| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
25.04.2014, 07:07
| #1 |
 |  AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... Hallo, hatte kürzlich die komische Abo Email von Media Center deren Anhang beim Öffnen der Mail! plötzlich verschwunden ist. Danach habe ich gescannt mit meinem Norton 360 (hatte nie angeschlagen), mit Malwarebytes (ohne Ergebnis) und jetzt parallel AVG installiert und der findet 4 "infizierte" Systemdateien die er nicht löschen kann: "";"Dienstfunktion NtMapViewOfSection-Hook -> 0xFFFFFFFF89DCBCC0, <unknown>";"Infiziert" "";"Dienstfunktion NtCreateThreadEx-Hook -> 0xFFFFFFFF89DCB108, <unknown>";"Infiziert" "";"Dienstfunktion NtAlpcConnectPortEx-Hook -> 0xFFFFFFFF89C31228, <unknown>";"Infiziert" "";"Dienstfunktion NtAlpcConnectPort-Hook -> 0xFFFFFFFF89C31378, <unknown>";"Infiziert" Beim Anschauen der Details bei AVG steht infiziert durch Anti-Rootkit.... Jetzt frage ich mich, hat mich wirklich ein Rootkit erwischt oder ist das ein Fehlalarm durch vielleicht einen der vielen anderen Virenscanner ? Ich hatte vorher nur Norton 360 installiert und immer aktuell. Nach dieser E-Mail Geschichte hatte ich zunächst Malwarebytes installiert, danach ADWCleaner und nun zuletzt AVG. Alle! diese Programme sind noch installiert. Was würdet ihr tun? Soll ich den Laptop lieber neu aufsetzen? Mache mir auch etwas um meine Daten auf meinem Netzwerklaufwerk sorgen -das habe ich sofort ausgeschaltet nach dem mir das vor zwei Tagen seltsam vorkam mit dieser Mail. Davon abgesehen überlege ich bei der Polizei Strafanzeige zu stellen - aber bringt das denn was ? Ich freu mich über jeden Ratschlag. Danke vorab. Gruß free-eagle Geändert von free-eagle (25.04.2014 um 07:17 Uhr) |
|
25.04.2014, 07:23
| #2 |
| /// the machine /// TB-Ausbilder    | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
25.04.2014, 08:08
| #3 |
| | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2014 Ran by Jürgen (ATTENTION: The logged in user is not administrator) on JK-LAPTOP on 25-04-2014 09:02:21 Running from C:\Users\Jürgen\Downloads Microsoft Windows 8.1 Pro mit Media Center Update 1 (X86) OS Language: German Standard Internet Explorer Version 11 Boot Mode: Normal ==================== Processes (Whitelisted) ================= (Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Microsoft Corporation) C:\Windows\System32\skydrive.exe (Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe (CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE (CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE (CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe (Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Mister Group) C:\Program Files\System Explorer\SystemExplorer.exe (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE (Spotify Ltd) C:\Users\Jürgen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\Jürgen\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEUPDT.EXE (Microsoft Corporation) C:\Windows\System32\WWAHost.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [196608 2008-04-30] (Alps Electric Co., Ltd.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2010-01-18] (CANON INC.) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.) HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2565520 2011-03-14] (CANON INC.) HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.) HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.) HKLM\...\Run: [PrintDisp] => C:\WINDOWS\system32\PrintDisp.exe [877568 2013-06-25] (ActMask Co.,Ltd - hxxp://www.all2pdf.com) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.) HKLM\...\Run: [QuickTime Task] => E:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.) HKLM\...\Run: [SystemExplorerAutoStart] => C:\Program Files\System Explorer\SystemExplorer.exe [4008296 2014-04-21] (Mister Group) HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.) HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000} HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196} HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196} HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\WINDOWS\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install HKU\S-1-5-21-3221724418-3018984914-2807200314-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation) HKU\S-1-5-21-3221724418-3018984914-2807200314-1001\...\Run: [Spotify Web Helper] => C:\Users\Jürgen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-08-14] (Spotify Ltd) HKU\S-1-5-21-3221724418-3018984914-2807200314-1001\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-07] (Samsung) HKU\S-1-5-21-3221724418-3018984914-2807200314-1001\...\MountPoints2: {3caec364-548c-11e3-b028-0021707e91e1} - "H:\HTC_Sync_Manager_PC.exe" HKU\S-1-5-21-3221724418-3018984914-2807200314-1001\...\MountPoints2: {d83ecb21-e08f-11e2-afcc-0021707e91e1} - "H:\HTC_Sync_Manager_PC.exe" Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.) Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk ShortcutTarget: EvernoteClipper.lnk -> C:\Users\Jürgen\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation) GroupPolicyUsers\S-1-5-21-3221724418-3018984914-2807200314-1001\User: Group Policy restriction detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8CF1B720DB06CE01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5 SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869 BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.) BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.) BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH) BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation) BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation) BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft) Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.) Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft) Toolbar: HKLM - Perfect Print 7 - {F723BF1C-C826-44B0-A8E2-28BBA1C5D201} - C:\Program Files\soft Xpansion\Perfect Print 7 Express\ieagent32.dll (soft Xpansion) Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation) Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 195.234.128.7 195.234.128.16 FireFox: ======== FF ProfilePath: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll () FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll () FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.) FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation) FF Plugin: @soft-xpansion/npsxpdf - C:\Program Files\Common Files\soft Xpansion\np-sxpdf.dll (soft-Xpansion) FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.) FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\searchplugins\11-suche.xml FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\searchplugins\englische-ergebnisse.xml FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\searchplugins\gmx-suche.xml FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\searchplugins\lastminute.xml FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\searchplugins\webde-suche.xml FF Extension: WOT - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26] FF Extension: WEB.DE MailCheck - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\Extensions\toolbar@web.de.xpi [2013-11-27] FF Extension: NoScript - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-04-24] FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-06-09] FF HKLM\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23] FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-25] FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [] FF HKLM\...\Thunderbird\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23] FF StartMenuInternet: FIREFOX.EXE - e:\Program Files\Mozilla Firefox\firefox.exe Chrome: ======= Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION CHR Extension: (Google Docs) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-21] CHR Extension: (Google Drive) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-21] CHR Extension: (YouTube) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-21] CHR Extension: (Google Search) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-21] CHR Extension: (Google Play) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2013-11-23] CHR Extension: (APK Downloader) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnbkiaddgodnooflghhbdpbdheanmpjp [2013-11-23] CHR Extension: (Norton Identity Protection) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-04-21] CHR Extension: (Google Wallet) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-29] CHR Extension: (Gmail) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-21] CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-26] ========================== Services (Whitelisted) ================= R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.) R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.) R2 lmhosts; C:\WINDOWS\system32\svchost.exe [31552 2013-08-22] (Microsoft Corporation) R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation) S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.) R2 N360; C:\Program Files\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation) R2 NasPmService; C:\Program Files\BUFFALO\NASNAVI\nassvc.exe [251760 2013-11-06] (BUFFALO INC.) R2 NlaSvc; C:\WINDOWS\System32\svchost.exe [31552 2013-08-22] (Microsoft Corporation) R2 nsi; C:\WINDOWS\system32\svchost.exe [31552 2013-08-22] (Microsoft Corporation) R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] () R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH) R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH) R2 Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [102400 2012-10-21] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM) S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation) S3 SXDS10; C:\Program Files\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion) R3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567256 2012-11-25] (Mister Group) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280296 2013-10-31] (Microsoft Corporation) S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2013-10-31] (Microsoft Corporation) S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580232 2013-12-09] (WiseCleaner.com) S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2013-10-22] (Microsoft Corporation) S2 楗敳潂瑯獁楳瑳湡t; 㩃停潲牧浡䘠汩獥坜獩履楗敳䌠牡㘳尵潂瑯楔敭攮數䐀IJ" [X] ==================== Drivers (Whitelisted) ==================== R2 