:29:35.0060 0x0f48 fastfat - ok
18:29:35.0097 0x0f48 [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] Fax C:\Windows\system32\fxssvc.exe
18:29:35.0141 0x0f48 Fax - ok
18:29:35.0148 0x0f48 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
18:29:35.0166 0x0f48 fdc - ok
18:29:35.0177 0x0f48 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
18:29:35.0216 0x0f48 fdPHost - ok
18:29:35.0225 0x0f48 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
18:29:35.0264 0x0f48 FDResPub - ok
18:29:35.0269 0x0f48 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
18:29:35.0286 0x0f48 FileInfo - ok
18:29:35.0291 0x0f48 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
18:29:35.0329 0x0f48 Filetrace - ok
18:29:35.0333 0x0f48 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
18:29:35.0350 0x0f48 flpydisk - ok
18:29:35.0374 0x0f48 [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
18:29:35.0397 0x0f48 FltMgr - ok
18:29:35.0459 0x0f48 [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] FontCache C:\Windows\system32\FntCache.dll
18:29:35.0532 0x0f48 FontCache - ok
18:29:35.0580 0x0f48 [ 8D89E3131C27FDD6932189CB785E1B7A, AC7DA4C5E6D2E41D1A1DE146E46F034FAF0FB11AD801F070F2D5CD08166E9EB7 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:29:35.0608 0x0f48 FontCache3.0.0.0 - ok
18:29:35.0616 0x0f48 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
18:29:35.0636 0x0f48 FsDepends - ok
18:29:35.0653 0x0f48 [ D3E3F93D67821A2DB2B3D9FAC2DC2064, 727FAA7E15A20ED3A37668D294ABDE6EAF1C87C34EE283C99EE3303E85001404 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
18:29:35.0668 0x0f48 Fs_Rec - ok
18:29:35.0721 0x0f48 [ 1F44F8559E61A8306ECC67BB1E168B7C, 5B7CDD4EDF128B48817145357BB36E2107F0D081C26004B44BFF7C63AD29D99B ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
18:29:35.0743 0x0f48 fvevol - ok
18:29:35.0769 0x0f48 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
18:29:35.0786 0x0f48 gagp30kx - ok
18:29:35.0830 0x0f48 [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] gpsvc C:\Windows\System32\gpsvc.dll
18:29:35.0870 0x0f48 gpsvc - ok
18:29:35.0878 0x0f48 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
18:29:35.0894 0x0f48 hcw85cir - ok
18:29:35.0937 0x0f48 [ 6410F6F415B2A5A9037224C41DA8BF12, 5B8452BC49FDA2215281D27B22FA9BE46B0460F51C4DC70E58B687CFB541F3A5 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
18:29:35.0977 0x0f48 HdAudAddService - ok
18:29:35.0993 0x0f48 [ 0A49913402747A0B67DE940FB42CBDBB, 61A45DBDCEB4A2D5C3C28F6BC8C5ADC51D0240A7553DF44BCC4355FC06F72B83 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
18:29:36.0015 0x0f48 HDAudBus - ok
18:29:36.0020 0x0f48 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
18:29:36.0037 0x0f48 HidBatt - ok
18:29:36.0056 0x0f48 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
18:29:36.0077 0x0f48 HidBth - ok
18:29:36.0082 0x0f48 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
18:29:36.0102 0x0f48 HidIr - ok
18:29:36.0118 0x0f48 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
18:29:36.0156 0x0f48 hidserv - ok
18:29:36.0172 0x0f48 [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
18:29:36.0189 0x0f48 HidUsb - ok
18:29:36.0217 0x0f48 [ EFA58EDE58DD74388FFD04CB32681518, 76D81F9BC1A4D85A779B79DEC23B79F1568AA236CD49247414093CDC1FCC150F ] hkmsvc C:\Windows\system32\kmsvc.dll
18:29:36.0259 0x0f48 hkmsvc - ok
18:29:36.0283 0x0f48 [ 046B2673767CA626E2CFB7FDF735E9E8, 9C932DCC5DE9B1919AB38C01D76AD7BBAF491DE6D158662407974748BC0B4C6C ] HomeGroupListener C:\Windows\system32\ListSvc.dll
18:29:36.0310 0x0f48 HomeGroupListener - ok
18:29:36.0344 0x0f48 [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
18:29:36.0365 0x0f48 HomeGroupProvider - ok
18:29:36.0393 0x0f48 [ 4E0BEC0F78096FFD6D3314B497FC49D3, 15B545815D0C80102963FFF13B6643CC9A74717137C1CBA45345B18912E72DB6 ] hpdskflt C:\Windows\system32\DRIVERS\hpdskflt.sys
18:29:36.0406 0x0f48 hpdskflt - ok
18:29:36.0444 0x0f48 [ 0886D440058F203EBA0E1825E4355914, BC49C4CEFE324A08C864A4BF4FEA9A70151FAB7CC30BDC28344F3FFD2F500070 ] HpSAMD C:\Windows\system32\DRIVERS\HpSAMD.sys
18:29:36.0476 0x0f48 HpSAMD - ok
18:29:36.0510 0x0f48 [ FC7C13B5A9E9BE23B7AE72BBC7FDB278, E85A7BF1CFE52BA7D663A1ED48A4F8874EFBDDF48979138F7E3E24817705B6A1 ] hpsrv C:\Windows\system32\Hpservice.exe
18:29:36.0524 0x0f48 hpsrv - ok
18:29:36.0573 0x0f48 [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] HTTP C:\Windows\system32\drivers\HTTP.sys
18:29:36.0628 0x0f48 HTTP - ok
18:29:36.0634 0x0f48 [ F17766A19145F111856378DF337A5D79, FC1633FB865A5324EBCBE5F97D297B899FABBDD965D862C2EFC743CD36F47E62 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
18:29:36.0649 0x0f48 hwpolicy - ok
18:29:36.0665 0x0f48 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
18:29:36.0684 0x0f48 i8042prt - ok
18:29:36.0716 0x0f48 [ D83EFB6FD45DF9D55E9A1AFC63640D50, 0494F8F7CB3ED11FD8D0B838CB71271AF7A3CBFCB7F2CB043A9392B5106A3C7B ] iaStorV C:\Windows\system32\DRIVERS\iaStorV.sys
18:29:36.0754 0x0f48 iaStorV - ok
18:29:36.0832 0x0f48 [ 2F2BE70D3E02B6FA877921AB9516D43C, E04255EE4BD95FC1539EB1EB9F702B039F65993D31A4531DA487274543EF5226 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
18:29:36.0884 0x0f48 idsvc - ok
18:29:36.0894 0x0f48 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
18:29:36.0910 0x0f48 iirsp - ok
18:29:36.0984 0x0f48 [ C5B4683680DF085B57BC53E5EF34861F, 9C06517DFCB3ED7BB1166F7EB6CCC8713E6B68283C75420C0EDC182094AA1B8F ] IKEEXT C:\Windows\System32\ikeext.dll
18:29:37.0063 0x0f48 IKEEXT - ok
18:29:37.0072 0x0f48 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
18:29:37.0087 0x0f48 intelide - ok
18:29:37.0099 0x0f48 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
18:29:37.0118 0x0f48 intelppm - ok
18:29:37.0132 0x0f48 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
18:29:37.0176 0x0f48 IPBusEnum - ok
18:29:37.0187 0x0f48 [ 722DD294DF62483CECAAE6E094B4D695, 41ABB42EF969EA8A84B546908EBBDC2411D964DE101CE6DD3D7ECF109085E0C0 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
18:29:37.0227 0x0f48 IpFilterDriver - ok
18:29:37.0259 0x0f48 [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
18:29:37.0322 0x0f48 iphlpsvc - ok
18:29:37.0329 0x0f48 [ E2B4A4494DB7CB9B89B55CA268C337C5, C59BC4AA03D10647641EC7533F78BC7E2EA6FC48B8B2CF1A49B5148EF40A90FB ] IPMIDRV C:\Windows\system32\DRIVERS\IPMIDrv.sys
18:29:37.0347 0x0f48 IPMIDRV - ok
18:29:37.0354 0x0f48 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
18:29:37.0394 0x0f48 IPNAT - ok
18:29:37.0419 0x0f48 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
18:29:37.0439 0x0f48 IRENUM - ok
18:29:37.0450 0x0f48 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\DRIVERS\isapnp.sys
18:29:37.0466 0x0f48 isapnp - ok
18:29:37.0491 0x0f48 [ FA4D2557DE56D45B0A346F93564BE6E1, 2827EC3582FF59FFD55BBD4A4F0DDFFEAD4F2537FA043B3A69904FE920B1619C ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
18:29:37.0511 0x0f48 iScsiPrt - ok
18:29:37.0522 0x0f48 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
18:29:37.0538 0x0f48 kbdclass - ok
18:29:37.0543 0x0f48 [ 6DEF98F8541E1B5DCEB2C822A11F7323, F6EE4A7A6A7A1F243D32CA9241CA4816C92EB7BF2AADDD09234968C2CAAE6C0D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
18:29:37.0560 0x0f48 kbdhid - ok
18:29:37.0585 0x0f48 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] KeyIso C:\Windows\system32\lsass.exe
18:29:37.0602 0x0f48 KeyIso - ok
18:29:37.0651 0x0f48 [ 4F4B5FDE429416877DE7143044582EB5, A28FFEA078DBD91F3CC28088810EEEB727107B3F0F48370B44D87DC8F8C55B99 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
18:29:37.0684 0x0f48 KSecDD - ok
18:29:37.0715 0x0f48 [ 6F40465A44ECDC1731BEFAFEC5BDD03C, 317334D414D0AF73CB4D9CA11EA80C641E786760B8800F2795D0CB38378DBB80 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
18:29:37.0734 0x0f48 KSecPkg - ok
18:29:37.0739 0x0f48 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
18:29:37.0777 0x0f48 ksthunk - ok
18:29:37.0811 0x0f48 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
18:29:37.0869 0x0f48 KtmRm - ok
18:29:37.0924 0x0f48 [ 81F1D04D4D0E433099365127375FD501, C2A81B5A482C974E8108806486EC28CB2D81400D42639682FE7B7A9BDF14BA9B ] LanmanServer C:\Windows\system32\srvsvc.dll
18:29:37.0966 0x0f48 LanmanServer - ok
18:29:38.0007 0x0f48 [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
18:29:38.0062 0x0f48 LanmanWorkstation - ok
18:29:38.0141 0x0f48 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
18:29:38.0232 0x0f48 lltdio - ok
18:29:38.0266 0x0f48 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
18:29:38.0312 0x0f48 lltdsvc - ok
18:29:38.0316 0x0f48 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
18:29:38.0354 0x0f48 lmhosts - ok
18:29:38.0386 0x0f48 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
18:29:38.0403 0x0f48 LSI_FC - ok
18:29:38.0410 0x0f48 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
18:29:38.0428 0x0f48 LSI_SAS - ok
18:29:38.0434 0x0f48 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
18:29:38.0450 0x0f48 LSI_SAS2 - ok
18:29:38.0462 0x0f48 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
18:29:38.0479 0x0f48 LSI_SCSI - ok
18:29:38.0500 0x0f48 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
18:29:38.0543 0x0f48 luafv - ok
18:29:38.0572 0x0f48 [ F84C8F1000BC11E3B7B23CBD3BAFF111, BB4C4FFE3F6C9E5C16C06F6F666F177B94E1CF878397BCC0BDAF6EB3341AAED8 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
18:29:38.0592 0x0f48 Mcx2Svc - ok
18:29:38.0597 0x0f48 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
18:29:38.0613 0x0f48 megasas - ok
18:29:38.0632 0x0f48 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
18:29:38.0654 0x0f48 MegaSR - ok
18:29:38.0674 0x0f48 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
18:29:38.0712 0x0f48 MMCSS - ok
18:29:38.0718 0x0f48 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
18:29:38.0755 0x0f48 Modem - ok
18:29:38.0770 0x0f48 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
18:29:38.0790 0x0f48 monitor - ok
18:29:38.0795 0x0f48 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
18:29:38.0811 0x0f48 mouclass - ok
18:29:38.0816 0x0f48 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
18:29:38.0833 0x0f48 mouhid - ok
18:29:38.0839 0x0f48 [ 791AF66C4D0E7C90A3646066386FB571, BF67643099494AEADDDC85E4D97AFF1017806A1DF554F9BE6C864FFECC9EAF42 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
18:29:38.0856 0x0f48 mountmgr - ok
18:29:38.0886 0x0f48 [ 609D1D87649ECC19796F4D76D4C15CEA, 5369F4C83FBAE9C4CFB9ACD36F07479E3F3FD784D79B82AE8D95B818B9F9CE00 ] mpio C:\Windows\system32\DRIVERS\mpio.sys
18:29:38.0904 0x0f48 mpio - ok
18:29:38.0923 0x0f48 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
18:29:38.0962 0x0f48 mpsdrv - ok
18:29:39.0012 0x0f48 [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] MpsSvc C:\Windows\system32\mpssvc.dll
18:29:39.0087 0x0f48 MpsSvc - ok
18:29:39.0096 0x0f48 [ 30524261BB51D96D6FCBAC20C810183C, 19598A9CD0EAAE4ACBF1069E721AB2853452F33FCFB3B5113F023A88A90BF42D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
18:29:39.0120 0x0f48 MRxDAV - ok
18:29:39.0155 0x0f48 [ 040D62A9D8AD28922632137ACDD984F2, D9457BDA88C2E3AA4E716C0657B77A4A3E212328CDABD5C18279B6440E1C1594 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
18:29:39.0195 0x0f48 mrxsmb - ok
18:29:39.0221 0x0f48 [ F0067552F8F9B33D7C59403AB808A3CB, 698B63528E1943BB4253BF7578DC128AA824C71BD04FF0521277E68B20656C02 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
18:29:39.0244 0x0f48 mrxsmb10 - ok
18:29:39.0275 0x0f48 [ 3C142D31DE9F2F193218A53FE2632051, 026B3A932A95D5160B64E470FC414F3D388D429317D5EAEA2D476F715C4CAE75 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
18:29:39.0295 0x0f48 mrxsmb20 - ok
18:29:39.0300 0x0f48 [ 5C37497276E3B3A5488B23A326A754B7, 9982FCDAFB963868EB93A4DEF811A3167488EB5246BAC3F4AE960506FDF63967 ] msahci C:\Windows\system32\DRIVERS\msahci.sys
18:29:39.0316 0x0f48 msahci - ok
18:29:39.0323 0x0f48 [ 8D27B597229AED79430FB9DB3BCBFBD0, 3D58E08B47E8AE419D405BF263929DFA6F2F5F0C2D79FD8D6F2CED6452F6F248 ] msdsm C:\Windows\system32\DRIVERS\msdsm.sys
18:29:39.0342 0x0f48 msdsm - ok
18:29:39.0368 0x0f48 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
18:29:39.0389 0x0f48 MSDTC - ok
18:29:39.0398 0x0f48 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
18:29:39.0437 0x0f48 Msfs - ok
18:29:39.0441 0x0f48 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
18:29:39.0478 0x0f48 mshidkmdf - ok
18:29:39.0482 0x0f48 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\DRIVERS\msisadrv.sys
18:29:39.0498 0x0f48 msisadrv - ok
18:29:39.0535 0x0f48 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
18:29:39.0576 0x0f48 MSiSCSI - ok
18:29:39.0580 0x0f48 msiserver - ok
18:29:39.0594 0x0f48 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
18:29:39.0631 0x0f48 MSKSSRV - ok
18:29:39.0636 0x0f48 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
18:29:39.0672 0x0f48 MSPCLOCK - ok
18:29:39.0677 0x0f48 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
18:29:39.0714 0x0f48 MSPQM - ok
18:29:39.0738 0x0f48 [ 89CB141AA8616D8C6A4610FA26C60964, 76E72F6A0348EDC58A8E6F88C7F024B8B077670400BD5A833811DAFCF9F517CC ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
18:29:39.0762 0x0f48 MsRPC - ok
18:29:39.0772 0x0f48 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
18:29:39.0788 0x0f48 mssmbios - ok
18:29:39.0793 0x0f48 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
18:29:39.0830 0x0f48 MSTEE - ok
18:29:39.0834 0x0f48 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
18:29:39.0851 0x0f48 MTConfig - ok
18:29:39.0863 0x0f48 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
18:29:39.0879 0x0f48 Mup - ok
18:29:39.0920 0x0f48 [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] napagent C:\Windows\system32\qagentRT.dll
18:29:39.0982 0x0f48 napagent - ok
18:29:40.0033 0x0f48 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
18:29:40.0063 0x0f48 NativeWifiP - ok
18:29:40.0137 0x0f48 [ CAD515DBD07D082BB317D9928CE8962C, 7AFA6D6154AC68F9FCC37B7B3324F7A170AE91035805026445F24F6EB4FB7F2E ] NDIS C:\Windows\system32\drivers\ndis.sys
18:29:40.0196 0x0f48 NDIS - ok
18:29:40.0203 0x0f48 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
18:29:40.0240 0x0f48 NdisCap - ok
18:29:40.0253 0x0f48 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
18:29:40.0291 0x0f48 NdisTapi - ok
18:29:40.0296 0x0f48 [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
18:29:40.0334 0x0f48 Ndisuio - ok
18:29:40.0342 0x0f48 [ 557DFAB9CA1FCB036AC77564C010DAD3, 8A21B342AFE5B498FB62EDDC81A3ADA9570677B7A382666090E0ABB1F85FEF29 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
18:29:40.0383 0x0f48 NdisWan - ok
18:29:40.0389 0x0f48 [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
18:29:40.0427 0x0f48 NDProxy - ok
18:29:40.0433 0x0f48 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
18:29:40.0471 0x0f48 NetBIOS - ok
18:29:40.0481 0x0f48 [ 9162B273A44AB9DCE5B44362731D062A, 5A1BA6DBFEBB2618DC9D4CC55FA071C170A5D22FFB24CE62DD5B3210D8B45F39 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
18:29:40.0524 0x0f48 NetBT - ok
18:29:40.0542 0x0f48 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] Netlogon C:\Windows\system32\lsass.exe
18:29:40.0559 0x0f48 Netlogon - ok
18:29:40.0603 0x0f48 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
18:29:40.0664 0x0f48 Netman - ok
18:29:40.0696 0x0f48 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
18:29:40.0757 0x0f48 netprofm - ok
18:29:40.0780 0x0f48 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
18:29:40.0796 0x0f48 NetTcpPortSharing - ok
18:29:41.0145 0x0f48 [ 39EDE676D17F37AF4573C2B33EC28ACA, 6C897C8B72D7AC1385302E58509688790CC5F428E967485F92C3CD646907EF59 ] NETw5s64 C:\Windows\system32\DRIVERS\NETw5s64.sys