acedrv11; C:\WINDOWS\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH) S0 Avgbootx; C:\WINDOWS\System32\DRIVERS\avgbootx.sys [17424 2013-09-04] (AVG Technologies CZ, s.r.o.) R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [123160 2014-03-27] (AVG Technologies CZ, s.r.o.) R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [199960 2014-04-18] (AVG Technologies CZ, s.r.o.) R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [150296 2014-03-27] (AVG Technologies CZ, s.r.o.) R1 AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys [22296 2014-03-27] (AVG Technologies CZ, s.r.o.) R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [193304 2014-03-27] (AVG Technologies CZ, s.r.o.) R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [238872 2014-03-27] (AVG Technologies CZ, s.r.o.) R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [108312 2014-03-31] (AVG Technologies CZ, s.r.o.) R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [28440 2014-03-27] (AVG Technologies CZ, s.r.o.) R1 Avgwfpx; C:\WINDOWS\system32\DRIVERS\avgwfpx.sys [214296 2014-03-31] (AVG Technologies CZ, s.r.o.) R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation) R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63l.sys [4715008 2013-07-01] (Broadcom Corporation) R1 BHDrvx86; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx86.sys [1098968 2014-03-19] (Symantec Corporation) R1 ccSet_N360; C:\WINDOWS\system32\drivers\N360\1502000.026\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation) R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-12-24] (Symantec Corporation) R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-12-24] (Symantec Corporation) S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation) R1 IDSVix86; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140424.001\IDSvix86.sys [395992 2014-03-26] (Symantec Corporation) R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation) R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [107736 2014-04-23] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation) R3 NAVENG; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140424.009\NAVENG.SYS [93272 2014-04-22] (Symantec Corporation) R3 NAVEX15; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140424.009\NAVEX15.SYS [1612376 2014-04-22] (Symantec Corporation) R3 SRTSP; C:\WINDOWS\System32\Drivers\N360\1502000.026\SRTSP.SYS [664280 2014-02-13] (Symantec Corporation) R1 SRTSPX; C:\WINDOWS\system32\drivers\N360\1502000.026\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation) R0 SymDS; C:\WINDOWS\System32\drivers\N360\1502000.026\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation) R0 SymEFA; C:\WINDOWS\System32\drivers\N360\1502000.026\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation) S0 SymELAM; C:\WINDOWS\System32\drivers\N360\1502000.026\SYMELAM.SYS [21520 2013-09-10] (Symantec Corporation) R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2013-12-25] (Symantec Corporation) R1 SymIRON; C:\WINDOWS\system32\drivers\N360\1502000.026\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation) R1 SymNetS; C:\WINDOWS\System32\Drivers\N360\1502000.026\SYMNETS.SYS [447704 2014-02-18] (Symantec Corporation) S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [93016 2013-10-31] (Microsoft Corporation) R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation) S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-04-25 09:02 - 2014-04-25 09:02 - 00023293 _____ () C:\Users\Jürgen\Downloads\FRST.txt 2014-04-25 09:02 - 2014-04-25 09:02 - 00000000 ____D () C:\FRST 2014-04-25 09:00 - 2014-04-25 09:00 - 01048576 _____ (Farbar) C:\Users\Jürgen\Downloads\FRST.exe 2014-04-25 08:07 - 2014-04-25 08:07 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software 2014-04-25 08:07 - 2014-04-25 08:07 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software 2014-04-25 07:48 - 2014-04-25 07:57 - 00000358 _____ () C:\Users\Jürgen\Desktop\Neues Textdokument.txt 2014-04-25 00:14 - 2014-04-25 00:16 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Avg2014 2014-04-25 00:14 - 2014-04-25 00:14 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\AVG2014 2014-04-25 00:13 - 2014-04-25 08:07 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-04-25 00:13 - 2014-04-25 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-04-25 00:13 - 2014-04-25 00:13 - 00000000 ____D () C:\Users\JKadmin\AppData\Roaming\AVG2014 2014-04-25 00:11 - 2014-04-25 00:13 - 00000000 ____D () C:\ProgramData\AVG2014 2014-04-25 00:11 - 2014-04-25 00:11 - 00000000 ___HD () C:\$AVG 2014-04-25 00:10 - 2014-04-25 00:10 - 00000000 ____D () C:\Program Files\AVG 2014-04-25 00:08 - 2014-04-25 08:08 - 00000000 ____D () C:\ProgramData\MFAData 2014-04-25 00:07 - 2014-04-25 00:07 - 150392912 _____ (AVG Technologies) C:\Users\Jürgen\Downloads\avg_free_x86_all_2014_4569a7320.exe 2014-04-24 21:08 - 2014-04-24 21:11 - 00000000 ____D () C:\ProgramData\SystemExplorer 2014-04-24 21:08 - 2014-04-24 21:08 - 00001060 _____ () C:\Users\Public\Desktop\System Explorer.lnk 2014-04-24 21:08 - 2014-04-24 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer 2014-04-24 21:08 - 2014-04-24 21:08 - 00000000 ____D () C:\Program Files\System Explorer 2014-04-24 21:03 - 2014-04-24 21:03 - 00000000 ____D () C:\Users\Jürgen\Downloads\TcpView-3.05 2014-04-24 21:02 - 2014-04-24 21:02 - 02291136 _____ (Mister Group ) C:\Users\Jürgen\Downloads\SystemExplorerSetup_550.exe 2014-04-24 20:59 - 2014-04-24 20:59 - 00291606 _____ () C:\Users\Jürgen\Downloads\TcpView-3.05.zip 2014-04-24 20:57 - 2014-04-24 20:57 - 00000116 _____ () C:\WINDOWS\ntbtlog.txt.bak 2014-04-24 20:25 - 2014-04-24 20:25 - 00000000 ____D () C:\ProgramData\SMR410 2014-04-24 20:00 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll 2014-04-23 23:11 - 2014-03-20 03:31 - 01037504 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll 2014-04-23 23:11 - 2014-03-20 03:12 - 00863552 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll 2014-04-23 23:11 - 2014-03-06 08:59 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-04-23 23:11 - 2014-03-02 11:33 - 17387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-04-23 23:11 - 2014-02-26 08:35 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-04-23 23:10 - 2014-03-20 03:20 - 18679216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-04-23 23:10 - 2014-03-20 03:09 - 01679704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2014-04-23 23:10 - 2014-03-20 03:09 - 00283992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys 2014-04-23 23:10 - 2014-03-20 02:08 - 03562496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll 2014-04-23 23:10 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll 2014-04-23 23:10 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll 2014-04-23 23:10 - 2014-03-19 07:25 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe 2014-04-23 23:10 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe 2014-04-23 23:10 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2014-04-23 23:10 - 2014-03-19 06:33 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll 2014-04-23 23:10 - 2014-03-19 06:10 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe 2014-04-23 23:10 - 2014-03-13 12:12 - 00138584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys 2014-04-23 23:10 - 2014-03-12 15:45 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-04-23 23:10 - 2014-03-11 17:05 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe 2014-04-23 23:10 - 2014-03-11 16:49 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll 2014-04-23 23:10 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2014-04-23 23:10 - 2014-03-11 16:09 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll 2014-04-23 23:10 - 2014-03-11 15:46 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe 2014-04-23 23:10 - 2014-03-11 15:34 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll 2014-04-23 23:10 - 2014-03-11 15:32 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll 2014-04-23 23:10 - 2014-03-11 15:30 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll 2014-04-23 23:10 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll 2014-04-23 23:10 - 2014-03-11 14:35 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-04-23 23:10 - 2014-03-08 14:00 - 01092896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll 2014-04-23 23:10 - 2014-03-08 14:00 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll 2014-04-23 23:10 - 2014-03-08 13:53 - 00147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys 2014-04-23 23:10 - 2014-03-08 13:49 - 00482416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys 2014-04-23 23:10 - 2014-03-08 13:49 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2014-04-23 23:10 - 2014-03-08 13:45 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys 2014-04-23 23:10 - 2014-03-08 13:35 - 00295256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys 2014-04-23 23:10 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll 2014-04-23 23:10 - 2014-03-08 10:44 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll 2014-04-23 23:10 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll 2014-04-23 23:10 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll 2014-04-23 23:10 - 2014-03-08 09:40 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll 2014-04-23 23:10 - 2014-03-08 09:14 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe 2014-04-23 23:10 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-04-23 23:10 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll 2014-04-23 23:10 - 2014-03-08 08:38 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-04-23 23:10 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll 2014-04-23 23:10 - 2014-03-08 08:37 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL 2014-04-23 23:10 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll 2014-04-23 23:10 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL 2014-04-23 23:10 - 2014-03-08 08:23 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL 2014-04-23 23:10 - 2014-03-08 08:02 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll 2014-04-23 23:10 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll 2014-04-23 23:10 - 2014-03-08 07:42 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll 2014-04-23 23:10 - 2014-03-08 07:16 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll 2014-04-23 23:10 - 2014-03-06 