18:29:41.0563 0x0f48 NETw5s64 - ok
18:29:41.0791 0x0f48 [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64 C:\Windows\system32\DRIVERS\netw5v64.sys
18:29:42.0073 0x0f48 netw5v64 - ok
18:29:42.0133 0x0f48 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
18:29:42.0149 0x0f48 nfrd960 - ok
18:29:42.0175 0x0f48 [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] NlaSvc C:\Windows\System32\nlasvc.dll
18:29:42.0234 0x0f48 NlaSvc - ok
18:29:42.0253 0x0f48 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
18:29:42.0291 0x0f48 Npfs - ok
18:29:42.0381 0x0f48 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
18:29:42.0461 0x0f48 nsi - ok
18:29:42.0466 0x0f48 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
18:29:42.0503 0x0f48 nsiproxy - ok
18:29:42.0606 0x0f48 [ 9A6089B056EA1B83B36424FC9D0A300E, EA60282C5A32B497921B568C1FE735F5BDB9D954DDC4E609F7F3CAE5ED823CEC ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
18:29:42.0686 0x0f48 Ntfs - ok
18:29:42.0702 0x0f48 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
18:29:42.0738 0x0f48 Null - ok
18:29:42.0750 0x0f48 [ 3E38712941E9BB4DDBEE00AFFE3FED3D, 03F27CC0EF0A86D0B2DAAB6F72838CB2AB57FE5D40074828D5B7F118CD5CBEE7 ] nvraid C:\Windows\system32\DRIVERS\nvraid.sys
18:29:42.0769 0x0f48 nvraid - ok
18:29:42.0803 0x0f48 [ 477DC4D6DEB99BE37084C9AC6D013DA1, E58C4D621CAAB1C68FB4A056576F48BC87913A5EBF0B511EFFB8F38C7D3E516E ] nvstor C:\Windows\system32\DRIVERS\nvstor.sys
18:29:42.0822 0x0f48 nvstor - ok
18:29:42.0834 0x0f48 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\DRIVERS\nv_agp.sys
18:29:42.0851 0x0f48 nv_agp - ok
18:29:42.0857 0x0f48 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
18:29:42.0875 0x0f48 ohci1394 - ok
18:29:42.0911 0x0f48 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
18:29:42.0954 0x0f48 p2pimsvc - ok
18:29:42.0986 0x0f48 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
18:29:43.0027 0x0f48 p2psvc - ok
18:29:43.0039 0x0f48 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
18:29:43.0058 0x0f48 Parport - ok
18:29:43.0096 0x0f48 [ 90061B1ACFE8CCAA5345750FFE08D8B8, 76309683FFDF380AF9C6E1D9A52E46B011A0BF1026D747181D01F3312B7541C7 ] partmgr C:\Windows\system32\drivers\partmgr.sys
18:29:43.0139 0x0f48 partmgr - ok
18:29:43.0160 0x0f48 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
18:29:43.0196 0x0f48 PcaSvc - ok
18:29:43.0209 0x0f48 [ F36F6504009F2FB0DFD1B17A116AD74B, 33A4C217F7DC5E5B7E1B6CF335327C8FE6CC5D6D048D420252965574CAD83918 ] pci C:\Windows\system32\DRIVERS\pci.sys
18:29:43.0228 0x0f48 pci - ok
18:29:43.0255 0x0f48 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\DRIVERS\pciide.sys
18:29:43.0345 0x0f48 pciide - ok
18:29:43.0378 0x0f48 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
18:29:43.0398 0x0f48 pcmcia - ok
18:29:43.0404 0x0f48 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
18:29:43.0421 0x0f48 pcw - ok
18:29:43.0439 0x0f48 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
18:29:43.0494 0x0f48 PEAUTH - ok
18:29:43.0561 0x0f48 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
18:29:43.0652 0x0f48 PeerDistSvc - ok
18:29:43.0874 0x0f48 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
18:29:43.0917 0x0f48 PerfHost - ok
18:29:43.0987 0x0f48 [ 557E9A86F65F0DE18C9B6751DFE9D3F1, 630EE5A80335929517A22D130C75CBCE882B92978372A6F36C30B9D353C7BB07 ] pla C:\Windows\system32\pla.dll
18:29:44.0089 0x0f48 pla - ok
18:29:44.0136 0x0f48 [ 98B1721B8718164293B9701B98C52D77, 27F5F00D4AA394D4D8D0A0062EDC3F944B603E07CAAEDC5CC959BA1E8C208C2A ] PlugPlay C:\Windows\system32\umpnpmgr.dll
18:29:44.0163 0x0f48 PlugPlay - ok
18:29:44.0178 0x0f48 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
18:29:44.0195 0x0f48 PNRPAutoReg - ok
18:29:44.0206 0x0f48 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
18:29:44.0232 0x0f48 PNRPsvc - ok
18:29:44.0288 0x0f48 [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
18:29:44.0357 0x0f48 PolicyAgent - ok
18:29:44.0378 0x0f48 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
18:29:44.0419 0x0f48 Power - ok
18:29:44.0453 0x0f48 [ 27CC19E81BA5E3403C48302127BDA717, C580FC552DDF9C163FC325B38B05C06FFD696495E4C01514BCD6346CFE4F0B40 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
18:29:44.0492 0x0f48 PptpMiniport - ok
18:29:44.0509 0x0f48 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
18:29:44.0527 0x0f48 Processor - ok
18:29:44.0561 0x0f48 [ 97293447431311C06703368AD0F6C4BE, 302A3CA8F6961717D95469B20A8A71954D4ECFCDF4638238D3D44AAE5A8D9B8B ] ProfSvc C:\Windows\system32\profsvc.dll
18:29:44.0605 0x0f48 ProfSvc - ok
18:29:44.0620 0x0f48 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] ProtectedStorage C:\Windows\system32\lsass.exe
18:29:44.0637 0x0f48 ProtectedStorage - ok
18:29:44.0671 0x0f48 [ EE992183BD8EAEFD9973F352E587A299, 6B28930FAA0A54FAADDAF2231553D7F5D45C7227454C6D49A86DFC9EF6BC9043 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
18:29:44.0710 0x0f48 Psched - ok
18:29:44.0787 0x0f48 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
18:29:44.0864 0x0f48 ql2300 - ok
18:29:44.0880 0x0f48 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
18:29:44.0897 0x0f48 ql40xx - ok
18:29:44.0925 0x0f48 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
18:29:45.0006 0x0f48 QWAVE - ok
18:29:45.0012 0x0f48 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
18:29:45.0033 0x0f48 QWAVEdrv - ok
18:29:45.0038 0x0f48 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
18:29:45.0075 0x0f48 RasAcd - ok
18:29:45.0106 0x0f48 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
18:29:45.0144 0x0f48 RasAgileVpn - ok
18:29:45.0156 0x0f48 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
18:29:45.0198 0x0f48 RasAuto - ok
18:29:45.0205 0x0f48 [ 87A6E852A22991580D6D39ADC4790463, 0F757C6E5B57DFC239CE1BEC88EF16C07E7F1A40D629A9A6DF3CB6B88FB9E642 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
18:29:45.0245 0x0f48 Rasl2tp - ok
18:29:45.0266 0x0f48 [ 47394ED3D16D053F5906EFE5AB51CC83, FE5D1249788DB6D85C55769251B0AED738D3BBA04DF57124E03397D3C0599286 ] RasMan C:\Windows\System32\rasmans.dll
18:29:45.0325 0x0f48 RasMan - ok
18:29:45.0339 0x0f48 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
18:29:45.0379 0x0f48 RasPppoe - ok
18:29:45.0387 0x0f48 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
18:29:45.0425 0x0f48 RasSstp - ok
18:29:45.0450 0x0f48 [ 3BAC8142102C15D59A87757C1D41DCE5, C0C2C6887EA5A439E69221196348382ACE3E1942C9C6E0A970E153890F71724C ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
18:29:45.0495 0x0f48 rdbss - ok
18:29:45.0500 0x0f48 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
18:29:45.0519 0x0f48 rdpbus - ok
18:29:45.0523 0x0f48 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
18:29:45.0560 0x0f48 RDPCDD - ok
18:29:45.0579 0x0f48 [ 9706B84DBABFC4B4CA46C5A82B14DFA3, AFDC07C257BCB768861483A1842FFB647523946B16DA2812EFAE4FD3252BA303 ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
18:29:45.0605 0x0f48 RDPDR - ok
18:29:45.0623 0x0f48 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
18:29:45.0661 0x0f48 RDPENCDD - ok
18:29:45.0668 0x0f48 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
18:29:45.0705 0x0f48 RDPREFMP - ok
18:29:45.0743 0x0f48 [ 447DE7E3DEA39D422C1504F245B668B1, C54D90D2F9405E011E490D3C2F0F64488B87B969C95E367C076BBFCFD8654909 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
18:29:45.0786 0x0f48 RDPWD - ok
18:29:45.0826 0x0f48 [ 634B9A2181D98F15941236886164EC8B, 15C55F05FD3CD751F619F18E2ADF91552AE82146501CD031402277F496A5B7D8 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
18:29:45.0847 0x0f48 rdyboost - ok
18:29:45.0865 0x0f48 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
18:29:45.0905 0x0f48 RemoteAccess - ok
18:29:45.0935 0x0f48 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
18:29:45.0977 0x0f48 RemoteRegistry - ok
18:29:45.0998 0x0f48 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
18:29:46.0037 0x0f48 RpcEptMapper - ok
18:29:46.0069 0x0f48 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
18:29:46.0086 0x0f48 RpcLocator - ok
18:29:46.0112 0x0f48 [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] RpcSs C:\Windows\system32\rpcss.dll
18:29:46.0162 0x0f48 RpcSs - ok
18:29:46.0184 0x0f48 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
18:29:46.0223 0x0f48 rspndr - ok
18:29:46.0255 0x0f48 [ BAEFEE35D27A5440D35092CE10267BEC, FB550D38C01E07B1170C52C1441874B56DD3BECB10CBE8E132EE3276A05C796E ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
18:29:46.0276 0x0f48 RTL8167 - ok
18:29:46.0307 0x0f48 [ 88AF6E02AB19DF7FD07ECDF9C91E9AF6, C890DCCC875F957CAAD4655EBFF384E3C5998040CA2BA360E92C96A647D1C399 ] s3cap C:\Windows\system32\DRIVERS\vms3cap.sys
18:29:46.0338 0x0f48 s3cap - ok
18:29:46.0364 0x0f48 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] SamSs C:\Windows\system32\lsass.exe
18:29:46.0381 0x0f48 SamSs - ok
18:29:46.0388 0x0f48 [ E3BBB89983DAF5622C1D50CF49F28227, 49370DC142D577D657BF5755AA9B8625C35D3DDAF1F9466B4888507FB8E6FF07 ] sbp2port C:\Windows\system32\DRIVERS\sbp2port.sys
18:29:46.0405 0x0f48 sbp2port - ok
18:29:46.0440 0x0f48 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
18:29:46.0482 0x0f48 SCardSvr - ok
18:29:46.0487 0x0f48 [ C94DA20C7E3BA1DCA269BC8460D98387, E1A5629728A79233B62BA87B4354BC3A332A853CC36A60E77B34923F4BCA8A61 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
18:29:46.0525 0x0f48 scfilter - ok
18:29:46.0590 0x0f48 [ 624D0F5FF99428BB90A5B8A4123E918E, 90A43E6F09B56CB86A3E3851F8E5ABB74905AEB70296F4B87BEDBC3027E65E86 ] Schedule C:\Windows\system32\schedsvc.dll
18:29:46.0659 0x0f48 Schedule - ok
18:29:46.0691 0x0f48 [ 312E2F82AF11E79906898AC3E3D58A1F, F6CB7D8B204B94F749D5DBEFD552150AAB16A34D629F87F73823A7504465F106 ] SCPolicySvc C:\Windows\System32\certprop.dll
18:29:46.0728 0x0f48 SCPolicySvc - ok
18:29:46.0769 0x0f48 [ 2C8D162EFAF73ABD36D8BCBB6340CAE7, DC40B08D39941D4FD0C3D5BEF279F50B66FE2D5859A0C85EF0DB11F91289DA9E ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
18:29:46.0795 0x0f48 sdbus - ok
18:29:46.0817 0x0f48 [ 765A27C3279CE11D14CB9E4F5869FCA5, B6C2EFFBA938828FEF7FE992A4C88B3154D053763C38762DCE13252FE9571FA1 ] SDRSVC C:\Windows\System32\SDRSVC.dll
18:29:46.0839 0x0f48 SDRSVC - ok
18:29:46.0880 0x0f48 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
18:29:46.0936 0x0f48 secdrv - ok
18:29:46.0955 0x0f48 [ 463B386EBC70F98DA5DFF85F7E654346, 8E27B18B04AF587719D1DAE75A042DB998E06CAE112BD68626EF046036D2DCDC ] seclogon C:\Windows\system32\seclogon.dll
18:29:46.0994 0x0f48 seclogon - ok
18:29:47.0000 0x0f48 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
18:29:47.0039 0x0f48 SENS - ok
18:29:47.0061 0x0f48 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
18:29:47.0080 0x0f48 SensrSvc - ok
18:29:47.0084 0x0f48 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
18:29:47.0102 0x0f48 Serenum - ok
18:29:47.0109 0x0f48 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
18:29:47.0128 0x0f48 Serial - ok
18:29:47.0132 0x0f48 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
18:29:47.0150 0x0f48 sermouse - ok
18:29:47.0185 0x0f48 [ C3BC61CE47FF6F4E88AB8A3B429A36AF, 6CA53AD0CB7215BAE3467EC1FD490E3A18504BD6CD4F0FABF9BD37516AB9DFE0 ] SessionEnv C:\Windows\system32\sessenv.dll
18:29:47.0226 0x0f48 SessionEnv - ok
18:29:47.0263 0x0f48 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
18:29:47.0278 0x0f48 sffdisk - ok
18:29:47.0283 0x0f48 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\DRIVERS\sffp_mmc.sys
18:29:47.0299 0x0f48 sffp_mmc - ok
18:29:47.0304 0x0f48 [ 178298F767FE638C9FEDCBDEF58BB5E4, 053D12CFEE5C54EA7D06F9C9CAE93544FE258A4825CDE2A14090BC81A96E1CF7 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
18:29:47.0320 0x0f48 sffp_sd - ok
18:29:47.0325 0x0f48 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
18:29:47.0342 0x0f48 sfloppy - ok
18:29:47.0363 0x0f48 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
18:29:47.0422 0x0f48 SharedAccess - ok
18:29:47.0449 0x0f48 [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
18:29:47.0492 0x0f48 ShellHWDetection - ok
18:29:47.0507 0x0f48 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
18:29:47.0523 0x0f48 SiSRaid2 - ok
18:29:47.0544 0x0f48 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
18:29:47.0561 0x0f48 SiSRaid4 - ok
18:29:47.0648 0x0f48 [ F5BBEDF602C310B00036EB2DBF4348A5, AC2712E639F0C54BCF00EB4E90E805335871EA27AE8A45DFC53EDF28822318C4 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
18:29:47.0683 0x0f48 SkypeUpdate - ok
18:29:47.0696 0x0f48 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
18:29:47.0735 0x0f48 Smb - ok
18:29:47.0754 0x0f48 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
18:29:47.0772 0x0f48 SNMPTRAP - ok
18:29:47.0776 0x0f48 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
18:29:47.0792 0x0f48 spldr - ok
18:29:47.0866 0x0f48 [ 567977DC43CC13C4C35ED7084C0B84D5, 93EEC3ABA66DA83157F49F056EF1CB3355122204F2BB0F8B618064AF47D59A61 ] Spooler C:\Windows\System32\spoolsv.exe
18:29:47.0911 0x0f48 Spooler - ok
18:29:48.0069 0x0f48 [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] sppsvc C:\Windows\system32\sppsvc.exe
18:29:48.0270 0x0f48 sppsvc - ok
18:29:48.0284 0x0f48 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
18:29:48.0324 0x0f48 sppuinotify - ok
18:29:48.0377 0x0f48 [ 2408C0366D96BCDF63E8F1C78E4A29C5, 66F646890695B5D80536E88B1566C8765D89CFE25954ED650F6D773EFF045016 ] srv C:\Windows\system32\DRIVERS\srv.sys
18:29:48.0423 0x0f48 srv - ok
18:29:48.0447 0x0f48 [ 76548F7B818881B47D8D1AE1BE9C11F8, 8F1356B07A6A55746FC71B6DB0322128941AE890850196F2B19BC01E6FC9B41C ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
18:29:48.0474 0x0f48 srv2 - ok
18:29:48.0523 0x0f48 [ 0AF6E19D39C70844C5CAA8FB0183C36E, 4494EEFDEA7198888D32E74727E5BC0AC628FFA70B1FE7EB59DBEEDC1A95D0DD ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
18:29:48.0542 0x0f48 srvnet - ok
18:29:48.0574 0x0f48 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
18:29:48.0618 0x0f48 SSDPSRV - ok
18:29:48.0628 0x0f48 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
18:29:48.0668 0x0f48 SstpSvc - ok
18:29:48.0690 0x0f48 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
18:29:48.0705 0x0f48 stexstor - ok
18:29:48.0742 0x0f48 [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] stisvc C:\Windows\System32\wiaservc.dll
18:29:48.0789 0x0f48 stisvc - ok
18:29:48.0815 0x0f48 [ FFD7A6F15B14234B5B0E5D49E7961895, 9553BDB65D021DA621BDFF1C180B9F4C6355FC748BAE854CE114D4B3EFF307B7 ] storflt C:\Windows\system32\DRIVERS\vmstorfl.sys
18:29:48.0832 0x0f48 storflt - ok
18:29:48.0851 0x0f48 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
18:29:48.0879 0x0f48 StorSvc - ok
18:29:48.0884 0x0f48 [ 8FCCBEFC5C440B3C23454656E551B09A, 392A38D0B18B7FD08ACBE3E56ADCB235FA49BDB99F81E0820434D57332FA8FF7 ] storvsc C:\Windows\system32\DRIVERS\storvsc.sys
18:29:48.0900 0x0f48 storvsc - ok
18:29:48.0905 0x0f48 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
18:29:48.0920 0x0f48 swenum - ok
18:29:48.0943 0x0f48 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
18:29:49.0005 0x0f48 swprv - ok
18:29:49.0073 0x0f48 [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] SysMain C:\Windows\system32\sysmain.dll
18:29:49.0176 0x0f48 SysMain - ok
18:29:49.0231 0x0f48 [ 238935C3CF2854886DC7CBB2A0E2CC66, BBF7A70BF218A544CC1A6FB81F75EAD29D418794162936BE197D6D61FE0DB1C4 ] TabletInputService C:\Windows\System32\TabSvc.dll
18:29:49.0254 0x0f48 TabletInputService - ok
18:29:49.0270 0x0f48 [ 884264AC597B690C5707C89723BB8E7B, 9BF209A4128019421F7EC4AFF71103C5F411DB6CFB32AAC1633E789AD7A30708 ] TapiSrv C:\Windows\System32\tapisrv.dll
18:29:49.0328 0x0f48 TapiSrv - ok
18:29:49.0348 0x0f48 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