13:20 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll 2014-04-23 23:10 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll 2014-04-23 23:10 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll 2014-04-23 23:10 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll 2014-04-23 23:10 - 2014-03-06 13:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll 2014-04-23 23:10 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll 2014-04-23 23:10 - 2014-03-06 12:43 - 01326936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys 2014-04-23 23:10 - 2014-03-06 12:43 - 00321880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys 2014-04-23 23:10 - 2014-03-06 12:37 - 05786968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-04-23 23:10 - 2014-03-06 12:35 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll 2014-04-23 23:10 - 2014-03-06 12:35 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll 2014-04-23 23:10 - 2014-03-06 12:35 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll 2014-04-23 23:10 - 2014-03-06 12:35 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll 2014-04-23 23:10 - 2014-03-06 12:35 - 00194752 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe 2014-04-23 23:10 - 2014-03-06 12:34 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll 2014-04-23 23:10 - 2014-03-06 10:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll 2014-04-23 23:10 - 2014-03-06 10:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys 2014-04-23 23:10 - 2014-03-06 10:24 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2014-04-23 23:10 - 2014-03-06 10:24 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys 2014-04-23 23:10 - 2014-03-06 10:23 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys 2014-04-23 23:10 - 2014-03-06 10:22 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2014-04-23 23:10 - 2014-03-06 10:22 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys 2014-04-23 23:10 - 2014-03-06 10:21 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2014-04-23 23:10 - 2014-03-06 10:21 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys 2014-04-23 23:10 - 2014-03-06 10:20 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys 2014-04-23 23:10 - 2014-03-06 10:20 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2014-04-23 23:10 - 2014-03-06 10:20 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll 2014-04-23 23:10 - 2014-03-06 10:20 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe 2014-04-23 23:10 - 2014-03-06 10:20 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys 2014-04-23 23:10 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll 2014-04-23 23:10 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll 2014-04-23 23:10 - 2014-03-06 10:09 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe 2014-04-23 23:10 - 2014-03-06 09:47 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll 2014-04-23 23:10 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll 2014-04-23 23:10 - 2014-03-06 09:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll 2014-04-23 23:10 - 2014-03-06 09:25 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDScDrv.dll 2014-04-23 23:10 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll 2014-04-23 23:10 - 2014-03-06 09:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2014-04-23 23:10 - 2014-03-06 08:42 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll 2014-04-23 23:10 - 2014-03-06 08:29 - 11791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-04-23 23:10 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll 2014-04-23 23:10 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll 2014-04-23 23:10 - 2014-03-06 08:14 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll 2014-04-23 23:10 - 2014-03-06 08:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2014-04-23 23:10 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll 2014-04-23 23:10 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll 2014-04-23 23:10 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll 2014-04-23 23:10 - 2014-03-06 08:06 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll 2014-04-23 23:10 - 2014-03-06 08:04 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2014-04-23 23:10 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll 2014-04-23 23:10 - 2014-03-06 08:02 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll 2014-04-23 23:10 - 2014-03-06 08:01 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll 2014-04-23 23:10 - 2014-03-06 08:00 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2014-04-23 23:10 - 2014-03-06 07:54 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2014-04-23 23:10 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll 2014-04-23 23:10 - 2014-03-06 07:45 - 00833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-04-23 23:10 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll 2014-04-23 23:10 - 2014-03-06 07:33 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-04-23 23:10 - 2014-03-06 07:32 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll 2014-04-23 23:10 - 2014-03-06 07:27 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-04-23 23:10 - 2014-03-06 07:21 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-04-23 23:10 - 2014-03-04 13:16 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2014-04-23 23:10 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll 2014-04-23 23:10 - 2014-03-04 13:09 - 01871192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-04-23 23:10 - 2014-03-04 13:09 - 00286040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS 2014-04-23 23:10 - 2014-03-04 09:26 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll 2014-04-23 23:10 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll 2014-04-23 23:10 - 2014-03-04 08:42 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll 2014-04-23 23:10 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll 2014-04-23 23:10 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll 2014-04-23 23:10 - 2014-03-04 08:30 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll 2014-04-23 23:10 - 2014-03-04 08:26 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2014-04-23 23:10 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll 2014-04-23 23:10 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll 2014-04-23 23:10 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll 2014-04-23 23:10 - 2014-02-06 23:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2014-04-23 23:10 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll 2014-04-23 23:09 - 2014-04-09 12:54 - 00049544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-04-23 23:09 - 2014-04-09 05:21 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-04-23 23:09 - 2014-04-09 05:21 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2014-04-23 23:09 - 2014-04-09 05:07 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-04-23 23:09 - 2014-04-09 05:05 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-04-23 22:53 - 2014-02-22 16:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll 2014-04-23 22:53 - 2014-02-22 16:38 - 01129064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll 2014-04-23 22:53 - 2014-02-22 16:25 - 02871672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll 2014-04-23 22:53 - 2014-02-22 16:08 - 00265048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2014-04-23 22:53 - 2014-02-22 16:04 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-04-23 22:53 - 2014-02-22 13:22 - 03499008 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys 2014-04-23 22:53 - 2014-02-22 13:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll 2014-04-23 22:53 - 2014-02-22 12:44 - 02178048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-04-23 22:53 - 2014-02-22 12:36 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-04-23 22:53 - 2014-02-22 12:33 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-04-23 22:53 - 2014-02-22 12:18 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll 2014-04-23 22:53 - 2014-02-22 12:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll 2014-04-23 22:53 - 2014-02-22 11:33 - 11745792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-04-23 22:53 - 2014-02-22 11:33 - 01967104 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-04-23 22:53 - 2014-02-22 11:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll 2014-04-23 22:53 - 2014-02-22 11:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll 2014-04-23 22:53 - 2014-02-22 11:14 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll 2014-04-23 22:53 - 2014-02-22 11:14 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll 2014-04-23 22:53 - 2014-02-22 10:49 - 08874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll 2014-04-23 22:53 - 2014-02-22 10:35 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-04-23 22:53 - 2014-02-22 10:27 - 01143808 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-04-23 22:52 - 2014-02-22 16:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll 2014-04-23 22:52 - 2014-02-22 16:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe 2014-04-23 22:52 - 2014-02-22 16:51 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll 2014-04-23 22:52 - 2014-02-22 16:42 - 01370696 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2014-04-23 22:52 - 2014-02-22 16:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll 2014-04-23 22:52 - 2014-02-22 16:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll 2014-04-23 22:52 - 2014-02-22 16:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe 2014-04-23 22:52 - 2014-02-22 16:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll 2014-04-23 22:52 - 2014-02-22 16:40 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-04-23 22:52 - 2014-02-22 16:40 - 00211800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2014-04-23 22:52 - 2014-02-22 16:40 - 00120664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS 2014-04-23 22:52 - 2014-02-22 16:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll 2014-04-23 22:52 - 2014-02-22 16:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2014-04-23 22:52 - 2014-02-22 16:38 - 00197280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll 2014-04-23 22:52 - 2014-02-22 16:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll 2014-04-23 22:52 - 2014-02-22 16:26 - 00502616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys 2014-04-23 22:52 - 2014-02-22 16:26 - 00198488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys 2014-04-23 22:52 - 2014-02-22 16:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2014-04-23 22:52 - 2014-02-22 16:18 - 01914616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe 2014-04-23 22:52 - 2014-02-22 16:18 - 00759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll 2014-04-23 22:52 - 2014-02-22 16:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2014-04-23 22:52 - 2014-02-22 16:18 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll 2014-04-23 22:52 - 2014-02-22 16:12 - 01468872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll 2014-04-23 22:52 - 2014-02-22 16:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll 2014-04-23 22:52 - 2014-02-22 16:08 - 01451392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll 2014-04-23 22:52 - 2014-02-22 16:08 - 01389960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2014-04-23 22:52 - 2014-02-22 16:08 - 01280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2014-04-23 22:52 - 2014-02-22 16:08 - 01270608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2014-04-23 22:52 - 2014-02-22 16:08 - 01167856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2014-04-23 22:52 - 2014-02-22 16:08 - 00431960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys 2014-04-23 22:52 - 2014-02-22 16:08 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll 2014-04-23 22:52 - 2014-02-22 16:08 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll 2014-04-23 22:52 - 2014-02-22 16:08 - 00271192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys 2014-04-23 22:52 - 2014-02-22 16:04 - 01213240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcmde.dll 2014-04-23 22:52 - 2014-02-22 16:04 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll 2014-04-23 22:52 - 2014-02-22 16:04 - 01155392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll 2014-04-23 22:52 - 2014-02-22 16:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll 2014-04-23 22:52 - 2014-02-22 16:04 - 00869720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2014-04-23 22:52 - 2014-02-22 16:04 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2014-04-23 22:52 - 2014-02-22 16:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll 2014-04-23 22:52 - 2014-02-22 16:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll 2014-04-23 22:52 - 2014-02-22 16:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll 2014-04-23 22:52 - 2014-02-22 16:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll 2014-04-23 22:52 - 2014-02-22 16:04 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll 2014-04-23 22:52 - 2014-02-22 13:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll 2014-04-23 22:52 - 2014-02-22 13:23 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll 2014-04-23 22:52 - 2014-02-22 13:22 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2014-04-23 22:52 - 2014-02-22 13:19 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys 2014-04-23 22:52 - 2014-02-22 13:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll 2014-04-23 22:52 - 2014-02-22 13:16 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll 2014-04-23 22:52 - 2014-02-22 13:11 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll 2014-04-23 22:52 - 2014-02-22 13:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll 2014-04-23 22:52 - 2014-02-22 12:58 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-04-23 22:52 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll 2014-04-23 22:52 - 2014-02-22 12:40 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe 2014-04-23 22:52 - 2014-02-22 12:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE 2014-04-23 22:52 - 2014-02-22 12:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll 2014-04-23 22:52 - 2014-02-22 12:14 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-04-23 22:52 - 2014-02-22 12:09 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe 2014-04-23 22:52 - 2014-02-22 12:02 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll 2014-04-23 22:52 - 2014-02-22 12:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe 2014-04-23 22:52 - 2014-02-22 12:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll 2014-04-23 22:52 - 2014-02-22 12:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll 2014-04-23 22:52 - 2014-02-22 11:52 - 00926720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe 2014-04-23 22:52 - 2014-02-22 11:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2014-04-23 22:52 - 2014-02-22 11:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll 2014-04-23 22:52 - 2014-02-22 11:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-04-23 22:52 - 2014-02-22 11:39 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll 2014-04-23 22:52 - 2014-02-22 11:37 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll 2014-04-23 22:52 - 2014-02-22 11:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe 2014-04-23 22:52 - 2014-02-22 11:33 - 01882624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll 2014-04-23 22:52 - 2014-02-22 11:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll 2014-04-23 22:52 - 2014-02-22 11:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll 2014-04-23 22:52 - 2014-02-22 11:24 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll 2014-04-23 22:52 - 2014-02-22 11:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2014-04-23 22:52 - 2014-02-22 11:23 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll 2014-04-23 22:52 - 2014-02-22 11:21 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe 2014-04-23 22:52 - 2014-02-22 11:20 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe 2014-04-23 22:52 - 2014-02-22 11:19 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll 2014-04-23 22:52 - 2014-02-22 11:16 - 00593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll 2014-04-23 22:52 - 2014-02-22 11:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll 2014-04-23 22:52 - 2014-02-22 11:13 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll 2014-04-23 22:52 - 2014-02-22 11:13 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll 2014-04-23 22:52 - 2014-02-22 11:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll 2014-04-23 22:52 - 2014-02-22 11:10 - 00300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll 2014-04-23 22:52 - 2014-02-22 11:08 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll 2014-04-23 22:52 - 2014-02-22 11:07 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll 2014-04-23 22:52 - 2014-02-22 11:07 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll 2014-04-23 22:52 - 2014-02-22 11:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll 2014-04-23 22:52 - 2014-02-22 11:06 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-04-23 22:52 - 2014-02-22 11:06 - 00434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll 2014-04-23 22:52 - 2014-02-22 11:04 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2014-04-23 22:52 - 2014-02-22 11:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll 2014-04-23 22:52 - 2014-02-22 11:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll 2014-04-23 22:52 - 2014-02-22 10:59 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2014-04-23 22:52 - 2014-02-22 10:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll 2014-04-23 22:52 - 2014-02-22 10:58 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll 2014-04-23 22:52 - 2014-02-22 10:57 - 00829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll 2014-04-23 22:52 - 2014-02-22 10:56 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll 2014-04-23 22:52 - 2014-02-22 10:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll 2014-04-23 22:52 - 2014-02-22 10:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe 2014-04-23 22:52 - 2014-02-22 10:45 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-04-23 22:52 - 2014-02-22 10:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll 2014-04-23 22:52 - 2014-02-22 10:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll 2014-04-23 22:52 - 2014-02-22 10:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll 2014-04-23 22:52 - 2014-02-22 10:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll 2014-04-23 22:52 - 2014-02-22 10:41 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-04-23 22:52 - 2014-02-22 10:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2014-04-23 22:52 - 2014-02-22 10:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll 2014-04-23 22:52 - 2014-02-22 10:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe 2014-04-23 22:52 - 2014-02-22 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2014-04-23 22:52 - 2014-02-22 10:32 - 01789440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-04-23 22:52 - 2014-02-22 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2014-04-23 22:52 - 2014-02-22 10:28 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll 2014-04-23 22:52 - 2014-02-22 10:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll 2014-04-23 22:52 - 2014-02-22 10:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll 2014-04-23 22:52 - 2014-02-22 10:20 - 02302976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll 2014-04-23 22:52 - 2014-02-22 10:19 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-04-23 22:52 - 2014-02-22 10:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2014-04-23 22:52 - 2014-02-22 10:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll 2014-04-23 22:52 - 2014-02-22 10:01 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll 2014-04-23 22:52 - 2014-02-22 10:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe 2014-04-23 22:52 - 2014-02-22 06:35 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat 2014-04-23 22:52 - 2014-02-08 03:08 - 00081975 _____ () C:\WINDOWS\system32\systemsf.ebd 2014-04-23 22:52 - 2014-02-08 03:08 - 00024518 _____ () C:\WINDOWS\system32\systemsflm.ebd 2014-04-23 22:52 - 2014-02-02 15:33 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll 2014-04-23 22:52 - 2014-01-29 09:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll 2014-04-23 22:52 - 2014-01-29 08:41 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll 2014-04-23 22:52 - 2014-01-29 08:25 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll 2014-04-23 22:52 - 2014-01-08 02:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll 2014-04-23 