18:29:49.0388 0x0f48 TBS - ok
18:29:49.0483 0x0f48 [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
18:29:49.0594 0x0f48 Tcpip - ok
18:29:49.0675 0x0f48 [ 5CFB7AB8F9524D1A1E14369DE63B83CC, BC22FC5714A6A8F8CF95D3D9656332D7B315FF7CFA50C0DEB7437A30651D10C7 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
18:29:49.0731 0x0f48 TCPIP6 - ok
18:29:49.0761 0x0f48 [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
18:29:49.0799 0x0f48 tcpipreg - ok
18:29:49.0805 0x0f48 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
18:29:49.0828 0x0f48 TDPIPE - ok
18:29:49.0859 0x0f48 [ 7518F7BCFD4B308ABC9192BACAF6C970, CF08E547EF4059DA3F5A2FCBA98939E84092BB6E0E37F9BBCD1E4D9EBB8A58BB ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
18:29:49.0887 0x0f48 TDTCP - ok
18:29:49.0899 0x0f48 [ 079125C4B17B01FCAEEBCE0BCB290C0F, B2DF1F2317EF5DCF0A89327332E9F2770ED604005B3138C095FF01AA63B91437 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
18:29:49.0938 0x0f48 tdx - ok
18:29:49.0945 0x0f48 [ C448651339196C0E869A355171875522, C12441CF21D7D47804952B968689D78E3BA0323A90C4C811B54A6B2E6260BAD4 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
18:29:49.0961 0x0f48 TermDD - ok
18:29:50.0025 0x0f48 [ 0F05EC2887BFE197AD82A13287D2F404, 78C8A8FE9B1101430CA79875DA34413C35B6D7A5EE1932E454C50731335437A6 ] TermService C:\Windows\System32\termsrv.dll
18:29:50.0116 0x0f48 TermService - ok
18:29:50.0126 0x0f48 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
18:29:50.0149 0x0f48 Themes - ok
18:29:50.0164 0x0f48 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
18:29:50.0203 0x0f48 THREADORDER - ok
18:29:50.0222 0x0f48 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
18:29:50.0264 0x0f48 TrkWks - ok
18:29:50.0313 0x0f48 [ 840F7FB849F5887A49BA18C13B2DA920, A59C40A090E03C0136A865FC54508BA938E7B467C8198BC009FE263E6C275781 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
18:29:50.0358 0x0f48 TrustedInstaller - ok
18:29:50.0379 0x0f48 [ 61B96C26131E37B24E93327A0BD1FB95, 7C551B6FD0447258BC3FDED72D8D41A0E8B731562170C264295592D45F85D9FF ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
18:29:50.0416 0x0f48 tssecsrv - ok
18:29:50.0447 0x0f48 [ 3836171A2CDF3AF8EF10856DB9835A70, 74CD0A21B4E5B47E8D762CC28282CA8D512D424EC591D90099B9F8D034AA2FC2 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
18:29:50.0488 0x0f48 tunnel - ok
18:29:50.0493 0x0f48 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
18:29:50.0510 0x0f48 uagp35 - ok
18:29:50.0530 0x0f48 [ D47BAEAD86C65D4F4069D7CE0A4EDCEB, DBAEA010F11A5EFD961B1841308EA3F220A9FFB01F364BA9B8F72200DA2BBCD8 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
18:29:50.0590 0x0f48 udfs - ok
18:29:50.0622 0x0f48 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
18:29:50.0641 0x0f48 UI0Detect - ok
18:29:50.0655 0x0f48 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\DRIVERS\uliagpkx.sys
18:29:50.0672 0x0f48 uliagpkx - ok
18:29:50.0686 0x0f48 [ EAB6C35E62B1B0DB0D1B48B671D3A117, E65034BF757AE4D21F69D7A91A7990E326A29A0CE9F871FD704B5E6CCC821FF0 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
18:29:50.0704 0x0f48 umbus - ok
18:29:50.0710 0x0f48 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
18:29:50.0726 0x0f48 UmPass - ok
18:29:50.0745 0x0f48 [ AF0AC98EE5077EB844413EB54287FDE3, 1586326510DE94E2735EFAD94A68D06DB5B7347B68055A9EA8B95E19D91A2E69 ] UmRdpService C:\Windows\System32\umrdp.dll
18:29:50.0768 0x0f48 UmRdpService - ok
18:29:50.0795 0x0f48 [ B1EC2CAA074A857BF98CA990E576BC2D, FBEBBFBC0EF3174C934A7D03CBC1DDEC3EE5A37E4AC853056BEA5E38620CD8B9 ] Update Whilokii C:\Program Files (x86)\Whilokii\updateWhilokii.exe
18:29:50.0808 0x0f48 Update Whilokii - ok
18:29:50.0842 0x0f48 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
18:29:50.0902 0x0f48 upnphost - ok
18:29:50.0923 0x0f48 [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
18:29:50.0953 0x0f48 usbccgp - ok
18:29:50.0983 0x0f48 [ C3D1D402FD39EE517E2CEEE0A937FCBA, 05F2ECC2E6F844ACFACE02DE846B81BBBC9A6C4980EF0B4D3D943759C339A7C5 ] usbcir C:\Windows\system32\DRIVERS\usbcir.sys
18:29:51.0005 0x0f48 usbcir - ok
18:29:51.0019 0x0f48 [ DF9F9AFC9AAABD8ED47975D44E38169A, 3EB9E900F35B13208D4B3F9FF3B42972EF3FAFEE1225CC144AC2340410B991C8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
18:29:51.0036 0x0f48 usbehci - ok
18:29:51.0061 0x0f48 [ 372A91BC3C6603080A793880B0873785, DC24793760922B92278335AF3B752EBE4373132A1D5CD02EF86466DCC90EB560 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
18:29:51.0088 0x0f48 usbhub - ok
18:29:51.0098 0x0f48 [ 58E546BBAF87664FC57E0F6081E4F609, 1DD99D57369A0069654432AB5325AFD8F7D422D531E053EA05FF664BA6BDAEF9 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
18:29:51.0114 0x0f48 usbohci - ok
18:29:51.0129 0x0f48 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
18:29:51.0148 0x0f48 usbprint - ok
18:29:51.0154 0x0f48 [ 080D3820DA6C046BE82FC8B45A893E83, EF4829A2D5B8D47AA7E06093EC85244042ED1CCFF43CC80DC44EF018B434197A ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
18:29:51.0174 0x0f48 USBSTOR - ok
18:29:51.0179 0x0f48 [ 81FB2216D3A60D1284455D511797DB3D, 121E52B18A1832E775EA0AE2E053BAA53E5A70E9754724B1449AE5992D63B13E ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
18:29:51.0197 0x0f48 usbuhci - ok
18:29:51.0235 0x0f48 [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
18:29:51.0270 0x0f48 usbvideo - ok
18:29:51.0333 0x0f48 [ B1EC2CAA074A857BF98CA990E576BC2D, FBEBBFBC0EF3174C934A7D03CBC1DDEC3EE5A37E4AC853056BEA5E38620CD8B9 ] Util Whilokii C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe
18:29:51.0365 0x0f48 Util Whilokii - ok
18:29:51.0387 0x0f48 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
18:29:51.0426 0x0f48 UxSms - ok
18:29:51.0453 0x0f48 [ 156F6159457D0AA7E59B62681B56EB90, 27B855BF79490E4CC58D38A920C077A56785494BFFF0B448A898486009B24937 ] VaultSvc C:\Windows\system32\lsass.exe
18:29:51.0470 0x0f48 VaultSvc - ok
18:29:51.0521 0x0f48 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\DRIVERS\vdrvroot.sys
18:29:51.0536 0x0f48 vdrvroot - ok
18:29:51.0570 0x0f48 [ 44D73E0BBC1D3C8981304BA15135C2F2, 2849387BBCFB0189AF5604D2F7A631BD5D6BBB2CA73AF6E870069AF382A74DED ] vds C:\Windows\System32\vds.exe
18:29:51.0615 0x0f48 vds - ok
18:29:51.0621 0x0f48 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
18:29:51.0640 0x0f48 vga - ok
18:29:51.0646 0x0f48 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
18:29:51.0684 0x0f48 VgaSave - ok
18:29:51.0698 0x0f48 [ C82E748660F62A242B2DFAC1442F22A4, 24AD6CAA918C5AB6F461D88825885C8637C224001AAD7A80BDC240368CDB0B7E ] vhdmp C:\Windows\system32\DRIVERS\vhdmp.sys
18:29:51.0718 0x0f48 vhdmp - ok
18:29:51.0731 0x0f48 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\DRIVERS\viaide.sys
18:29:51.0746 0x0f48 viaide - ok
18:29:51.0773 0x0f48 [ 1501699D7EDA984ABC4155A7DA5738D1, 448DFEFF565F1467F387E4EC9782DDD48B8FFDDF6B1EA46A790C2782C20BD952 ] vmbus C:\Windows\system32\DRIVERS\vmbus.sys
18:29:51.0793 0x0f48 vmbus - ok
18:29:51.0800 0x0f48 [ AE10C35761889E65A6F7176937C5592C, 9DC27647B6149C9B2523799F85B18122CCE749264624FE2E5FE843FE00642BBE ] VMBusHID C:\Windows\system32\DRIVERS\VMBusHID.sys
18:29:51.0817 0x0f48 VMBusHID - ok
18:29:51.0823 0x0f48 [ 2B1A3DAE2B4E70DBBA822B7A03FBD4A3, 91F2B935E1E88C5542650F7D679A75D0562F4A5812179D1EC146D4B6351361E2 ] volmgr C:\Windows\system32\DRIVERS\volmgr.sys
18:29:51.0840 0x0f48 volmgr - ok
18:29:51.0859 0x0f48 [ 99B0CBB569CA79ACAED8C91461D765FB, 5BE394A39A941DE2AA1212E66B7068F90D423FA816238657CB9B2DA8BBE69B9B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
18:29:51.0882 0x0f48 volmgrx - ok
18:29:51.0935 0x0f48 [ 9E425AC5C9A5A973273D169F43B4F5E1, 64C9A9D4A39865E56F01B4FDE1B56034C4B2A2AEF2ABE15EC1C37911C59595B0 ] volsnap C:\Windows\system32\DRIVERS\volsnap.sys
18:29:51.0964 0x0f48 volsnap - ok
18:29:52.0000 0x0f48 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
18:29:52.0019 0x0f48 vsmraid - ok
18:29:52.0114 0x0f48 [ 787898BF9FB6D7BD87A36E2D95C899BA, A6C0C7402B1A198E7B3D6D7D283FCB5815AC429DA68FC9B54C67707F3233CCB5 ] VSS C:\Windows\system32\vssvc.exe
18:29:52.0173 0x0f48 VSS - ok
18:29:52.0228 0x0f48 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
18:29:52.0280 0x0f48 vwifibus - ok
18:29:52.0288 0x0f48 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
18:29:52.0316 0x0f48 vwififlt - ok
18:29:52.0359 0x0f48 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
18:29:52.0407 0x0f48 W32Time - ok
18:29:52.0414 0x0f48 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
18:29:52.0433 0x0f48 WacomPen - ok
18:29:52.0450 0x0f48 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
18:29:52.0489 0x0f48 WANARP - ok
18:29:52.0498 0x0f48 [ 47CA49400643EFFD3F1C9A27E1D69324, 7EFD3405282264F7987172B226882FCDD223F771959B9CEBEBF9ECEA317D85B0 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
18:29:52.0537 0x0f48 Wanarpv6 - ok
18:29:52.0632 0x0f48 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
18:29:52.0713 0x0f48 WatAdminSvc - ok
18:29:52.0803 0x0f48 [ 5AB1BB85BD8B5089CC5D64200DEDAE68, 28777D4F3CD07C8E3465B6DA0FCA994E0B93071A3A0D4D1D64C1DF633DD1C64F ] wbengine C:\Windows\system32\wbengine.exe
18:29:52.0894 0x0f48 wbengine - ok
18:29:52.0907 0x0f48 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
18:29:52.0934 0x0f48 WbioSrvc - ok
18:29:52.0998 0x0f48 [ DD1BAE8EBFC653824D29CCF8C9054D68, 81D6640222FE276D721168745F6BB905D4E756909A9B2C706AF25465D748772D ] wcncsvc C:\Windows\System32\wcncsvc.dll
18:29:53.0042 0x0f48 wcncsvc - ok
18:29:53.0063 0x0f48 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
18:29:53.0082 0x0f48 WcsPlugInService - ok
18:29:53.0114 0x0f48 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
18:29:53.0130 0x0f48 Wd - ok
18:29:53.0183 0x0f48 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
18:29:53.0238 0x0f48 Wdf01000 - ok
18:29:53.0282 0x0f48 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
18:29:53.0307 0x0f48 WdiServiceHost - ok
18:29:53.0313 0x0f48 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
18:29:53.0337 0x0f48 WdiSystemHost - ok
18:29:53.0371 0x0f48 [ 733006127F235BE7C35354EBEE7B9A7B, 2C7E7030D586C36261F33F29883337695493D48CEA415D6DBA7C5635845A5B32 ] WebClient C:\Windows\System32\webclnt.dll
18:29:53.0432 0x0f48 WebClient - ok
18:29:53.0473 0x0f48 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
18:29:53.0518 0x0f48 Wecsvc - ok
18:29:53.0533 0x0f48 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
18:29:53.0576 0x0f48 wercplsupport - ok
18:29:53.0608 0x0f48 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
18:29:53.0657 0x0f48 WerSvc - ok
18:29:53.0701 0x0f48 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
18:29:53.0738 0x0f48 WfpLwf - ok
18:29:53.0743 0x0f48 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
18:29:53.0759 0x0f48 WIMMount - ok
18:29:53.0772 0x0f48 WinDefend - ok
18:29:53.0778 0x0f48 WinHttpAutoProxySvc - ok
18:29:53.0890 0x0f48 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
18:29:53.0954 0x0f48 Winmgmt - ok
18:29:54.0057 0x0f48 [ 41FBB751936B387F9179E7F03A74FE29, 7A73D887BEC19DFC485ED42B4E6ABEBF824555139B81EA30731A00773E707464 ] WinRM C:\Windows\system32\WsmSvc.dll
18:29:54.0182 0x0f48 WinRM - ok
18:29:54.0250 0x0f48 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
18:29:54.0309 0x0f48 Wlansvc - ok
18:29:54.0324 0x0f48 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
18:29:54.0340 0x0f48 WmiAcpi - ok
18:29:54.0367 0x0f48 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
18:29:54.0390 0x0f48 wmiApSrv - ok
18:29:54.0429 0x0f48 WMPNetworkSvc - ok
18:29:54.0446 0x0f48 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
18:29:54.0464 0x0f48 WPCSvc - ok
18:29:54.0471 0x0f48 [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
18:29:54.0492 0x0f48 WPDBusEnum - ok
18:29:54.0512 0x0f48 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
18:29:54.0549 0x0f48 ws2ifsl - ok
18:29:54.0573 0x0f48 [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] wscsvc C:\Windows\System32\wscsvc.dll
18:29:54.0608 0x0f48 wscsvc - ok
18:29:54.0612 0x0f48 WSearch - ok
18:29:54.0728 0x0f48 [ B4F54911FD477012FDABF5EF7EFAA945, FD1A29E7647EAE37750EC24AF3325045D00E43DF1CE070510D86A86FF8F92484 ] WsysSvc C:\ProgramData\eSafe\eGdpSvc.exe
18:29:54.0810 0x0f48 WsysSvc - ok
18:29:54.0934 0x0f48 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
18:29:55.0072 0x0f48 wuauserv - ok
18:29:55.0113 0x0f48 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
18:29:55.0136 0x0f48 WudfPf - ok
18:29:55.0184 0x0f48 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
18:29:55.0205 0x0f48 wudfsvc - ok
18:29:55.0247 0x0f48 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\Windows\System32\wwansvc.dll
18:29:55.0318 0x0f48 WwanSvc - ok
18:29:55.0332 0x0f48 ================ Scan global ===============================
18:29:55.0358 0x0f48 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
18:29:55.0397 0x0f48 [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
18:29:55.0420 0x0f48 [ 3FB74FF230B5D240A57AE1C4A3D0459D, 7A4036CAC3BAAEC719E4152F2CAA9D9B69DACBDC7502147D7160D04AE70BC8DF ] C:\Windows\system32\winsrv.dll
18:29:55.0459 0x0f48 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
18:29:55.0509 0x0f48 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
18:29:55.0522 0x0f48 [ Global ] - ok
18:29:55.0523 0x0f48 ================ Scan MBR ==================================
18:29:55.0539 0x0f48 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
18:29:56.0045 0x0f48 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
18:29:56.0045 0x0f48 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
18:29:58.0511 0x0f48 ================ Scan VBR ==================================
18:29:58.0518 0x0f48 [ 5A021CF36B7C8FF7F6B0F0150B7457E1 ] \Device\Harddisk0\DR0\Partition1
18:29:58.0521 0x0f48 \Device\Harddisk0\DR0\Partition1 - ok
18:29:58.0542 0x0f48 [ 0F863E609F781DFB426ECAC11B0DD732 ] \Device\Harddisk0\DR0\Partition2
18:29:58.0545 0x0f48 \Device\Harddisk0\DR0\Partition2 - ok
18:29:58.0546 0x0f48 Waiting for KSN requests completion. In queue: 61
18:29:59.0546 0x0f48 Waiting for KSN requests completion. In queue: 61
18:30:00.0546 0x0f48 Waiting for KSN requests completion. In queue: 61
18:30:01.0558 0x0f48 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.0.307 ), 0x41000 ( enabled : updated )
18:30:01.0570 0x0f48 Win FW state via NFP2: enabled
18:30:04.0036 0x0f48 ============================================================
18:30:04.0036 0x0f48 Scan finished
18:30:04.0036 0x0f48 ============================================================
18:30:04.0057 0x0934 Detected object count: 1
18:30:04.0057 0x0934 Actual detected object count: 1
18:30:17.0831 0x0934 \Device\Harddisk0\DR0\TDLFS\cfg.ini - copied to quarantine
18:30:17.0835 0x0934 \Device\Harddisk0\DR0\TDLFS\mbr - copied to quarantine
18:30:17.0841 0x0934 \Device\Harddisk0\DR0\TDLFS\ldr16 - copied to quarantine
18:30:17.0849 0x0934 \Device\Harddisk0\DR0\TDLFS\ldr32 - copied to quarantine
18:30:17.0874 0x0934 \Device\Harddisk0\DR0\TDLFS\drv32 - copied to quarantine
18:30:17.0895 0x0934 \Device\Harddisk0\DR0\TDLFS\drv64 - copied to quarantine
18:30:17.0950 0x0934 \Device\Harddisk0\DR0\TDLFS\cmd.dll - copied to quarantine
18:30:17.0963 0x0934 \Device\Harddisk0\DR0\TDLFS\cmd64.dll - copied to quarantine
18:30:17.0972 0x0934 \Device\Harddisk0\DR0\TDLFS\bckfg.tmp - copied to quarantine
18:30:18.0028 0x0934 \Device\Harddisk0\DR0\TDLFS\keywords - copied to quarantine
18:30:18.0036 0x0934 \Device\Harddisk0\DR0\TDLFS\kdmf.tmp - copied to quarantine
18:30:18.0050 0x0934 \Device\Harddisk0\DR0\TDLFS\r.dll - copied to quarantine
18:30:18.0050 0x0934 \Device\Harddisk0\DR0\TDLFS - deleted
18:30:18.0050 0x0934 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Delete

Alt 15.10.2013, 17:34   #12
usernamejuli
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Schritt 2
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2013
Ran by Juli (administrator) on JULI-PC on 15-10-2013 18:32:13
Running from C:\Users\Juli\Downloads
Windows 7 Professional (X64) OS Language: German Standard
Internet Explorer Version 9
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\system32\atiesrxx.exe
(Hewlett-Packard Company) C:\Windows\system32\Hpservice.exe
(Wsys Co., Ltd.) C:\ProgramData\eSafe\eGdpSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Whilokii) C:\Program Files (x86)\Whilokii\updateWhilokii.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Microsoft Corporation) C:\Windows\system32\LogonUI.exe
() C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Juli\AppData\Local\Google\Chrome\Application\chrome.exe
(Whilokii) C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe
(Kaspersky Lab ZAO) C:\Users\Juli\Desktop\TDSSKiller.exe

==================== Registry (Whitelisted) ==================

HKCU\...\Run: [Google Update] - C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-10-13] (Google Inc.)
HKCU\...\Run: [Skype] - C:\Program Files (x86)\Skype\Phone\Skype.exe [20472992 2013-10-02] (Skype Technologies S.A.)
HKLM-x32\...\Run: [avgnt] - C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [681032 2013-09-30] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-09-05] (Adobe Systems Incorporated)
AppInit_DLLs-x32: c:\progra~3\bitguard\261694~1.246\{c16c1~1\bitguard.dll  [2704352 2013-09-23] ()

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = MSN Deutschland: Aktuelle Nachrichten, Outlook.com Email und Skype Login.
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8280B0C63EC8CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6
HKCU\Software\Microsoft\Internet Explorer\Main,bProtector Start Page = Search-Gol
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = QVO6
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = QVO6
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = QVO6
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe QVO6
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
SearchScopes: HKCU - bProtectorDefaultScope {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
SearchScopes: HKCU - {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} URL = hxxp://www.searchgol.com/?q={searchTerms}&babsrc=SP_ss&mntrId=CAAB00238B890D3D&affID=125035&tsp=5035
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=cor&utm_campaign=eXQ&utm_content=ds&from=cor&uid=WDCXWD5000BEVT-60ZAT0_WD-WXN209LD3559D3559&ts=1381764679&type=default&q={searchTerms}
BHO-x32: Whilokii - {204df522-9a96-4a72-abb0-60f7a216d6d2} - C:\Program Files (x86)\Whilokii\Whilokiibho.dll (Whilokii)
BHO-x32: searchgol Helper Object - {8F547BDD-FCD4-48F8-A06F-573D6F404A3C} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\bh\searchgol.dll (Montera Technologeis LTD)
BHO-x32: BonanzaDeals - {fe063412-bea4-4d76-8ed3-183be6220d17} - C:\Program Files (x86)\BonanzaDeals\BonanzaDealsIE.dll (BonanzaDeals)
Toolbar: HKLM-x32 - searchgol Toolbar - {00078E95-3A4A-4137-8DE7-2824908D1C17} - C:\Program Files (x86)\searchgol\searchgol\1.8.16.19\searchgolTlbr.dll (Montera Technologeis LTD)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1

Chrome: 
=======
CHR Extension: (Search-Gol Toolbar) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aipfmkinhleccnodemkoofnnofpbbpac\1.0_0
CHR Extension: (Google Docs) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0
CHR Extension: (Google Drive) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
CHR Extension: (YouTube) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
CHR Extension: (Google Search) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
CHR Extension: (Whilokii) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\iaimhpklononapfjngelgdokckfjekfc\1.0.0_0
CHR Extension: (BonanzaDeals) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ieadcoanfjloocmfafkebdnfefmohngj\3.5.0.0_0
CHR Extension: (Lightning Newtab) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo\1.1.6.6_0
CHR Extension: (Chrome In-App Payments service) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
CHR Extension: (Gmail) - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
CHR HKLM-x32\...\Chrome\Extension: [aipfmkinhleccnodemkoofnnofpbbpac] - C:\Users\Juli\AppData\Roaming\BabSolution\CR\searchgol.crx
CHR HKLM-x32\...\Chrome\Extension: [iaimhpklononapfjngelgdokckfjekfc] - C:\Program Files (x86)\Whilokii\iaimhpklononapfjngelgdokckfjekfc.crx
CHR HKLM-x32\...\Chrome\Extension: [ifohbjbgfchkkfhphahclmkpgejiplfo] - C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtab.crx

==================== Services (Whitelisted) =================

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440392 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440392 2013-09-30] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1164360 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 BitGuard; C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exe [2845664 2013-09-23] ()
S2 bonanzadealslive; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-14] (BonanzaDeals)
S3 bonanzadealslivem; C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [148976 2013-10-14] (BonanzaDeals)
R2 Update Whilokii; C:\Program Files (x86)\Whilokii\updateWhilokii.exe [65304 2013-10-05] (Whilokii)
R2 Util Whilokii; C:\Program Files (x86)\Whilokii\bin\utilWhilokii.exe [65304 2013-10-15] (Whilokii)
R2 WsysSvc; C:\ProgramData\eSafe\eGdpSvc.exe [1706064 2013-10-14] (Wsys Co., Ltd.)