22:52 - 2013-12-10 08:10 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll 2014-04-23 22:51 - 2014-02-22 16:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll 2014-04-23 22:51 - 2014-02-22 16:52 - 00171936 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe 2014-04-23 22:51 - 2014-02-22 16:52 - 00063592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys 2014-04-23 22:51 - 2014-02-22 16:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll 2014-04-23 22:51 - 2014-02-22 16:51 - 00066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe 2014-04-23 22:51 - 2014-02-22 16:51 - 00065056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe 2014-04-23 22:51 - 2014-02-22 16:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll 2014-04-23 22:51 - 2014-02-22 16:42 - 00146672 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll 2014-04-23 22:51 - 2014-02-22 16:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe 2014-04-23 22:51 - 2014-02-22 16:42 - 00098072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2014-04-23 22:51 - 2014-02-22 16:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe 2014-04-23 22:51 - 2014-02-22 16:40 - 00311128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys 2014-04-23 22:51 - 2014-02-22 16:40 - 00261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS 2014-04-23 22:51 - 2014-02-22 16:40 - 00163672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS 2014-04-23 22:51 - 2014-02-22 16:40 - 00122712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys 2014-04-23 22:51 - 2014-02-22 16:40 - 00064344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys 2014-04-23 22:51 - 2014-02-22 16:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll 2014-04-23 22:51 - 2014-02-22 16:38 - 00136320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe 2014-04-23 22:51 - 2014-02-22 16:38 - 00125976 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll 2014-04-23 22:51 - 2014-02-22 16:38 - 00107352 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe 2014-04-23 22:51 - 2014-02-22 16:38 - 00078000 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe 2014-04-23 22:51 - 2014-02-22 16:26 - 00197976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys 2014-04-23 22:51 - 2014-02-22 16:26 - 00130904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys 2014-04-23 22:51 - 2014-02-22 16:26 - 00063832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys 2014-04-23 22:51 - 2014-02-22 16:26 - 00030552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll 2014-04-23 22:51 - 2014-02-22 16:26 - 00025944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe 2014-04-23 22:51 - 2014-02-22 16:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe 2014-04-23 22:51 - 2014-02-22 16:18 - 00224664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2014-04-23 22:51 - 2014-02-22 16:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe 2014-04-23 22:51 - 2014-02-22 16:18 - 00046000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys 2014-04-23 22:51 - 2014-02-22 16:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe 2014-04-23 22:51 - 2014-02-22 16:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe 2014-04-23 22:51 - 2014-02-22 16:10 - 00105896 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe 2014-04-23 22:51 - 2014-02-22 16:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll 2014-04-23 22:51 - 2014-02-22 13:28 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll 2014-04-23 22:51 - 2014-02-22 13:28 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll 2014-04-23 22:51 - 2014-02-22 13:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe 2014-04-23 22:51 - 2014-02-22 13:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe 2014-04-23 22:51 - 2014-02-22 13:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe 2014-04-23 22:51 - 2014-02-22 13:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SSShim.dll 2014-04-23 22:51 - 2014-02-22 13:22 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys 2014-04-23 22:51 - 2014-02-22 13:22 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys 2014-04-23 22:51 - 2014-02-22 13:22 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys 2014-04-23 22:51 - 2014-02-22 13:18 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys 2014-04-23 22:51 - 2014-02-22 13:16 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll 2014-04-23 22:51 - 2014-02-22 13:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll 2014-04-23 22:51 - 2014-02-22 13:15 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll 2014-04-23 22:51 - 2014-02-22 13:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll 2014-04-23 22:51 - 2014-02-22 13:12 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe 2014-04-23 22:51 - 2014-02-22 13:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll 2014-04-23 22:51 - 2014-02-22 13:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-04-23 22:51 - 2014-02-22 13:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe 2014-04-23 22:51 - 2014-02-22 13:09 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2014-04-23 22:51 - 2014-02-22 13:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll 2014-04-23 22:51 - 2014-02-22 13:01 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll 2014-04-23 22:51 - 2014-02-22 13:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe 2014-04-23 22:51 - 2014-02-22 12:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll 2014-04-23 22:51 - 2014-02-22 12:58 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe 2014-04-23 22:51 - 2014-02-22 12:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll 2014-04-23 22:51 - 2014-02-22 12:56 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll 2014-04-23 22:51 - 2014-02-22 12:54 - 00035024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe 2014-04-23 22:51 - 2014-02-22 12:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe 2014-04-23 22:51 - 2014-02-22 12:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll 2014-04-23 22:51 - 2014-02-22 12:46 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll 2014-04-23 22:51 - 2014-02-22 12:43 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe 2014-04-23 22:51 - 2014-02-22 12:41 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll 2014-04-23 22:51 - 2014-02-22 12:40 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll 2014-04-23 22:51 - 2014-02-22 12:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll 2014-04-23 22:51 - 2014-02-22 12:37 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll 2014-04-23 22:51 - 2014-02-22 12:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll 2014-04-23 22:51 - 2014-02-22 12:33 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll 2014-04-23 22:51 - 2014-02-22 12:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe 2014-04-23 22:51 - 2014-02-22 12:26 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll 2014-04-23 22:51 - 2014-02-22 12:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll 2014-04-23 22:51 - 2014-02-22 12:24 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll 2014-04-23 22:51 - 2014-02-22 12:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe 2014-04-23 22:51 - 2014-02-22 12:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll 2014-04-23 22:51 - 2014-02-22 12:21 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll 2014-04-23 22:51 - 2014-02-22 12:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll 2014-04-23 22:51 - 2014-02-22 12:17 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe 2014-04-23 22:51 - 2014-02-22 12:17 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-04-23 22:51 - 2014-02-22 12:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll 2014-04-23 22:51 - 2014-02-22 12:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll 2014-04-23 22:51 - 2014-02-22 12:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll 2014-04-23 22:51 - 2014-02-22 12:16 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll 2014-04-23 22:51 - 2014-02-22 12:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll 2014-04-23 22:51 - 2014-02-22 12:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll 2014-04-23 22:51 - 2014-02-22 12:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll 2014-04-23 22:51 - 2014-02-22 12:15 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe 2014-04-23 22:51 - 2014-02-22 12:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll 2014-04-23 22:51 - 2014-02-22 12:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll 2014-04-23 22:51 - 2014-02-22 12:12 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll 2014-04-23 22:51 - 2014-02-22 12:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll 2014-04-23 22:51 - 2014-02-22 12:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll 2014-04-23 22:51 - 2014-02-22 12:09 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-04-23 22:51 - 2014-02-22 12:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll 2014-04-23 22:51 - 2014-02-22 12:03 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe 2014-04-23 22:51 - 2014-02-22 12:01 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll 2014-04-23 22:51 - 2014-02-22 12:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll 2014-04-23 22:51 - 2014-02-22 12:00 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe 2014-04-23 22:51 - 2014-02-22 11:58 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe 2014-04-23 22:51 - 2014-02-22 11:55 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-04-23 22:51 - 2014-02-22 11:54 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe 2014-04-23 22:51 - 2014-02-22 11:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-04-23 22:51 - 2014-02-22 11:52 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll 2014-04-23 22:51 - 2014-02-22 11:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl 2014-04-23 22:51 - 2014-02-22 11:44 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll 2014-04-23 22:51 - 2014-02-22 11:43 - 01294848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe 2014-04-23 22:51 - 2014-02-22 11:42 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe 2014-04-23 22:51 - 2014-02-22 11:42 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe 2014-04-23 22:51 - 2014-02-22 11:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll 2014-04-23 22:51 - 2014-02-22 11:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll 2014-04-23 22:51 - 2014-02-22 11:40 - 01095680 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll 2014-04-23 22:51 - 2014-02-22 11:39 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll 2014-04-23 22:51 - 2014-02-22 11:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll 2014-04-23 22:51 - 2014-02-22 11:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll 2014-04-23 22:51 - 2014-02-22 11:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll 2014-04-23 22:51 - 2014-02-22 11:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll 2014-04-23 22:51 - 2014-02-22 11:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll 2014-04-23 22:51 - 2014-02-22 11:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll 2014-04-23 22:51 - 2014-02-22 11:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll 2014-04-23 22:51 - 2014-02-22 11:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe 2014-04-23 22:51 - 2014-02-22 11:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll 2014-04-23 22:51 - 2014-02-22 11:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll 2014-04-23 22:51 - 2014-02-22 11:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll 2014-04-23 22:51 - 2014-02-22 11:21 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll 2014-04-23 22:51 - 2014-02-22 11:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2014-04-23 22:51 - 2014-02-22 11:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll 2014-04-23 22:51 - 2014-02-22 11:17 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe 2014-04-23 22:51 - 2014-02-22 11:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe 2014-04-23 22:51 - 2014-02-22 11:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe 2014-04-23 22:51 - 2014-02-22 11:15 - 00178176 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe 2014-04-23 22:51 - 2014-02-22 11:10 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll 2014-04-23 22:51 - 2014-02-22 11:08 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll 2014-04-23 22:51 - 2014-02-22 11:08 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll 2014-04-23 22:51 - 2014-02-22 11:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll 2014-04-23 22:51 - 2014-02-22 11:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll 2014-04-23 22:51 - 2014-02-22 11:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll 2014-04-23 22:51 - 2014-02-22 11:03 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2014-04-23 22:51 - 2014-02-22 11:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll 2014-04-23 22:51 - 2014-02-22 10:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll 2014-04-23 22:51 - 2014-02-22 10:56 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe 2014-04-23 22:51 - 2014-02-22 10:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll 2014-04-23 22:51 - 2014-02-22 10:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll 2014-04-23 22:51 - 2014-02-22 10:54 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2014-04-23 22:51 - 2014-02-22 10:52 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe 2014-04-23 22:51 - 2014-02-22 10:49 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe 2014-04-23 22:51 - 2014-02-22 10:48 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll 2014-04-23 22:51 - 2014-02-22 10:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll 2014-04-23 22:51 - 2014-02-22 10:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll 2014-04-23 22:51 - 2014-02-22 10:48 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll 2014-04-23 22:51 - 2014-02-22 10:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll 2014-04-23 22:51 - 2014-02-22 10:47 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll 2014-04-23 22:51 - 2014-02-22 10:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe 2014-04-23 22:51 - 2014-02-22 10:45 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll 2014-04-23 22:51 - 2014-02-22 10:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll 2014-04-23 22:51 - 2014-02-22 10:43 - 01108480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2014-04-23 22:51 - 2014-02-22 10:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll 2014-04-23 22:51 - 2014-02-22 10:43 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-04-23 22:51 - 2014-02-22 10:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll 2014-04-23 22:51 - 2014-02-22 10:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll 2014-04-23 22:51 - 2014-02-22 10:42 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll 2014-04-23 22:51 - 2014-02-22 10:41 - 03278848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll 2014-04-23 22:51 - 2014-02-22 10:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll 2014-04-23 22:51 - 2014-02-22 10:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe 2014-04-23 22:51 - 2014-02-22 10:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll 2014-04-23 22:51 - 2014-02-22 10:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl 2014-04-23 22:51 - 2014-02-22 10:38 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll 2014-04-23 22:51 - 2014-02-22 10:38 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll 2014-04-23 22:51 - 2014-02-22 10:33 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll 2014-04-23 22:51 - 2014-02-22 10:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll 2014-04-23 22:51 - 2014-02-22 10:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll 2014-04-23 22:51 - 2014-02-22 10:25 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2014-04-23 22:51 - 2014-02-22 10:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll 2014-04-23 22:51 - 2014-02-22 10:23 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll 2014-04-23 22:51 - 2014-02-22 10:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll 2014-04-23 22:51 - 2014-02-22 10:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe 2014-04-23 22:51 - 2014-02-22 09:56 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll 2014-04-23 22:51 - 2014-02-22 09:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2014-04-23 22:51 - 2014-02-01 08:00 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini 2014-04-23 22:51 - 2014-01-31 13:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll 2014-04-23 22:51 - 2014-01-31 11:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll 2014-04-23 22:51 - 2014-01-31 11:10 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll 2014-04-23 22:51 - 2014-01-31 11:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll 2014-04-23 22:51 - 2014-01-31 11:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll 2014-04-23 22:51 - 2014-01-31 10:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll 2014-04-23 22:51 - 2014-01-29 09:43 - 00411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys 2014-04-23 22:51 - 2014-01-29 09:38 - 00735576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys 2014-04-23 22:51 - 2014-01-29 08:25 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll 2014-04-23 22:51 - 2014-01-27 19:25 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2014-04-23 22:51 - 2014-01-27 18:47 - 01165312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2014-04-23 22:51 - 2014-01-22 07:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll 2014-04-23 22:51 - 2014-01-17 19:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll 2014-04-23 22:51 - 2013-12-04 16:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2014-04-23 22:51 - 2013-12-04 15:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2014-04-23 22:51 - 2013-11-27 10:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll 2014-04-23 22:51 - 2013-11-23 10:37 - 00036696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys 2014-04-23 22:51 - 2013-11-08 05:47 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2014-04-23 22:50 - 2014-02-22 13:25 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll 2014-04-23 22:50 - 2014-02-22 13:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll 2014-04-23 22:50 - 2014-02-22 13:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll 2014-04-23 22:50 - 2014-02-22 13:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll 2014-04-23 22:50 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-networking-wcmapi-l1-1-0.dll 2014-04-23 22:50 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll 2014-04-23 22:50 - 2014-02-22 13:23 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll 2014-04-23 22:50 - 2014-02-22 13:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll 2014-04-23 22:50 - 2014-02-22 12:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll 2014-04-23 22:50 - 2014-02-22 12:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-04-23 22:50 - 2014-02-22 12:50 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll 2014-04-23 22:50 - 2014-02-22 12:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe 2014-04-23 22:50 - 2014-02-22 12:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe 2014-04-23 22:50 - 2014-02-22 12:40 - 00304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe 2014-04-23 22:50 - 2014-02-22 12:33 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe 2014-04-23 22:50 - 2014-02-22 12:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe 2014-04-23 22:50 - 2014-02-22 12:31 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll 2014-04-23 22:50 - 2014-02-22 12:27 - 00625664 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe 2014-04-23 22:50 - 2014-02-22 12:25 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll 2014-04-23 22:50 - 2014-02-22 12:23 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll 2014-04-23 22:50 - 2014-02-22 12:23 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll 2014-04-23 22:50 - 2014-02-22 12:08 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe 2014-04-23 22:50 - 2014-02-22 12:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll 2014-04-23 22:50 - 2014-02-22 11:59 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll 2014-04-23 22:50 - 2014-02-22 11:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-04-23 22:50 - 2014-02-22 11:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll 2014-04-23 22:50 - 2014-02-22 11:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll 2014-04-23 22:50 - 2014-02-22 11:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll 2014-04-23 22:50 - 2014-02-22 11:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll 2014-04-23 22:50 - 2014-02-22 11:21 