==================== Drivers (Whitelisted) ====================

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [105856 2013-09-30] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132600 2013-09-30] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-09-30] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [83160 2013-09-30] (Avira Operations GmbH & Co. KG)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2013-10-15 18:30 - 2013-10-15 18:30 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-10-15 18:07 - 2013-10-15 18:07 - 04101145 _____ C:\Users\Juli\Downloads\tdsskiller (1).zip
2013-10-15 15:37 - 2013-10-15 18:07 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Juli\Desktop\TDSSKiller.exe
2013-10-15 11:30 - 2013-10-15 11:30 - 00648160 _____ (Unity Technologies ApS) C:\Users\Juli\Downloads\UnityWebPlayer.exe
2013-10-15 11:30 - 2013-10-15 11:30 - 00000000 ____D C:\Users\Juli\AppData\Local\Unity
2013-10-15 10:59 - 2013-10-15 10:59 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Adobe
2013-10-15 10:42 - 2013-10-15 10:42 - 00011152 _____ C:\Users\Juli\Desktop\Ereignisse.txt
2013-10-15 10:38 - 2013-10-15 10:59 - 00000000 ____D C:\ProgramData\Adobe
2013-10-15 10:38 - 2013-10-15 10:38 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-15 10:38 - 2013-10-15 10:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-15 10:35 - 2013-10-15 10:59 - 00000000 ____D C:\Users\Juli\AppData\Local\Adobe
2013-10-15 01:40 - 2010-09-14 08:45 - 00367104 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2013-10-15 01:40 - 2010-09-14 08:07 - 00276992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wcncsvc.dll
2013-10-15 01:20 - 2012-07-26 06:55 - 00785512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2013-10-15 01:20 - 2012-07-26 06:55 - 00054376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdfLdr.sys
2013-10-15 01:20 - 2012-07-26 04:36 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\Wdfres.dll
2013-10-15 01:20 - 2012-06-02 16:35 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_Kernel_01011_Inbox_Critical.Wdf
2013-10-15 01:10 - 2009-11-25 12:47 - 01942856 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 01130824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 00444752 _____ (Microsoft Corporation) C:\Windows\system32\mscoree.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 00320352 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHost.exe
2013-10-15 01:10 - 2009-11-25 12:47 - 00297808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscoree.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 00295264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHost.exe
2013-10-15 01:10 - 2009-11-25 12:47 - 00109912 _____ (Microsoft Corporation) C:\Windows\system32\PresentationHostProxy.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 00099176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationHostProxy.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 00049472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netfxperf.dll
2013-10-15 01:10 - 2009-11-25 12:47 - 00048960 _____ (Microsoft Corporation) C:\Windows\system32\netfxperf.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 17833984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-10-15 01:08 - 2013-10-15 01:08 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-10-15 01:08 - 2013-10-15 01:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-15 01:08 - 2013-10-15 01:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-15 01:08 - 2013-10-15 01:08 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-15 01:08 - 2013-10-15 01:08 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-10-15 01:08 - 2013-10-15 01:08 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-10-15 01:08 - 2013-10-15 01:08 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-10-15 01:08 - 2013-10-15 01:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-10-15 01:08 - 2013-10-15 01:08 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-10-15 01:08 - 2013-10-15 01:08 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-10-15 01:04 - 2013-10-15 01:10 - 00004905 _____ C:\Windows\IE9_main.log
2013-10-15 00:57 - 2012-12-16 18:52 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2013-10-15 00:57 - 2012-12-16 16:40 - 00367616 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2013-10-15 00:57 - 2012-12-16 16:25 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2013-10-15 00:57 - 2012-12-16 16:25 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2013-10-15 00:56 - 2012-07-26 05:08 - 00744448 _____ (Microsoft Corporation) C:\Windows\system32\WUDFx.dll
2013-10-15 00:56 - 2012-07-26 05:08 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2013-10-15 00:56 - 2012-07-26 05:08 - 00194048 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2013-10-15 00:56 - 2012-07-26 05:08 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2013-10-15 00:56 - 2012-07-26 05:08 - 00045056 _____ (Microsoft Corporation) C:\Windows\system32\WUDFCoinstaller.dll
2013-10-15 00:56 - 2012-07-26 04:26 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2013-10-15 00:56 - 2012-07-26 04:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2013-10-15 00:56 - 2012-06-02 16:57 - 00000003 _____ C:\Windows\system32\Drivers\MsftWdf_User_01_11_00_Inbox_Critical.Wdf
2013-10-15 00:52 - 2012-03-01 08:54 - 00022896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fs_rec.sys
2013-10-15 00:52 - 2012-03-01 08:40 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2013-10-15 00:52 - 2012-03-01 08:35 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\wmi.dll
2013-10-15 00:52 - 2012-03-01 07:45 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2013-10-15 00:52 - 2012-03-01 07:40 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmi.dll
2013-10-14 18:54 - 2013-10-14 18:54 - 00000000 ____D C:\Users\Juli\AppData\Local\avgchrome
2013-10-14 18:30 - 2013-10-15 11:29 - 00000089 _____ C:\Users\Juli\AppData\Roaming\WB.CFG
2013-10-14 18:30 - 2013-10-15 11:29 - 00000006 _____ C:\Users\Juli\AppData\Roaming\WBPU-TTL.DAT
2013-10-14 17:52 - 2013-10-15 10:49 - 00015365 _____ C:\Users\Juli\Downloads\Addition.txt
2013-10-14 17:51 - 2013-10-14 17:51 - 00000000 ____D C:\FRST
2013-10-14 17:49 - 2013-10-14 17:49 - 01954124 _____ (Farbar) C:\Users\Juli\Downloads\FRST64.exe
2013-10-14 17:49 - 2013-10-14 17:49 - 00000000 ____D C:\Users\Juli\Documents\My Received Files
2013-10-14 17:49 - 2013-10-14 17:49 - 00000000 ____D C:\Users\Juli\AppData\Roaming\MusicNet
2013-10-14 17:47 - 2013-10-14 17:47 - 01332104 _____ (iMesh Inc) C:\Users\Juli\Downloads\iMeshSetup-r1487-w-bc.exe
2013-10-14 17:35 - 2013-10-14 17:36 - 04101172 _____ C:\Users\Juli\Downloads\tdsskiller.zip
2013-10-14 17:33 - 2013-10-14 17:43 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-14 17:33 - 2013-10-14 17:34 - 02240864 _____ (Kaspersky Lab ZAO) C:\Users\Juli\Downloads\tdsskiller.exe
2013-10-14 17:31 - 2013-10-15 18:10 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-14 17:31 - 2013-10-15 18:08 - 00000000 ____D C:\ProgramData\eSafe
2013-10-14 17:31 - 2013-10-15 18:05 - 00000922 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-14 17:31 - 2013-10-15 10:00 - 00000918 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-14 17:31 - 2013-10-15 09:58 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-10-14 17:31 - 2013-10-14 17:42 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Systweak
2013-10-14 17:31 - 2013-10-14 17:31 - 00003918 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-10-14 17:31 - 2013-10-14 17:31 - 00003666 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-10-14 17:31 - 2013-10-14 17:31 - 00003384 _____ C:\Windows\System32\Tasks\BonanzaDealsUpdate
2013-10-14 17:31 - 2013-10-14 17:31 - 00003382 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\searchgol
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\BabSolution
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Local\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\searchgol
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-14 17:31 - 2013-07-22 16:07 - 00020312 _____ (Systweak Inc., (Systweak - Download Software utilities for Windows optimization, Scan & Clean Spyware for Free)) C:\Windows\system32\roboot64.exe
2013-10-14 17:30 - 2013-10-15 18:30 - 00000288 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-14 17:30 - 2013-10-14 17:30 - 00003224 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-14 17:30 - 2013-10-14 17:30 - 00000000 ____D C:\Users\Juli\AppData\Roaming\DigitalSite
2013-10-14 17:30 - 2013-10-14 17:30 - 00000000 ____D C:\ProgramData\Babylon
2013-10-14 17:29 - 2013-10-14 17:29 - 00753504 _____ C:\Users\Juli\Downloads\ZipExtractorSetup.exe
2013-10-14 17:25 - 2013-10-15 18:07 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Skype
2013-10-14 17:25 - 2013-10-14 17:25 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-10-14 17:25 - 2013-10-14 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-14 17:25 - 2013-10-14 17:25 - 00000000 ____D C:\ProgramData\Skype
2013-10-14 17:23 - 2013-10-14 17:25 - 32542880 _____ (Skype Technologies S.A.) C:\Users\Juli\Downloads\Skype69SetupFull.exe
2013-10-14 15:38 - 2012-09-06 19:38 - 00295792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2013-10-14 15:38 - 2012-05-02 07:32 - 00208896 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2013-10-14 15:38 - 2010-12-21 08:16 - 00442880 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2013-10-14 15:38 - 2010-12-21 08:16 - 00258048 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2013-10-14 15:38 - 2010-12-21 08:16 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2013-10-14 15:38 - 2010-12-21 08:16 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\wscapi.dll
2013-10-14 15:38 - 2010-12-21 08:15 - 00264192 _____ (Microsoft Corporation) C:\Windows\system32\upnp.dll
2013-10-14 15:38 - 2010-12-21 08:15 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2013-10-14 15:38 - 2010-12-21 08:10 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2013-10-14 15:38 - 2010-12-21 07:38 - 00350720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2013-10-14 15:38 - 2010-12-21 07:38 - 00204800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2013-10-14 15:38 - 2010-12-21 07:38 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnp.dll
2013-10-14 15:38 - 2010-12-21 07:38 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscapi.dll
2013-10-14 15:38 - 2010-12-21 07:38 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2013-10-14 15:38 - 2010-12-21 07:34 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2013-10-14 15:37 - 2013-02-12 17:42 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2013-10-14 15:37 - 2013-02-12 17:37 - 03138048 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2013-10-14 15:37 - 2013-02-12 17:31 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2013-10-14 15:37 - 2013-02-12 17:13 - 02691072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2013-10-14 15:37 - 2013-02-12 17:07 - 00131072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2013-10-14 15:37 - 2013-02-12 15:59 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2013-10-14 15:37 - 2012-11-09 07:34 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2013-10-14 15:37 - 2012-11-09 06:49 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2013-10-14 15:37 - 2012-03-03 08:29 - 01837568 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2013-10-14 15:37 - 2012-03-03 08:29 - 01541120 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2013-10-14 15:37 - 2012-03-03 08:29 - 00902656 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2013-10-14 15:37 - 2012-03-03 08:29 - 00320512 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2013-10-14 15:37 - 2012-03-03 08:29 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2013-10-14 15:37 - 2012-03-03 07:40 - 01170944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2013-10-14 15:37 - 2012-03-03 07:40 - 01074176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2013-10-14 15:37 - 2012-03-03 07:40 - 00739840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2013-10-14 15:37 - 2012-03-03 07:40 - 00218624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2013-10-14 15:37 - 2012-03-03 07:40 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2013-10-14 15:37 - 2011-06-16 07:31 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2013-10-14 15:37 - 2011-06-16 06:35 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2013-10-14 15:37 - 2011-06-15 11:58 - 00212992 _____ (Microsoft Corporation) C:\Windows\system32\odbctrac.dll
2013-10-14 15:37 - 2011-06-15 11:58 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\odbccp32.dll
2013-10-14 15:37 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccu32.dll
2013-10-14 15:37 - 2011-06-15 11:58 - 00106496 _____ (Microsoft Corporation) C:\Windows\system32\odbccr32.dll
2013-10-14 15:37 - 2011-06-15 11:04 - 00319488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbcjt32.dll
2013-10-14 15:37 - 2011-06-15 11:04 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbctrac.dll
2013-10-14 15:37 - 2011-06-15 11:04 - 00122880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccp32.dll
2013-10-14 15:37 - 2011-06-15 11:04 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccu32.dll
2013-10-14 15:37 - 2011-06-15 11:04 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbccr32.dll
2013-10-14 15:37 - 2011-04-27 04:57 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dfsc.sys
2013-10-14 15:37 - 2011-04-09 08:58 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2013-10-14 15:37 - 2011-04-09 07:56 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2013-10-14 15:37 - 2011-02-26 08:23 - 02870272 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2013-10-14 15:37 - 2011-02-26 07:33 - 02614784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2013-10-14 15:37 - 2010-10-16 07:17 - 00720896 _____ (Microsoft Corporation) C:\Windows\system32\odbc32.dll
2013-10-14 15:37 - 2010-10-16 06:34 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\odbc32.dll
2013-10-14 15:36 - 2013-03-01 05:32 - 03150848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2013-10-14 15:36 - 2012-11-09 07:34 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2013-10-14 15:36 - 2012-11-09 06:49 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2013-10-14 15:36 - 2011-10-26 07:22 - 01572864 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2013-10-14 15:36 - 2011-10-26 07:22 - 00366592 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2013-10-14 15:36 - 2011-10-26 06:28 - 01328640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2013-10-14 15:36 - 2011-10-26 06:28 - 00514560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2013-10-14 15:36 - 2010-12-23 08:07 - 01118720 _____ (Microsoft Corporation) C:\Windows\system32\sbe.dll
2013-10-14 15:36 - 2010-12-23 08:07 - 00961024 _____ (Microsoft Corporation) C:\Windows\system32\CPFilters.dll
2013-10-14 15:36 - 2010-12-23 08:02 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\mpg2splt.ax
2013-10-14 15:36 - 2010-12-23 07:28 - 00850432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sbe.dll
2013-10-14 15:36 - 2010-12-23 07:28 - 00642048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CPFilters.dll
2013-10-14 15:36 - 2010-12-23 07:24 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mpg2splt.ax
2013-10-14 15:36 - 2010-08-26 07:27 - 00148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2013-10-14 15:36 - 2010-08-26 06:39 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2013-10-14 15:35 - 2012-01-04 11:58 - 00509952 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2013-10-14 15:35 - 2012-01-04 11:03 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2013-10-14 15:35 - 2011-11-17 09:12 - 00395776 _____ (Microsoft Corporation) C:\Windows\system32\webio.dll
2013-10-14 15:35 - 2011-11-17 07:39 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webio.dll
2013-10-14 15:35 - 2011-07-09 04:44 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2013-10-14 15:35 - 2011-05-04 07:30 - 02326016 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2013-10-14 15:35 - 2011-05-04 07:28 - 02228224 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2013-10-14 15:35 - 2011-05-04 07:28 - 00779264 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2013-10-14 15:35 - 2011-05-04 07:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2013-10-14 15:35 - 2011-05-04 07:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2013-10-14 15:35 - 2011-05-04 07:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2013-10-14 15:35 - 2011-05-04 07:24 - 00593408 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2013-10-14 15:35 - 2011-05-04 07:24 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2013-10-14 15:35 - 2011-05-04 07:24 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2013-10-14 15:35 - 2011-05-04 06:53 - 01553920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2013-10-14 15:35 - 2011-05-04 06:52 - 01401856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2013-10-14 15:35 - 2011-05-04 06:52 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2013-10-14 15:35 - 2011-05-04 06:52 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2013-10-14 15:35 - 2011-05-04 06:52 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2013-10-14 15:35 - 2011-05-04 06:52 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2013-10-14 15:35 - 2011-05-04 06:52 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2013-10-14 15:35 - 2011-05-04 06:52 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2013-10-14 15:35 - 2011-05-04 06:52 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2013-10-14 15:35 - 2011-05-04 04:51 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2013-10-14 15:35 - 2011-05-04 04:51 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2013-10-14 15:35 - 2010-11-02 07:18 - 00524288 _____ (Microsoft Corporation) C:\Windows\system32\wmicmiplugin.dll
2013-10-14 15:35 - 2010-11-02 07:17 - 01169408 _____ (Microsoft Corporation) C:\Windows\system32\taskschd.dll
2013-10-14 15:35 - 2010-11-02 07:17 - 00473600 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2013-10-14 15:35 - 2010-11-02 07:16 - 01114624 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2013-10-14 15:35 - 2010-11-02 07:10 - 00464384 _____ (Microsoft Corporation) C:\Windows\system32\taskeng.exe
2013-10-14 15:35 - 2010-11-02 07:10 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\schtasks.exe
2013-10-14 15:35 - 2010-11-02 06:40 - 00496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskschd.dll
2013-10-14 15:35 - 2010-11-02 06:40 - 00305152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2013-10-14 15:35 - 2010-11-02 06:34 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskeng.exe
2013-10-14 15:35 - 2010-11-02 06:34 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
2013-10-14 15:35 - 2010-06-29 07:39 - 02085376 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2013-10-14 15:35 - 2010-06-29 07:02 - 01413632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2013-10-14 15:35 - 2010-05-05 09:37 - 00483840 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2013-10-14 15:35 - 2010-05-05 08:46 - 00363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2013-10-14 15:34 - 2013-04-12 16:36 - 01653096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2013-10-14 15:34 - 2012-01-03 08:24 - 00515584 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2013-10-14 15:34 - 2012-01-03 07:44 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\timedate.cpl
2013-10-14 15:34 - 2011-03-12 14:03 - 00662528 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2013-10-14 15:34 - 2011-03-12 13:31 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2013-10-14 15:34 - 2011-03-11 08:19 - 01395712 _____ (Microsoft Corporation) C:\Windows\system32\mfc42.dll
2013-10-14 15:34 - 2011-03-11 08:19 - 01359872 _____ (Microsoft Corporation) C:\Windows\system32\mfc42u.dll
2013-10-14 15:34 - 2011-03-11 07:40 - 01164288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42u.dll
2013-10-14 15:34 - 2011-03-11 07:40 - 01137664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc42.dll
2013-10-14 15:34 - 2011-02-24 08:30 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2013-10-14 15:34 - 2011-02-24 07:32 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2013-10-14 15:34 - 2010-08-21 08:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2013-10-14 15:34 - 2010-08-21 07:33 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2013-10-14 15:34 - 2010-08-04 09:07 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\msdri.dll
2013-10-14 15:33 - 2013-02-12 16:02 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2013-10-14 15:33 - 2012-11-02 07:30 - 02001408 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2013-10-14 15:33 - 2012-11-02 07:30 - 01880064 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2013-10-14 15:33 - 2012-11-02 06:50 - 01388544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2013-10-14 15:33 - 2012-11-02 06:50 - 01236992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2013-10-14 15:33 - 2012-08-02 19:55 - 00574464 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2013-10-14 15:33 - 2012-08-02 19:05 - 00490496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2013-10-14 15:33 - 2012-06-09 07:30 - 14165504 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2013-10-14 15:33 - 2012-06-09 06:46 - 12868608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2013-10-14 15:33 - 2012-06-02 07:38 - 00152432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2013-10-14 15:33 - 2012-06-02 07:38 - 00095088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2013-10-14 15:33 - 2012-06-02 07:37 - 00459216 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2013-10-14 15:33 - 2012-06-02 07:27 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2013-10-14 15:33 - 2012-06-02 06:48 - 00225280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2013-10-14 15:33 - 2012-06-02 06:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2013-10-14 15:33 - 2012-06-02 06:42 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2013-10-14 15:33 - 2012-04-26 07:34 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2013-10-14 15:33 - 2012-04-26 07:34 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\rdpwsx.dll
2013-10-14 15:33 - 2012-04-26 07:28 - 00009216 _____ (Microsoft Corporation) C:\Windows\system32\rdrmemptylst.exe
2013-10-14 15:33 - 2011-11-17 09:11 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2013-10-14 15:33 - 2011-11-17 09:11 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2013-10-14 15:33 - 2011-11-17 09:11 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2013-10-14 15:33 - 2011-11-17 09:08 - 01446912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2013-10-14 15:33 - 2011-11-17 09:05 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2013-10-14 15:33 - 2011-04-22 22:18 - 00027008 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2013-10-14 15:33 - 2011-01-26 08:53 - 00982912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2013-10-14 15:33 - 2011-01-26 08:53 - 00265088 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2013-10-14 15:33 - 2011-01-26 08:31 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2013-10-14 15:33 - 2010-11-02 07:18 - 00229888 _____ (Microsoft Corporation) C:\Windows\system32\XpsRasterService.dll
2013-10-14 15:33 - 2010-11-02 07:12 - 01133568 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2013-10-14 15:33 - 2010-11-02 06:41 - 00135168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsRasterService.dll
2013-10-14 15:33 - 2010-06-26 07:31 - 01863680 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2013-10-14 15:33 - 2010-06-26 07:14 - 01495040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2013-10-14 15:33 - 2010-05-23 12:15 - 01619456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2013-10-14 15:33 - 2010-05-23 12:11 - 03181568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2013-10-14 15:33 - 2010-05-23 12:11 - 00196608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfreadwrite.dll
2013-10-14 15:33 - 2010-05-23 10:37 - 01888256 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2013-10-14 15:33 - 2010-05-23 10:35 - 04068864 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2013-10-14 15:33 - 2010-05-23 10:35 - 00257024 _____ (Microsoft Corporation) C:\Windows\system32\mfreadwrite.dll
2013-10-14 15:33 - 2010-05-23 10:35 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2013-10-14 15:32 - 2013-01-04 07:37 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2013-10-14 15:32 - 2013-01-04 07:37 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2013-10-14 15:32 - 2013-01-04 07:37 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2013-10-14 15:32 - 2013-01-04 07:36 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2013-10-14 15:32 - 2013-01-04 07:33 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2013-10-14 15:32 - 2013-01-04 07:30 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2013-10-14 15:32 - 2013-01-04 07:30 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:27 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 07:26 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:51 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2013-10-14 15:32 - 2013-01-04 06:51 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2013-10-14 15:32 - 2013-01-04 06:51 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 06:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 05:19 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2013-10-14 15:32 - 2013-01-04 04:48 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2013-10-14 15:32 - 2013-01-04 04:48 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2013-10-14 15:32 - 2013-01-04 04:48 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2013-10-14 15:32 - 2013-01-04 04:48 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2013-10-14 15:32 - 2013-01-04 04:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 04:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 04:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2013-10-14 15:32 - 2013-01-04 04:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2013-10-14 15:32 - 2012-11-20 07:55 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2013-10-14 15:32 - 2012-11-20 07:10 - 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2013-10-14 15:32 - 2012-11-02 07:27 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\dpnet.dll
2013-10-14 15:32 - 2012-11-02 06:48 - 00376832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpnet.dll
2013-10-14 15:32 - 2012-08-24 20:05 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2013-10-14 15:32 - 2012-08-24 19:10 - 00172544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2013-10-14 15:32 - 2011-03-03 08:17 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2013-10-14 15:32 - 2011-03-03 08:17 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2013-10-14 15:32 - 2011-03-03 08:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\dnscacheugc.exe
2013-10-14 15:32 - 2011-03-03 07:29 - 00269824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2013-10-14 15:32 - 2011-03-03 07:27 - 00028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnscacheugc.exe
2013-10-14 15:32 - 2010-08-21 08:38 - 01024512 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2013-10-14 15:32 - 2010-08-21 07:36 - 00738816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmpmde.dll
2013-10-14 15:31 - 2013-01-04 07:41 - 01893224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2013-10-14 15:31 - 2013-01-04 07:40 - 00287576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2013-10-14 15:31 - 2012-12-07 07:41 - 00441856 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2013-10-14 15:31 - 2012-12-07 07:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2013-10-14 15:31 - 2012-12-07 07:04 - 00308736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2013-10-14 15:31 - 2012-12-07 06:57 - 02576384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2013-10-14 15:31 - 2012-12-07 05:45 - 00055296 _____ (Microsoft) C:\Windows\system32\cero.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00051712 _____ (Microsoft) C:\Windows\system32\esrb.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00046592 _____ (Microsoft) C:\Windows\system32\fpb.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00045568 _____ (Microsoft) C:\Windows\system32\oflc-nz.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00044544 _____ (Microsoft) C:\Windows\system32\pegibbfc.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00043520 _____ (Microsoft) C:\Windows\system32\csrr.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00040960 _____ (Microsoft) C:\Windows\system32\cob-au.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00030720 _____ (Microsoft) C:\Windows\system32\usk.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00023552 _____ (Microsoft) C:\Windows\system32\oflc.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00021504 _____ (Microsoft) C:\Windows\system32\grb.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-pt.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi-fi.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00020480 _____ (Microsoft) C:\Windows\system32\pegi.rs
2013-10-14 15:31 - 2012-12-07 05:45 - 00015360 _____ (Microsoft) C:\Windows\system32\djctq.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00055296 _____ (Microsoft) C:\Windows\SysWOW64\cero.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00051712 _____ (Microsoft) C:\Windows\SysWOW64\esrb.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00046592 _____ (Microsoft) C:\Windows\SysWOW64\fpb.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00045568 _____ (Microsoft) C:\Windows\SysWOW64\oflc-nz.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00044544 _____ (Microsoft) C:\Windows\SysWOW64\pegibbfc.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00043520 _____ (Microsoft) C:\Windows\SysWOW64\csrr.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00040960 _____ (Microsoft) C:\Windows\SysWOW64\cob-au.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00030720 _____ (Microsoft) C:\Windows\SysWOW64\usk.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00023552 _____ (Microsoft) C:\Windows\SysWOW64\oflc.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00021504 _____ (Microsoft) C:\Windows\SysWOW64\grb.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-pt.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi-fi.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00020480 _____ (Microsoft) C:\Windows\SysWOW64\pegi.rs
2013-10-14 15:31 - 2012-12-07 05:21 - 00015360 _____ (Microsoft) C:\Windows\SysWOW64\djctq.rs
2013-10-14 15:31 - 2012-11-22 12:32 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2013-10-14 15:31 - 2012-11-22 11:33 - 00627712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2013-10-14 15:31 - 2011-04-29 05:13 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2013-10-14 15:31 - 2011-04-29 05:12 - 00399872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2013-10-14 15:31 - 2011-04-29 05:12 - 00161792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2013-10-14 15:30 - 2012-11-30 01:21 - 00420032 _____ C:\Windows\SysWOW64\locale.nls
2013-10-14 15:30 - 2012-11-30 01:19 - 00420032 _____ C:\Windows\system32\locale.nls
2013-10-14 15:30 - 2012-08-11 02:53 - 00714752 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2013-10-14 15:30 - 2012-08-11 01:54 - 00541184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2013-10-14 15:30 - 2012-04-28 05:50 - 00204800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2013-10-14 15:30 - 2012-04-07 14:18 - 03213824 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2013-10-14 15:30 - 2012-04-07 13:34 - 02342400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2013-10-14 15:30 - 2012-03-17 09:55 - 00075632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2013-10-14 15:30 - 2011-12-28 05:59 - 00499200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2013-10-14 15:30 - 2011-08-17 07:32 - 00613888 _____ (Microsoft Corporation) C:\Windows\system32\psisdecd.dll
2013-10-14 15:30 - 2011-08-17 07:27 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\MSNP.ax
2013-10-14 15:30 - 2011-08-17 07:27 - 00108032 _____ (Microsoft Corporation) C:\Windows\system32\psisrndr.ax
2013-10-14 15:30 - 2011-08-17 07:27 - 00104960 _____ (Microsoft Corporation) C:\Windows\system32\Mpeg2Data.ax
2013-10-14 15:30 - 2011-08-17 07:27 - 00075776 _____ (Microsoft Corporation) C:\Windows\system32\MSDvbNP.ax
2013-10-14 15:30 - 2011-08-17 06:26 - 00465408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisdecd.dll
2013-10-14 15:30 - 2011-08-17 06:22 - 00204288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSNP.ax
2013-10-14 15:30 - 2011-08-17 06:22 - 00075776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\psisrndr.ax
2013-10-14 15:30 - 2011-08-17 06:22 - 00072704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Mpeg2Data.ax
2013-10-14 15:30 - 2011-08-17 06:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSDvbNP.ax
2013-10-14 15:29 - 2012-09-26 00:39 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\synceng.dll
2013-10-14 15:29 - 2012-09-25 23:55 - 00078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\synceng.dll
2013-10-14 15:29 - 2011-02-05 14:41 - 00640896 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2013-10-14 15:29 - 2011-02-05 14:41 - 00556928 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2013-10-14 15:29 - 2011-02-05 14:41 - 00020352 _____ (Microsoft Corporation) C:\Windows\system32\kdusb.dll
2013-10-14 15:29 - 2011-02-05 14:41 - 00019328 _____ (Microsoft Corporation) C:\Windows\system32\kd1394.dll
2013-10-14 15:29 - 2011-02-05 14:41 - 00017792 _____ (Microsoft Corporation) C:\Windows\system32\kdcom.dll
2013-10-14 15:29 - 2011-02-05 14:39 - 00603976 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2013-10-14 15:29 - 2011-02-05 14:39 - 00518160 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2013-10-14 15:29 - 2010-08-31 06:32 - 00954752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40.dll
2013-10-14 15:29 - 2010-08-31 06:32 - 00954288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc40u.dll
2013-10-14 15:28 - 2013-01-24 07:41 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2013-10-14 15:28 - 2012-07-05 00:04 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\netapi32.dll
2013-10-14 15:28 - 2012-07-05 00:01 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\browser.dll
2013-10-14 15:28 - 2012-07-05 00:01 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\browcli.dll
2013-10-14 15:28 - 2012-07-04 23:26 - 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netapi32.dll
2013-10-14 15:28 - 2012-07-04 23:23 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\browcli.dll
2013-10-14 15:28 - 2012-05-05 10:30 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2013-10-14 15:28 - 2012-05-05 09:44 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2013-10-14 15:28 - 2011-05-24 13:21 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\umpnpmgr.dll
2013-10-14 15:28 - 2011-05-24 12:34 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cfgmgr32.dll
2013-10-14 15:28 - 2011-05-24 12:34 - 00064512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devobj.dll
2013-10-14 15:28 - 2011-05-24 12:34 - 00044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\devrtl.dll
2013-10-14 15:28 - 2011-05-24 12:32 - 00252928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drvinst.exe
2013-10-14 15:28 - 2011-02-18 08:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\prevhost.exe
2013-10-14 15:28 - 2011-02-18 07:33 - 00031232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prevhost.exe
2013-10-14 15:28 - 2010-12-18 08:08 - 01097216 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2013-10-14 15:28 - 2010-12-18 07:26 - 01034240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2013-10-14 15:28 - 2010-09-01 07:21 - 14627840 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2013-10-14 15:28 - 2010-09-01 07:12 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2013-10-14 15:28 - 2010-09-01 06:29 - 11406848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2013-10-14 15:28 - 2010-09-01 06:23 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2013-10-14 15:27 - 2011-12-16 10:42 - 00634368 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2013-10-14 15:27 - 2011-12-16 09:59 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2013-10-14 15:27 - 2011-05-03 07:21 - 00976896 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2013-10-14 15:27 - 2011-05-03 06:50 - 00740864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2013-10-14 15:27 - 2011-02-12 08:14 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\FXSCOVER.exe
2013-10-14 15:27 - 2010-10-16 07:23 - 00112000 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2013-10-14 15:26 - 2013-03-19 08:19 - 05497688 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2013-10-14 15:26 - 2013-03-19 07:54 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2013-10-14 15:26 - 2013-03-19 07:06 - 03958120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2013-10-14 15:26 - 2013-03-19 07:06 - 03902312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2013-10-14 15:26 - 2013-03-19 06:53 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2013-10-14 15:26 - 2013-03-19 05:19 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2013-10-14 15:26 - 2012-05-14 07:20 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2013-10-14 15:26 - 2012-02-11 08:29 - 00559104 _____ (Microsoft Corporation) C:\Windows\system32\spoolsv.exe
2013-10-14 15:26 - 2012-02-11 08:29 - 00067584 _____ (Microsoft Corporation) C:\Windows\splwow64.exe
2013-10-14 15:26 - 2011-11-17 09:14 - 01739160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2013-10-14 15:26 - 2011-11-17 07:41 - 01292592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2013-10-14 15:26 - 2011-10-15 08:25 - 00723456 _____ (Microsoft Corporation) C:\Windows\system32\EncDec.dll
2013-10-14 15:26 - 2011-10-15 07:48 - 00534528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EncDec.dll
2013-10-14 15:26 - 2011-08-27 07:40 - 00861184 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2013-10-14 15:26 - 2011-08-27 07:40 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\oleacc.dll
2013-10-14 15:26 - 2011-08-27 06:43 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2013-10-14 15:26 - 2011-08-27 06:43 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleacc.dll
2013-10-14 15:26 - 2011-02-23 07:15 - 00090624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2013-10-14 15:26 - 2010-08-27 08:14 - 00236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2013-10-14 15:26 - 2010-08-27 07:46 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2013-10-14 15:25 - 2012-06-02 07:25 - 01462784 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2013-10-14 15:25 - 2012-06-02 07:25 - 00182272 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2013-10-14 15:25 - 2012-06-02 07:25 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2013-10-14 15:25 - 2012-06-02 06:45 - 01157632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2013-10-14 15:25 - 2012-06-02 06:45 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2013-10-14 15:25 - 2012-06-02 06:45 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2013-10-14 14:59 - 2011-11-19 17:07 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2013-10-14 14:59 - 2011-11-19 16:06 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2013-10-14 14:46 - 2013-10-15 09:50 - 00097900 _____ C:\Windows\PFRO.log
2013-10-13 20:50 - 2013-10-13 20:51 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-13 20:37 - 2013-10-13 20:37 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Avira
2013-10-13 20:35 - 2013-10-13 20:41 - 163606685 _____ C:\Users\Juli\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-10-13 20:31 - 2013-10-13 20:31 - 00000000 ____D C:\ProgramData\Avira
2013-10-13 20:31 - 2013-10-13 20:31 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-13 20:31 - 2013-09-30 11:01 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-10-13 20:31 - 2013-09-30 11:01 - 00105856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-10-13 20:31 - 2013-09-30 11:01 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-10-13 20:31 - 2013-09-30 11:01 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2013-10-13 20:26 - 2013-10-13 20:30 - 122946048 _____ C:\Users\Juli\Downloads\avira14_free_antivirus_de.exe
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\Photo
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\Games
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\College
2013-10-13 20:18 - 2013-10-14 15:08 - 00063568 _____ C:\Users\Juli\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-13 20:10 - 2012-02-15 08:27 - 01031680 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2013-10-13 20:10 - 2012-02-15 07:44 - 00826368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2013-10-13 20:10 - 2012-02-15 06:46 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdtcp.sys
2013-10-13 20:08 - 2013-10-13 20:08 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-13 20:07 - 2013-10-15 18:30 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA.job
2013-10-13 20:07 - 2013-10-15 00:30 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core.job
2013-10-13 20:07 - 2013-10-15 00:25 - 00004084 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA
2013-10-13 20:07 - 2013-10-15 00:25 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core
2013-10-13 20:07 - 2013-10-13 20:08 - 00000000 ____D C:\Users\Juli\AppData\Local\Google
2013-10-13 20:03 - 2013-10-15 10:00 - 00001439 _____ C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-13 20:03 - 2013-10-15 10:00 - 00001405 _____ C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-10-13 20:03 - 2013-10-15 10:00 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-13 20:03 - 2013-10-15 10:00 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-13 20:02 - 2013-10-13 20:03 - 00000000 ____D C:\Users\Juli
2013-10-13 20:02 - 2013-10-13 20:02 - 00003532 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-10-13 20:02 - 2013-10-13 20:02 - 00000020 ___SH C:\Users\Juli\ntuser.ini
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Vorlagen
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Startmenü
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Netzwerkumgebung
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Lokale Einstellungen
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Eigene Dateien
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Druckumgebung
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Documents\Eigene Musik
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Documents\Eigene Bilder
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Local\Verlauf
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Local\Anwendungsdaten
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Anwendungsdaten
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 ____D C:\Users\Juli\AppData\Local\VirtualStore
2013-10-13 20:02 - 2009-07-14 06:54 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2013-10-13 20:02 - 2009-07-14 06:49 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2013-10-13 20:01 - 2013-10-13 20:01 - 00206312 __RSH C:\MYMXU
2013-10-13 20:01 - 2013-10-13 20:01 - 00000009 __RSH C:\Windows\installed
2013-10-13 20:01 - 2013-10-13 20:01 - 00000009 __RSH C:\wedaolu
2013-10-13 20:01 - 2012-06-03 00:19 - 02428952 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2013-10-13 20:01 - 2012-06-03 00:19 - 00701976 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2013-10-13 20:01 - 2012-06-03 00:19 - 00057880 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2013-10-13 20:01 - 2012-06-03 00:19 - 00044056 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2013-10-13 20:01 - 2012-06-03 00:19 - 00038424 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2013-10-13 20:01 - 2012-06-03 00:15 - 02622464 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2013-10-13 20:01 - 2012-06-03 00:15 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2013-10-13 20:01 - 2012-06-02 15:19 - 00186752 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2013-10-13 20:01 - 2012-06-02 15:15 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2013-10-13 20:00 - 2013-10-13 20:00 - 00000019 ____H C:\Windows\Slic.log
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 __SHD C:\Recovery
2013-10-13 18:35 - 2013-10-13 20:01 - 00000000 ____D C:\Windows\Panther
2013-10-13 18:35 - 2013-10-13 18:35 - 00008192 __RSH C:\BOOTSECT.BAK
2013-10-13 18:35 - 2009-07-14 03:38 - 00383562 __RSH C:\bootmgr
2013-10-13 17:39 - 2013-10-15 18:32 - 01913275 _____ C:\Windows\WindowsUpdate.log
2013-10-13 17:39 - 2013-10-13 17:39 - 00001313 _____ C:\Windows\TSSysprep.log
2013-10-13 17:38 - 2013-10-13 17:38 - 00000000 _____ C:\Windows\ativpsrm.bin