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll 2014-04-23 22:50 - 2014-02-22 11:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll 2014-04-23 22:50 - 2014-02-22 11:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxshared.dll 2014-04-23 22:50 - 2014-02-22 11:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll 2014-04-23 22:50 - 2014-02-22 10:50 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll 2014-04-23 22:50 - 2014-02-22 10:48 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-04-23 22:50 - 2014-02-22 10:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll 2014-04-23 22:50 - 2014-02-22 10:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll 2014-04-23 22:50 - 2014-02-22 10:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll 2014-04-23 22:50 - 2014-02-22 10:43 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll 2014-04-23 22:50 - 2014-02-22 10:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl 2014-04-23 22:50 - 2014-02-22 10:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll 2014-04-23 22:50 - 2014-02-22 06:46 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk 2014-04-23 22:50 - 2014-02-22 06:38 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2014-04-23 22:50 - 2014-02-22 06:38 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2014-04-23 22:50 - 2014-02-22 06:38 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk 2014-04-23 22:50 - 2014-02-22 06:38 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk 2014-04-23 22:50 - 2014-02-08 03:08 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml 2014-04-23 22:50 - 2014-02-01 08:00 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms 2014-04-23 22:50 - 2014-02-01 08:00 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms 2014-04-23 22:50 - 2014-02-01 08:00 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms 2014-04-23 22:50 - 2014-01-27 13:52 - 00050053 _____ () C:\WINDOWS\system32\srms.dat 2014-04-23 22:50 - 2013-11-27 11:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe 2014-04-23 21:44 - 2014-04-23 21:44 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-04-23 21:43 - 2014-04-23 21:43 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-23 21:43 - 2014-04-23 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-23 21:43 - 2014-04-23 21:43 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-23 21:43 - 2014-04-23 21:43 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-04-23 21:43 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-04-23 21:43 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-04-23 21:43 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-04-23 17:48 - 2014-04-23 17:48 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-04-23 07:54 - 2014-04-23 07:54 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-04-23 07:54 - 2014-04-23 07:54 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-04-23 07:54 - 2014-04-23 07:54 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-04-23 07:54 - 2014-04-23 07:54 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-04-23 07:54 - 2014-04-23 07:54 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-04-23 07:53 - 2014-04-23 07:53 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-04-22 22:10 - 2014-04-22 22:10 - 00000000 ____D () C:\Users\dub_cm_auto 2014-04-22 18:02 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-04-22 18:01 - 2014-04-22 18:01 - 00004310 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log 2014-04-22 18:01 - 2014-04-22 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-22 18:01 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-04-22 18:01 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-04-22 18:01 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-04-18 15:02 - 2014-04-18 15:02 - 00199960 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverx.sys 2014-04-13 13:55 - 2014-04-13 13:55 - 00000000 ____D () C:\Users\Jürgen\eTeks 2014-04-13 13:45 - 2014-04-13 13:46 - 00000004 _____ () C:\end 2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D 2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 ____D () C:\Program Files\Sweet Home 3D 2014-04-09 18:07 - 2014-04-09 18:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-03-31 16:20 - 2014-03-31 16:20 - 00214296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpx.sys 2014-03-31 16:11 - 2014-03-31 16:11 - 00108312 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys 2014-03-27 22:15 - 2014-03-27 22:15 - 00193304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys 2014-03-27 22:14 - 2014-03-27 22:14 - 00123160 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiskx.sys 2014-03-27 22:04 - 2014-03-27 22:04 - 00238872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys 2014-03-27 22:04 - 2014-03-27 22:04 - 00150296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys 2014-03-27 22:03 - 2014-03-27 22:03 - 00028440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx86.sys 2014-03-27 22:03 - 2014-03-27 22:03 - 00022296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsshimw8x.sys ==================== One Month Modified Files and Folders ======= 2014-04-25 09:02 - 2014-04-25 09:02 - 00023293 _____ () C:\Users\Jürgen\Downloads\FRST.txt 2014-04-25 09:02 - 2014-04-25 09:02 - 00000000 ____D () C:\FRST 2014-04-25 09:00 - 2014-04-25 09:00 - 01048576 _____ (Farbar) C:\Users\Jürgen\Downloads\FRST.exe 2014-04-25 09:00 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-04-25 08:58 - 2013-12-23 12:19 - 01885620 _____ () C:\WINDOWS\WindowsUpdate.log 2014-04-25 08:58 - 2013-11-24 01:59 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\ClassicShell 2014-04-25 08:58 - 2013-10-20 13:16 - 00000000 __RDO () C:\Users\Jürgen\SkyDrive 2014-04-25 08:57 - 2013-04-07 21:31 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-04-25 08:57 - 2013-04-07 21:31 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-04-25 08:55 - 2013-12-23 12:25 - 00000422 _____ () C:\WINDOWS\Tasks\Wise Care 365.job 2014-04-25 08:12 - 2013-04-07 21:31 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-04-25 08:08 - 2014-04-25 00:08 - 00000000 ____D () C:\ProgramData\MFAData 2014-04-25 08:07 - 2014-04-25 08:07 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software 2014-04-25 08:07 - 2014-04-25 08:07 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software 2014-04-25 08:07 - 2014-04-25 00:13 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2014.lnk 2014-04-25 08:07 - 2014-04-25 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG 2014-04-25 07:57 - 2014-04-25 07:48 - 00000358 _____ () C:\Users\Jürgen\Desktop\Neues Textdokument.txt 2014-04-25 07:51 - 2013-02-02 22:10 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job 2014-04-25 07:45 - 2013-12-23 12:16 - 00000000 ____D () C:\Users\JKadmin\AppData\Roaming\Wise Care 365 2014-04-25 07:44 - 2013-08-22 09:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-04-25 00:16 - 2014-04-25 00:14 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Avg2014 2014-04-25 00:14 - 2014-04-25 00:14 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\AVG2014 2014-04-25 00:13 - 2014-04-25 00:13 - 00000000 ____D () C:\Users\JKadmin\AppData\Roaming\AVG2014 2014-04-25 00:13 - 2014-04-25 00:11 - 00000000 ____D () C:\ProgramData\AVG2014 2014-04-25 00:13 - 2013-03-18 20:26 - 00000000 ____D () C:\Users\JKadmin\AppData\Roaming\TuneUp Software 2014-04-25 00:13 - 2012-07-26 08:53 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP 2014-04-25 00:11 - 2014-04-25 00:11 - 00000000 ___HD () C:\$AVG 2014-04-25 00:10 - 2014-04-25 00:10 - 00000000 ____D () C:\Program Files\AVG 2014-04-25 00:07 - 2014-04-25 00:07 - 150392912 _____ (AVG Technologies) C:\Users\Jürgen\Downloads\avg_free_x86_all_2014_4569a7320.exe 2014-04-24 23:32 - 2013-10-18 08:42 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-04-24 23:31 - 2013-12-29 00:27 - 00018828 _____ () C:\WINDOWS\setupact.log 2014-04-24 23:14 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET 2014-04-24 21:53 - 2013-02-03 11:52 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\CrashDumps 2014-04-24 21:11 - 2014-04-24 21:08 - 00000000 ____D () C:\ProgramData\SystemExplorer 2014-04-24 21:08 - 2014-04-24 21:08 - 00001060 _____ () C:\Users\Public\Desktop\System Explorer.lnk 2014-04-24 21:08 - 2014-04-24 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer 2014-04-24 21:08 - 2014-04-24 21:08 - 00000000 ____D () C:\Program Files\System Explorer 2014-04-24 21:03 - 2014-04-24 21:03 - 00000000 ____D () C:\Users\Jürgen\Downloads\TcpView-3.05 2014-04-24 21:02 - 2014-04-24 21:02 - 02291136 _____ (Mister Group ) C:\Users\Jürgen\Downloads\SystemExplorerSetup_550.exe 2014-04-24 20:59 - 2014-04-24 20:59 - 00291606 _____ () C:\Users\Jürgen\Downloads\TcpView-3.05.zip 2014-04-24 20:57 - 2014-04-24 20:57 - 00000116 _____ () C:\WINDOWS\ntbtlog.txt.bak 2014-04-24 20:25 - 2014-04-24 20:25 - 00000000 ____D () C:\ProgramData\SMR410 2014-04-24 20:21 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-04-24 20:09 - 2013-12-25 12:31 - 00475520 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-04-24 20:06 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-04-24 20:05 - 2013-09-30 05:49 - 00000000 ____D () C:\WINDOWS\system32\Drivers\de-DE 2014-04-24 20:05 - 2013-09-30 05:49 - 00000000 ____D () C:\WINDOWS\de-DE 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\WinStore 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\zh-TW 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\zh-HK 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\zh-CN 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\uk-UA 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\tr-TR 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\th-TH 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sv-SE 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sl-SI 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sk-SK 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\ru-RU 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\ro-RO 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\pt-PT 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\pt-BR 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\pl-PL 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\nl-NL 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\nb-NO 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\lv-LV 