==================== One Month Modified Files and Folders =======

2013-10-15 18:32 - 2013-10-13 17:39 - 01913275 _____ C:\Windows\WindowsUpdate.log
2013-10-15 18:30 - 2013-10-15 18:30 - 00000000 ____D C:\TDSSKiller_Quarantine
2013-10-15 18:30 - 2013-10-14 17:30 - 00000288 _____ C:\Windows\Tasks\DigitalSite.job
2013-10-15 18:30 - 2013-10-13 20:07 - 00001116 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA.job
2013-10-15 18:10 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\Whilokii
2013-10-15 18:08 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\eSafe
2013-10-15 18:07 - 2013-10-15 18:07 - 04101145 _____ C:\Users\Juli\Downloads\tdsskiller (1).zip
2013-10-15 18:07 - 2013-10-15 15:37 - 04121952 _____ (Kaspersky Lab ZAO) C:\Users\Juli\Desktop\TDSSKiller.exe
2013-10-15 18:07 - 2013-10-14 17:25 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Skype
2013-10-15 18:05 - 2013-10-14 17:31 - 00000922 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
2013-10-15 18:05 - 2009-07-14 06:51 - 00016845 _____ C:\Windows\setupact.log
2013-10-15 11:30 - 2013-10-15 11:30 - 00648160 _____ (Unity Technologies ApS) C:\Users\Juli\Downloads\UnityWebPlayer.exe
2013-10-15 11:30 - 2013-10-15 11:30 - 00000000 ____D C:\Users\Juli\AppData\Local\Unity
2013-10-15 11:29 - 2013-10-14 18:30 - 00000089 _____ C:\Users\Juli\AppData\Roaming\WB.CFG
2013-10-15 11:29 - 2013-10-14 18:30 - 00000006 _____ C:\Users\Juli\AppData\Roaming\WBPU-TTL.DAT
2013-10-15 10:59 - 2013-10-15 10:59 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Adobe
2013-10-15 10:59 - 2013-10-15 10:38 - 00000000 ____D C:\ProgramData\Adobe
2013-10-15 10:59 - 2013-10-15 10:35 - 00000000 ____D C:\Users\Juli\AppData\Local\Adobe
2013-10-15 10:49 - 2013-10-14 17:52 - 00015365 _____ C:\Users\Juli\Downloads\Addition.txt
2013-10-15 10:42 - 2013-10-15 10:42 - 00011152 _____ C:\Users\Juli\Desktop\Ereignisse.txt
2013-10-15 10:38 - 2013-10-15 10:38 - 00002019 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk
2013-10-15 10:38 - 2013-10-15 10:38 - 00000000 ____D C:\Program Files (x86)\Adobe
2013-10-15 10:12 - 2009-07-14 19:58 - 00654166 _____ C:\Windows\system32\perfh007.dat
2013-10-15 10:12 - 2009-07-14 19:58 - 00130006 _____ C:\Windows\system32\perfc007.dat
2013-10-15 10:12 - 2009-07-14 07:13 - 01514526 _____ C:\Windows\system32\PerfStringBackup.INI
2013-10-15 10:04 - 2009-07-14 06:45 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2013-10-15 10:04 - 2009-07-14 06:45 - 00020512 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2013-10-15 10:00 - 2013-10-14 17:31 - 00000918 _____ C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
2013-10-15 10:00 - 2013-10-13 20:03 - 00001439 _____ C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2013-10-15 10:00 - 2013-10-13 20:03 - 00001405 _____ C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2013-10-15 10:00 - 2013-10-13 20:03 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2013-10-15 10:00 - 2013-10-13 20:03 - 00000000 ___RD C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2013-10-15 09:58 - 2013-10-14 17:31 - 00003420 _____ C:\Windows\System32\Tasks\BitGuard
2013-10-15 09:56 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2013-10-15 09:56 - 2009-07-14 06:45 - 00294752 _____ C:\Windows\system32\FNTCACHE.DAT
2013-10-15 09:54 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\System
2013-10-15 09:53 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2013-10-15 09:52 - 2009-07-14 20:18 - 00000000 ____D C:\Program Files\Windows Journal
2013-10-15 09:50 - 2013-10-14 14:46 - 00097900 _____ C:\Windows\PFRO.log
2013-10-15 01:10 - 2013-10-15 01:04 - 00004905 _____ C:\Windows\IE9_main.log
2013-10-15 01:08 - 2013-10-15 01:08 - 17833984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 12336128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 10926080 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 09739264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 03695416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2013-10-15 01:08 - 2013-10-15 01:08 - 03695416 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2013-10-15 01:08 - 2013-10-15 01:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2013-10-15 01:08 - 2013-10-15 01:08 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2013-10-15 01:08 - 2013-10-15 01:08 - 02312704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 02147840 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01800704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01494528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2013-10-15 01:08 - 2013-10-15 01:08 - 01427968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2013-10-15 01:08 - 2013-10-15 01:08 - 01392128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01346560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01129472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 01104896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00717824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00599040 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00534528 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00448512 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2013-10-15 01:08 - 2013-10-15 01:08 - 00434176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00420864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00403248 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2013-10-15 01:08 - 2013-10-15 01:08 - 00353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00353584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00267776 _____ (Microsoft Corporation) C:\Windows\system32\ieaksie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00249344 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00237056 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00227840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieaksie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00203776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00176640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\ieakui.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00162304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\ieakeng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00152064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00150528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00149504 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00145920 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00130560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieakeng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00123392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00118784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00114176 _____ (Microsoft Corporation) C:\Windows\system32\admparse.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00110592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00101888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\admparse.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00091648 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00078848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2013-10-15 01:08 - 2013-10-15 01:08 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00074752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ie4uinit.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00066048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2013-10-15 01:08 - 2013-10-15 01:08 - 00055296 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00049664 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00041472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00035840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00031744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2013-10-15 01:08 - 2013-10-15 01:08 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2013-10-15 01:08 - 2013-10-15 01:08 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2013-10-15 00:30 - 2013-10-13 20:07 - 00001064 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core.job
2013-10-15 00:25 - 2013-10-13 20:07 - 00004084 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA
2013-10-15 00:25 - 2013-10-13 20:07 - 00003688 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core
2013-10-14 18:54 - 2013-10-14 18:54 - 00000000 ____D C:\Users\Juli\AppData\Local\avgchrome
2013-10-14 17:51 - 2013-10-14 17:51 - 00000000 ____D C:\FRST
2013-10-14 17:49 - 2013-10-14 17:49 - 01954124 _____ (Farbar) C:\Users\Juli\Downloads\FRST64.exe
2013-10-14 17:49 - 2013-10-14 17:49 - 00000000 ____D C:\Users\Juli\Documents\My Received Files
2013-10-14 17:49 - 2013-10-14 17:49 - 00000000 ____D C:\Users\Juli\AppData\Roaming\MusicNet
2013-10-14 17:47 - 2013-10-14 17:47 - 01332104 _____ (iMesh Inc) C:\Users\Juli\Downloads\iMeshSetup-r1487-w-bc.exe
2013-10-14 17:43 - 2013-10-14 17:33 - 00000000 ____D C:\Program Files (x86)\MyPC Backup
2013-10-14 17:42 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Systweak
2013-10-14 17:36 - 2013-10-14 17:35 - 04101172 _____ C:\Users\Juli\Downloads\tdsskiller.zip
2013-10-14 17:34 - 2013-10-14 17:33 - 02240864 _____ (Kaspersky Lab ZAO) C:\Users\Juli\Downloads\tdsskiller.exe
2013-10-14 17:31 - 2013-10-14 17:31 - 00003918 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
2013-10-14 17:31 - 2013-10-14 17:31 - 00003666 _____ C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
2013-10-14 17:31 - 2013-10-14 17:31 - 00003384 _____ C:\Windows\System32\Tasks\BonanzaDealsUpdate
2013-10-14 17:31 - 2013-10-14 17:31 - 00003382 _____ C:\Windows\System32\Tasks\EPUpdater
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Windows\SysWOW64\searchplugins
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Windows\SysWOW64\Extensions
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\searchgol
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BonanzaDeals
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Roaming\BabSolution
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Users\Juli\AppData\Local\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\ProgramData\BitGuard
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\searchgol
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\BonanzaDealsLive
2013-10-14 17:31 - 2013-10-14 17:31 - 00000000 ____D C:\Program Files (x86)\BonanzaDeals
2013-10-14 17:30 - 2013-10-14 17:30 - 00003224 _____ C:\Windows\System32\Tasks\DigitalSite
2013-10-14 17:30 - 2013-10-14 17:30 - 00000000 ____D C:\Users\Juli\AppData\Roaming\DigitalSite
2013-10-14 17:30 - 2013-10-14 17:30 - 00000000 ____D C:\ProgramData\Babylon
2013-10-14 17:29 - 2013-10-14 17:29 - 00753504 _____ C:\Users\Juli\Downloads\ZipExtractorSetup.exe
2013-10-14 17:25 - 2013-10-14 17:25 - 00002517 _____ C:\Users\Public\Desktop\Skype.lnk
2013-10-14 17:25 - 2013-10-14 17:25 - 00000000 ___RD C:\Program Files (x86)\Skype
2013-10-14 17:25 - 2013-10-14 17:25 - 00000000 ____D C:\ProgramData\Skype
2013-10-14 17:25 - 2013-10-14 17:23 - 32542880 _____ (Skype Technologies S.A.) C:\Users\Juli\Downloads\Skype69SetupFull.exe
2013-10-14 15:08 - 2013-10-13 20:18 - 00063568 _____ C:\Users\Juli\AppData\Local\GDIPFONTCACHEV1.DAT
2013-10-13 20:51 - 2013-10-13 20:50 - 00000000 ____D C:\Program Files (x86)\OpenOffice 4
2013-10-13 20:44 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2013-10-13 20:41 - 2013-10-13 20:35 - 163606685 _____ C:\Users\Juli\Downloads\Apache_OpenOffice_4.0.1_Win_x86_install_de.exe
2013-10-13 20:37 - 2013-10-13 20:37 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Avira
2013-10-13 20:31 - 2013-10-13 20:31 - 00000000 ____D C:\ProgramData\Avira
2013-10-13 20:31 - 2013-10-13 20:31 - 00000000 ____D C:\Program Files (x86)\Avira
2013-10-13 20:30 - 2013-10-13 20:26 - 122946048 _____ C:\Users\Juli\Downloads\avira14_free_antivirus_de.exe
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\Photo
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\Games
2013-10-13 20:25 - 2013-10-13 20:25 - 00000000 ____D C:\Users\Juli\Desktop\College
2013-10-13 20:08 - 2013-10-13 20:08 - 00000000 ____D C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2013-10-13 20:08 - 2013-10-13 20:07 - 00000000 ____D C:\Users\Juli\AppData\Local\Google
2013-10-13 20:03 - 2013-10-13 20:02 - 00000000 ____D C:\Users\Juli
2013-10-13 20:02 - 2013-10-13 20:02 - 00003532 _____ C:\Windows\System32\Tasks\CreateChoiceProcessTask
2013-10-13 20:02 - 2013-10-13 20:02 - 00000020 ___SH C:\Users\Juli\ntuser.ini
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Vorlagen
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Startmenü
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Netzwerkumgebung
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Lokale Einstellungen
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Eigene Dateien
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Druckumgebung
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Documents\Eigene Musik
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Documents\Eigene Bilder
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Local\Verlauf
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\AppData\Local\Anwendungsdaten
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 _SHDL C:\Users\Juli\Anwendungsdaten
2013-10-13 20:02 - 2013-10-13 20:02 - 00000000 ____D C:\Users\Juli\AppData\Local\VirtualStore
2013-10-13 20:01 - 2013-10-13 20:01 - 00206312 __RSH C:\MYMXU
2013-10-13 20:01 - 2013-10-13 20:01 - 00000009 __RSH C:\Windows\installed
2013-10-13 20:01 - 2013-10-13 20:01 - 00000009 __RSH C:\wedaolu
2013-10-13 20:01 - 2013-10-13 18:35 - 00000000 ____D C:\Windows\Panther
2013-10-13 20:01 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\system32\restore
2013-10-13 20:01 - 2009-07-14 06:45 - 00000000 ____D C:\Windows\Setup
2013-10-13 20:00 - 2013-10-13 20:00 - 00000019 ____H C:\Windows\Slic.log
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Public\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Vorlagen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Startmenü
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Netzwerkumgebung
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Lokale Einstellungen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Eigene Dateien
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Druckumgebung
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Verlauf
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\AppData\Local\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Musik
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\Documents\Eigene Bilder
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Verlauf
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Users\Default User\AppData\Local\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Programme
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Vorlagen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Startmenü
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Favoriten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Dokumente
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\ProgramData\Anwendungsdaten
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Program Files\Gemeinsame Dateien
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 _SHDL C:\Dokumente und Einstellungen
2013-10-13 20:00 - 2013-10-13 20:00 - 00000000 __SHD C:\Recovery
2013-10-13 20:00 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Public\Libraries
2013-10-13 20:00 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2013-10-13 20:00 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\Recovery
2013-10-13 20:00 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Windows NT
2013-10-13 19:55 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2013-10-13 18:35 - 2013-10-13 18:35 - 00008192 __RSH C:\BOOTSECT.BAK
2013-10-13 18:35 - 2009-07-14 07:38 - 00025600 ___SH C:\Windows\system32\config\BCD-Template.LOG
2013-10-13 18:35 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template
2013-10-13 17:39 - 2013-10-13 17:39 - 00001313 _____ C:\Windows\TSSysprep.log
2013-10-13 17:39 - 2009-07-14 06:46 - 00001774 _____ C:\Windows\DtcInstall.log
2013-10-13 17:39 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2013-10-13 17:38 - 2013-10-13 17:38 - 00000000 _____ C:\Windows\ativpsrm.bin
2013-10-13 17:36 - 2009-07-14 20:18 - 00000000 ____D C:\Windows\CSC
2013-09-30 11:01 - 2013-10-13 20:31 - 00132600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2013-09-30 11:01 - 2013-10-13 20:31 - 00105856 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2013-09-30 11:01 - 2013-10-13 20:31 - 00083160 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2013-09-30 11:01 - 2013-10-13 20:31 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys

Some content of TEMP:
====================
C:\Users\Juli\AppData\Local\Temp\avgnt.exe
C:\Users\Juli\AppData\Local\Temp\BackupSetup.exe
C:\Users\Juli\AppData\Local\Temp\vcredist_x64.exe


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


LastRegBack: 2013-10-13 17:36

==================== End Of Log ============================
         
--- --- ---

Alt 15.10.2013, 17:35   #13
usernamejuli
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



FRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2013
Ran by Juli at 2013-10-15 18:33:12
Running from C:\Users\Juli\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

Adobe Reader XI (11.0.05) - Deutsch (x32 Version: 11.0.05)
Avira Free Antivirus (x32 Version: 14.0.0.383)
BitGuard (x32)
Bonanza Deals (remove only) (x32 Version: 5.0.1.0)
Google Chrome (HKCU Version: 30.0.1599.69)
Google Update Helper (x32 Version: 1.3.23.0)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft .NET Framework 4 Client Profile DEU Language Pack (Version: 4.0.30319)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
OpenOffice 4.0.1 (x32 Version: 4.01.9714)
Search-Gol Chrome Toolbar (x32)
searchgol toolbar   (x32 Version: 1.8.16.19)
Skype™ 6.9 (x32 Version: 6.9.106)
Unity Web Player (HKCU Version: )
Update for Zip Extractor (HKCU)
Whilokii 1.0.0 (Version: 1.0.0)
Wsys Control 10.2.1.2652 (x32 Version: 10.2.1.2652)

==================== Restore Points  =========================

13-10-2013 18:01:00 Windows Update
13-10-2013 18:11:09 Windows Update
13-10-2013 18:44:29 Installed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
13-10-2013 18:45:30 Installed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
13-10-2013 18:50:31 OpenOffice 4.0.1 wird installiert
14-10-2013 22:48:03 Windows Update
15-10-2013 08:02:38 Windows Update

==================== Hosts content: ==========================

2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {1FD998E1-DE97-4B6B-86A7-903DA75A8FA4} - System32\Tasks\EPUpdater => C:\Users\Juli\AppData\Roaming\BabSolution\Shared\BabMaint.exe [2013-09-01] ()
Task: {21CF6B4C-75BD-4E4F-B662-08F0617666F1} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-14] (BonanzaDeals)
Task: {31C87A3F-D9DD-4731-8B24-7F76073F7CA6} - System32\Tasks\BonanzaDealsUpdate => C:\Program
Task: {3C35ADCB-C581-42CF-98A7-BCB3019B11DE} - System32\Tasks\DigitalSite => C:\Users\Juli\AppData\Roaming\DigitalSite\UpdateProc\UpdateTask.exe [2013-04-12] ()
Task: {735A626E-462A-41E3-94F6-750158F6F79D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core => C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-13] (Google Inc.)
Task: {76083B94-767D-40F4-909A-EB8DEB47E42B} - System32\Tasks\BitGuard => Sc.exe start BitGuard
Task: {81FFDFFF-AB5D-4203-BCCE-93472A040B5B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA => C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe [2013-10-13] (Google Inc.)
Task: {CFDAC951-7928-4074-9C94-E3C9DC25429D} - System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe [2013-10-14] (BonanzaDeals)
Task: {E19D36C1-6633-4518-8F23-C4CD59FEED33} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe [2010-06-24] (Microsoft Corporation)
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job => C:\Program Files (x86)\BonanzaDealsLive\Update\BonanzaDealsLive.exe
Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Juli\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001Core.job => C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2709092868-643048114-1283248306-1001UA.job => C:\Users\Juli\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-10-14 17:31 - 2013-09-23 13:55 - 02704352 _____ () C:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.dll
2013-10-13 20:31 - 2013-09-30 11:01 - 00394824 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2013-10-13 20:08 - 2013-10-03 08:02 - 00698832 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\libglesv2.dll
2013-10-13 20:08 - 2013-10-03 08:02 - 00099792 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\libegl.dll
2013-10-13 20:08 - 2013-10-03 08:03 - 04055504 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\pdf.dll
2013-10-13 20:08 - 2013-10-03 08:03 - 00415184 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\ppGoogleNaClPluginChrome.dll
2013-10-13 20:08 - 2013-10-03 08:02 - 01604560 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\Application\30.0.1599.69\ffmpegsumo.dll
2013-10-15 00:31 - 2013-10-15 00:31 - 13584776 _____ () C:\Users\Juli\AppData\Local\Google\Chrome\User Data\PepperFlash\11.9.900.117\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================


==================== Faulty Device Manager Devices =============

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Basissystemgerät
Description: Basissystemgerät
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/15/2013 10:09:18 AM) (Source: .NET Runtime Optimization Service) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.Runtime.Serialization, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070005

Error: (10/15/2013 09:55:32 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: updateWhilokii.exe, Version: 1.0.5024.30748, Zeitstempel: 0x524db1d7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6fe66a64
ID des fehlerhaften Prozesses: 0x%9
Startzeit der fehlerhaften Anwendung: 0xupdateWhilokii.exe0
Pfad der fehlerhaften Anwendung: updateWhilokii.exe1
Pfad des fehlerhaften Moduls: updateWhilokii.exe2
Berichtskennung: updateWhilokii.exe3

Error: (10/15/2013 09:55:28 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: avguard.exe, Version: 14.0.0.335, Zeitstempel: 0x523c406e
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6fe66a64
ID des fehlerhaften Prozesses: 0xa58
Startzeit der fehlerhaften Anwendung: 0xavguard.exe0
Pfad der fehlerhaften Anwendung: avguard.exe1
Pfad des fehlerhaften Moduls: avguard.exe2
Berichtskennung: avguard.exe3

Error: (10/15/2013 09:55:25 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: updateWhilokii.exe, Version: 1.0.5024.30748, Zeitstempel: 0x524db1d7
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6fe66a64
ID des fehlerhaften Prozesses: 0x7c8
Startzeit der fehlerhaften Anwendung: 0xupdateWhilokii.exe0
Pfad der fehlerhaften Anwendung: updateWhilokii.exe1
Pfad des fehlerhaften Moduls: updateWhilokii.exe2
Berichtskennung: updateWhilokii.exe3

Error: (10/15/2013 09:55:20 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: BitGuard.exe, Version: 2.6.1694.246, Zeitstempel: 0x52402c9d
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6fe66a64
ID des fehlerhaften Prozesses: 0x69c
Startzeit der fehlerhaften Anwendung: 0xBitGuard.exe0
Pfad der fehlerhaften Anwendung: BitGuard.exe1
Pfad des fehlerhaften Moduls: BitGuard.exe2
Berichtskennung: BitGuard.exe3

Error: (10/15/2013 09:55:17 AM) (Source: Application Error) (User: )
Description: Name der fehlerhaften Anwendung: eGdpSvc.exe, Version: 10.2.1.2652, Zeitstempel: 0x5253e230
Name des fehlerhaften Moduls: unknown, Version: 0.0.0.0, Zeitstempel: 0x00000000
Ausnahmecode: 0xc0000005
Fehleroffset: 0x6fe66a64
ID des fehlerhaften Prozesses: 0x4c8
Startzeit der fehlerhaften Anwendung: 0xeGdpSvc.exe0
Pfad der fehlerhaften Anwendung: eGdpSvc.exe1
Pfad des fehlerhaften Moduls: eGdpSvc.exe2
Berichtskennung: eGdpSvc.exe3

Error: (10/13/2013 07:58:44 PM) (Source: Software Protection Platform Service) (User: )
Description: Fehler bei der Installation des Kaufnachweises. 0xC004F050
Teil-Pkey=VF3FW
ACID=?
Genauer Fehler[?]


System errors:
=============
Error: (10/15/2013 06:05:12 PM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (10/15/2013 10:02:43 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (User: NT-AUTORITÄT)
Description: Installationsfehler: Die Installation des folgenden Updates ist mit Fehler 0x80242016 fehlgeschlagen: Update für die Kompatibilitätsansichtsliste für Internet Explorer*8 für Windows 7 für x64-basierte Systeme (KB2598845)

Error: (10/15/2013 09:59:56 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Windows Modules Installer" wurde mit folgendem Fehler beendet: 
%%16405

Error: (10/15/2013 09:58:21 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Wsys Service" wurde nicht richtig gestartet.

Error: (10/15/2013 09:56:44 AM) (Source: atikmdag) (User: )
Description: Display is not active

Error: (10/15/2013 09:56:44 AM) (Source: atikmdag) (User: )
Description: CPLIB :: General - Invalid Parameter

Error: (10/15/2013 09:55:33 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Avira Echtzeit-Scanner" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.

Error: (10/15/2013 09:55:33 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "Update Whilokii" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1053

Error: (10/15/2013 09:55:33 AM) (Source: Service Control Manager) (User: )
Description: Das Zeitlimit (30000 ms) wurde beim Verbindungsversuch mit dem Dienst Update Whilokii erreicht.

Error: (10/15/2013 09:55:28 AM) (Source: Service Control Manager) (User: )
Description: Dienst "Avira Planer" wurde unerwartet beendet. Dies ist bereits 3 Mal passiert.


Microsoft Office Sessions:
=========================
Error: (10/15/2013 10:09:18 AM) (Source: .NET Runtime Optimization Service)(User: )
Description: .NET Runtime Optimization Service (clr_optimization_v4.0.30319_64) - Failed to compile: System.Runtime.Serialization, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089 . Error code = 0x80070005 
System.Runtime.Serialization, Version=3.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089

Error: (10/15/2013 09:55:32 AM) (Source: Application Error)(User: )
Description: updateWhilokii.exe1.0.5024.30748524db1d7unknown0.0.0.000000000c00000056fe66a64

Error: (10/15/2013 09:55:28 AM) (Source: Application Error)(User: )
Description: avguard.exe14.0.0.335523c406eunknown0.0.0.000000000c00000056fe66a64a5801cec97be992299fC:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exeunknown277312c5-356f-11e3-8d83-00238b890d3d

Error: (10/15/2013 09:55:25 AM) (Source: Application Error)(User: )
Description: updateWhilokii.exe1.0.5024.30748524db1d7unknown0.0.0.000000000c00000056fe66a647c801cec97b6ffec180C:\Program Files (x86)\Whilokii\updateWhilokii.exeunknown2631b900-356f-11e3-8d83-00238b890d3d

Error: (10/15/2013 09:55:20 AM) (Source: Application Error)(User: )
Description: BitGuard.exe2.6.1694.24652402c9dunknown0.0.0.000000000c00000056fe66a6469c01cec97b6e4b25aeC:\ProgramData\BitGuard\2.6.1694.246\{c16c1ccb-1111-4e5c-a2f3-533ad2fec8e8}\BitGuard.exeunknown23359f48-356f-11e3-8d83-00238b890d3d

Error: (10/15/2013 09:55:17 AM) (Source: Application Error)(User: )
Description: eGdpSvc.exe10.2.1.26525253e230unknown0.0.0.000000000c00000056fe66a644c801cec97b39548795C:\ProgramData\eSafe\eGdpSvc.exeunknown216ef874-356f-11e3-8d83-00238b890d3d

Error: (10/13/2013 07:58:44 PM) (Source: Software Protection Platform Service)(User: )
Description: 0xC004F050VF3FW??


==================== Memory info =========================== 

Percentage of memory in use: 67%
Total physical RAM: 4093.2 MB
Available physical RAM: 1348.05 MB
Total Pagefile: 8184.53 MB
Available Pagefile: 4871.42 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:453.74 GB) (Free:427.09 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:12.02 GB) (Free:1.93 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: 5ABD451A)
Partition 1: (Active) - (Size=454 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=12 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=3 MB) - (Type=17) ATTENTION ===> Suspicious partition bootkit on partition 3

==================== End Of Log ============================
         
--- --- ---

Alt 15.10.2013, 17:43   #14
aharonov
/// TB-Ausbilder
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Meldet Avira jetzt immer noch diese Funde?


Schritt 1
  • Gehe zu Start --> Systemsteuerung und öffne Programme und Funktionen.
  • Suche und deinstalliere dort der Reihe nach folgende Einträge:
    BitGuard
    Bonanza Deals
    Search-Gol Chrome Toolbar
    searchgol toolbar
    Update for Zip Extractor
    Whilokii 1.0.0
    Wsys Control 10.2.1.2652
  • Schliesse das Fenster wieder und führe einen Neustart durch, wenn das gefordert wurde.



Schritt 2

Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).



Schritt 3

Starte noch einmal FRST.
  • Ändere keine der Voreinstellungen und drücke auf Scan.
  • Wenn der Scan abgeschlossen ist, werden ein neues Logfile FRST.txt erstellt und auf dem Desktop gespeichert.
  • Poste den Inhalt dieses Logfiles bitte hier in deinen Thread.



Bitte poste in deiner nächsten Antwort:
  • Log von AdwCleaner
  • Log von FRST
__________________
cheers,
Leo

Alt 17.10.2013, 18:44   #15
usernamejuli
 
WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Standard

WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da



Schritt 2AdwCleaner Logfile:
Code:
ATTFilter
# AdwCleaner v3.008 - Bericht erstellt am 17/10/2013 um 19:24:34
# Updated 17/10/2013 von Xplode
# Betriebssystem : Windows 7 Professional  (64 bits)
# Benutzername : Juli - JULI-PC
# Gestartet von : C:\Users\Juli\Desktop\adwcleaner.exe
# Option : Löschen

***** [ Dienste ] *****

[#] Dienst Gelöscht : bonanzadealslive
[#] Dienst Gelöscht : bonanzadealslivem

***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\ProgramData\Babylon
[!] Ordner Gelöscht : C:\ProgramData\BitGuard
Ordner Gelöscht : C:\ProgramData\BonanzaDealsLive
Ordner Gelöscht : C:\ProgramData\eSafe
Ordner Gelöscht : C:\Program Files (x86)\BonanzaDeals
Ordner Gelöscht : C:\Program Files (x86)\BonanzaDealsLive
Ordner Gelöscht : C:\Program Files (x86)\MyPC Backup 
Ordner Gelöscht : C:\Users\Juli\AppData\Local\BonanzaDealsLive
Ordner Gelöscht : C:\Users\Juli\AppData\Local\Temp\eIntaller
Ordner Gelöscht : C:\Users\Juli\AppData\Roaming\digitalsite
Ordner Gelöscht : C:\Users\Juli\AppData\Roaming\Systweak
Ordner Gelöscht : C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Datei Gelöscht : C:\Windows\System32\roboot64.exe
Datei Gelöscht : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineCore.job
Datei Gelöscht : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineCore
Datei Gelöscht : C:\Windows\Tasks\BonanzaDealsLiveUpdateTaskMachineUA.job
Datei Gelöscht : C:\Windows\System32\Tasks\BonanzaDealsLiveUpdateTaskMachineUA
Datei Gelöscht : C:\Windows\Tasks\digitalsite.job
Datei Gelöscht : C:\Windows\System32\Tasks\digitalsite

***** [ Verknüpfungen ] *****

Verknüpfung Desinfiziert : C:\Users\Juli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Juli\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Verknüpfung Desinfiziert : C:\Users\Juli\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk

***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKLM\SOFTWARE\Google\Chrome\Extensions\ifohbjbgfchkkfhphahclmkpgejiplfo
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Prod.cap
Wert Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs [bProtectTabs]
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasapi32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\systweakasp_rasmancs
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASAPI32
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Tracing\UpdateTask_RASMANCS
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=3
Schlüssel Gelöscht : HKLM\SOFTWARE\MozillaPlugins\@tools.bdupdater.com/BonanzaDealsLive Update;version=9
Schlüssel Gelöscht : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Schlüssel Gelöscht : HKLM\SOFTWARE\8578f8bbd35e847
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{3BF72F68-72D8-461D-A884-329D936C5581}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{78E9D883-93CD-4072-BEF3-38EE581E2839}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\CLSID\{83AC1413-FCE4-4A46-9DD5-4F31F306E71F}
Schlüssel Gelöscht : HKLM\SOFTWARE\Classes\Interface\{2CE4D4CF-B278-4126-AD1E-B622DA2E8339}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7C3B01BC-53A5-48A0-A43B-0C67731134B9}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{0ABE0FED-50E7-4E42-A125-57C0A11DBCDE}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Daten Wiederhergestellt : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
Schlüssel Gelöscht : HKCU\Software\BabSolution
Schlüssel Gelöscht : HKCU\Software\DataMngr
[#] Schlüssel Gelöscht : HKCU\Software\DataMngr_Toolbar
Schlüssel Gelöscht : HKCU\Software\dsiteproducts
Schlüssel Gelöscht : HKCU\Software\Imesh
Schlüssel Gelöscht : HKCU\Software\InstallCore
Schlüssel Gelöscht : HKLM\Software\DataMngr
Schlüssel Gelöscht : HKLM\Software\qvo6Software
Schlüssel Gelöscht : HKLM\Software\systweak

***** [ Browser ] *****

-\\ Internet Explorer v9.0.8112.16514

Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Einstellung Wiederhergestellt : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [bProtectTabs]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Einstellung Wiederhergestellt : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Google Chrome v

[ Datei : C:\Users\Juli\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Gelöscht : homepage
Gelöscht : urls_to_restore_on_startup

*************************

AdwCleaner[R0].txt - [8033 octets] - [17/10/2013 19:23:48]
AdwCleaner[S0].txt - [5757 octets] - [17/10/2013 19:24:34]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5817 octets] ##########
         
--- --- ---

Antwort

Themen zu WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da
adware/installcore.gen, antwort, boo/tdss.o, festplatte, folge, formatierung, hilfreiche, installier, installierte, komplett, laufwerke, meldung, nicht mehr, sekunden, tr/crypt.xpack.gen8, weiterhelfen, windows, windows 7, woche, Änderungen




Ähnliche Themen: WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da


  1. Virus (csrss.exe/winlogon.exe) nach mbr und normaler Formatierung immer noch da
    Log-Analyse und Auswertung - 19.05.2014 (7)
  2. Windows 7: BOO/TDss.O in Masterbootsektor nach Formatierung
    Log-Analyse und Auswertung - 17.11.2013 (6)
  3. Nach Formatierung noch Malware vorhanden?
    Log-Analyse und Auswertung - 22.07.2013 (22)
  4. Virus nach Win7 neuaufspielen immer noch da!
    Log-Analyse und Auswertung - 07.11.2012 (3)
  5. Nach Formatierung kommt immer noch Avira Meldung> Virenmeldung Malware
    Plagegeister aller Art und deren Bekämpfung - 02.11.2012 (1)
  6. Tdss.D Virus Trots Formatierung immer noch da
    Plagegeister aller Art und deren Bekämpfung - 17.09.2011 (1)
  7. Nach Formatierung immer noch Viren
    Log-Analyse und Auswertung - 27.01.2011 (8)
  8. nach formatierung immer noch probleme mit pc
    Plagegeister aller Art und deren Bekämpfung - 25.08.2010 (13)
  9. PC Spiele laufen nach Formatierung immer noch nicht flüssig
    Log-Analyse und Auswertung - 18.08.2010 (0)
  10. Trojaner nach Formatierung immer noch vorhanden- Trojaner auf externer HD?
    Plagegeister aller Art und deren Bekämpfung - 30.12.2009 (11)
  11. TR/ATRAPS.Gen auch nach Formatierung noch da
    Plagegeister aller Art und deren Bekämpfung - 04.10.2009 (4)
  12. MSN Virus nach Formatierung noch aktiv
    Plagegeister aller Art und deren Bekämpfung - 17.05.2009 (3)
  13. Nach Formatierung Virus immer noch da. Bitte um Hilfe
    Plagegeister aller Art und deren Bekämpfung - 21.02.2009 (4)
  14. TR Crypt FKM Gen nach Formatierung noch vorhanden?
    Plagegeister aller Art und deren Bekämpfung - 12.09.2008 (2)
  15. Nach "Formatierung" Dateien immer noch vorhanden
    Alles rund um Windows - 17.01.2008 (14)
  16. Virus nach Formatierung immer noch da
    Log-Analyse und Auswertung - 07.10.2007 (10)
  17. Wurm/Virus nach formatierung immer wieder da!
    Plagegeister aller Art und deren Bekämpfung - 11.01.2007 (2)

Zum Thema WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da - Servus, Mein Laptop ist seit gut einer woche mit dem Virus 'BOO/TDss.O' befallen der im Masterbootsektor sitzt und alle Laufwerke angreift. In Folge dessen hab ich die Festplatte komplett formatiert - WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da...
Archiv
Du betrachtest: WINODWS 7 - BOO/TDss.O Virus nach Formatierung immer noch da auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.