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\lt-LT 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\ko-KR 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\ja-JP 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\it-IT 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\hu-HU 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\hr-HR 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\he-IL 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\fr-FR 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\fi-FI 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\et-EE 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\en-GB 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\el-GR 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\bg-BG 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\ar-SA 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\MediaViewer 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\Program Files\Windows Portable Devices 2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform 2014-04-24 20:04 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\FileManager 2014-04-24 20:04 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\Camera 2014-04-24 20:02 - 2013-10-18 08:26 - 00000000 ____D () C:\Users\JKadmin 2014-04-24 20:02 - 2013-10-18 08:26 - 00000000 ____D () C:\Users\amumb_000 2014-04-23 22:16 - 2013-12-25 12:31 - 00739620 _____ () C:\WINDOWS\PFRO.log 2014-04-23 22:16 - 2012-07-26 08:53 - 00000000 ____D () C:\WINDOWS\LiveKernelReports 2014-04-23 21:44 - 2014-04-23 21:44 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys 2014-04-23 21:43 - 2014-04-23 21:43 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk 2014-04-23 21:43 - 2014-04-23 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 2014-04-23 21:43 - 2014-04-23 21:43 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-04-23 21:43 - 2014-04-23 21:43 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 2014-04-23 18:52 - 2013-11-24 11:01 - 00000000 ____D () C:\Users\amumb_000\AppData\Roaming\ClassicShell 2014-04-23 17:49 - 2013-10-21 17:30 - 00000000 __RDO () C:\Users\amumb_000\SkyDrive 2014-04-23 17:48 - 2014-04-23 17:48 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-04-23 07:54 - 2014-04-23 07:54 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-04-23 07:54 - 2014-04-23 07:54 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-04-23 07:54 - 2014-04-23 07:54 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-04-23 07:54 - 2014-04-23 07:54 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-04-23 07:54 - 2014-04-23 07:54 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-04-23 07:53 - 2014-04-23 07:53 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-04-22 22:10 - 2014-04-22 22:10 - 00000000 ____D () C:\Users\dub_cm_auto 2014-04-22 18:02 - 2014-01-15 20:42 - 00000000 ____D () C:\Users\JKadmin\AppData\Roaming\ClassicShell 2014-04-22 18:02 - 2013-10-17 21:11 - 00000000 ____D () C:\ProgramData\Oracle 2014-04-22 18:01 - 2014-04-22 18:01 - 00004310 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log 2014-04-22 18:01 - 2014-04-22 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java 2014-04-22 18:01 - 2013-04-20 18:02 - 00000000 ____D () C:\Program Files\Java 2014-04-22 15:52 - 2014-01-07 15:14 - 00000000 ____D () C:\Users\Colin\AppData\Roaming\ClassicShell 2014-04-18 15:02 - 2014-04-18 15:02 - 00199960 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverx.sys 2014-04-14 20:13 - 2014-04-22 18:01 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll 2014-04-14 20:05 - 2014-04-22 18:02 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe 2014-04-14 20:05 - 2014-04-22 18:01 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe 2014-04-14 20:04 - 2014-04-22 18:01 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe 2014-04-13 13:55 - 2014-04-13 13:55 - 00000000 ____D () C:\Users\Jürgen\eTeks 2014-04-13 13:46 - 2014-04-13 13:45 - 00000004 _____ () C:\end 2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D 2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 ____D () C:\Program Files\Sweet Home 3D 2014-04-13 13:45 - 2013-02-02 17:34 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\VirtualStore 2014-04-10 21:53 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\NDF 2014-04-09 19:51 - 2013-02-02 20:14 - 00000000 ____D () C:\ProgramData\Microsoft Help 2014-04-09 19:49 - 2013-08-14 15:05 - 00000000 ____D () C:\WINDOWS\system32\MRT 2014-04-09 19:47 - 2013-02-02 17:53 - 88028728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe 2014-04-09 18:07 - 2014-04-09 18:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb 2014-04-09 12:54 - 2014-04-23 23:09 - 00049544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-04-09 05:21 - 2014-04-23 23:09 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-04-09 05:21 - 2014-04-23 23:09 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll 2014-04-09 05:07 - 2014-04-23 23:09 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-04-09 05:05 - 2014-04-23 23:09 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-04-06 20:19 - 2013-10-23 07:18 - 00043008 ___SH () C:\Users\Jürgen\Desktop\Thumbs.db 2014-04-03 09:51 - 2014-04-23 21:43 - 00073432 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys 2014-04-03 09:51 - 2014-04-23 21:43 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys 2014-04-03 09:50 - 2014-04-23 21:43 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys 2014-04-03 07:51 - 2013-12-25 12:43 - 00002261 _____ () C:\Users\Public\Desktop\Norton 360.lnk 2014-04-03 07:51 - 2013-12-25 12:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360 2014-04-03 07:51 - 2013-12-25 12:43 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360 2014-03-31 23:23 - 2013-08-22 10:18 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe 2014-03-31 23:23 - 2013-08-22 10:18 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl 2014-03-31 16:20 - 2014-03-31 16:20 - 00214296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpx.sys 2014-03-31 16:11 - 2014-03-31 16:11 - 00108312 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys 2014-03-27 22:15 - 2014-03-27 22:15 - 00193304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys 2014-03-27 22:14 - 2014-03-27 22:14 - 00123160 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiskx.sys 2014-03-27 22:04 - 2014-03-27 22:04 - 00238872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys 2014-03-27 22:04 - 2014-03-27 22:04 - 00150296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys 2014-03-27 22:03 - 2014-03-27 22:03 - 00028440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx86.sys 2014-03-27 22:03 - 2014-03-27 22:03 - 00022296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsshimw8x.sys Some content of TEMP: ==================== C:\Users\JKadmin\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\WINDOWS\explorer.exe [2014-04-23 23:10] - [2014-03-04 13:16] - 2088160 ____A (Microsoft Corporation) 119E091B5386379BC5AA598BE9440C75 C:\WINDOWS\system32\winlogon.exe [2014-04-23 22:52] - [2014-02-22 11:21] - 0459264 ____A (Microsoft Corporation) 70C57DC69D4A7D92D2CAC90C3AD16E6F C:\WINDOWS\system32\wininit.exe => MD5 is legit C:\WINDOWS\system32\svchost.exe => MD5 is legit C:\WINDOWS\system32\services.exe => MD5 is legit C:\WINDOWS\system32\User32.dll [2014-04-23 22:52] - [2014-02-22 16:42] - 1370696 ____A (Microsoft Corporation) 43B0EB86B10506AD564E2005A6156D30 C:\WINDOWS\system32\userinit.exe => MD5 is legit C:\WINDOWS\system32\rpcss.dll [2014-04-23 22:52] - [2014-02-22 11:16] - 0593408 ____A (Microsoft Corporation) 05C0337538BEECC04FC695808EFF201C ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected. C:\WINDOWS\system32\Drivers\volsnap.sys [2014-04-23 22:53] - [2014-02-22 16:08] - 0265048 ____A (Microsoft Corporation) 085918BF459BCB835CFC535BE7138539 ==================== End Of Log ============================ |
|
25.04.2014, 08:08
| #4 |
| | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2014
Ran by Jürgen at 2014-04-25 09:04:11
Running from C:\Users\Jürgen\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
==================== Installed Programs ======================
1-abc.net File Divider (Remove only) (HKLM\...\1-abc.net File Divider) (Version: - )
7-Zip 9.20 (HKLM\...\7-Zip) (Version: - )
AAVUpdateManager (HKLM\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
ACSI Campsite Guide Europe 2014 (HKLM\...\InstallShield_{DE936E12-CF55-45E6-84B6-A9116E02A71E}) (Version: 1.00.0000 - Ihr Firmenname)
ACSI Campsite Guide Europe 2014 (Version: 1.00.0000 - Ihr Firmenname) Hidden
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21116 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E43B4909-141E-DFF3-8C58-62B5E4D66BBA}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Home Designer Pro v.1.0.1 (HKLM\...\{4D1A0101-17A2-4fca-9119-4734EDBDA12D}_is1) (Version: 1.0.1 - Creative Amadeo GmbH)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
AVG 2014 (Version: 14.0.3920 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BUFFALO NAS Navigator2 (HKLM\...\UN060501) (Version: - )
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version: - )
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version: - )
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version: - )
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series Benutzerregistrierung (HKLM\...\Canon MG5300 series Benutzerregistrierung) (Version: - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version: - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM\...\Canon MG5300 series On-screen Manual) (Version: - )
Canon MP Navigator EX 5.0 (HKLM\...\MP Navigator EX 5.0) (Version: - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version: - )
Catalyst Control Center InstallProxy (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Classic Shell (HKLM\...\{ED436519-8A0E-4CD0-987C-174D134513C2}) (Version: 4.0.2 - IvoSoft)
CleverPrint (HKLM\...\CleverPrint_is1) (Version: 3.00 - Abelssoft GmbH)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version: - Microsoft)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 3.3.2.0 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.2.101.104 - Alps Electric)
DEUTSCHLAND SPIELT GAME CENTER (HKLM\...\DSGPlayer) (Version: - )
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Diamantenfee Special (HKLM\...\Diamantenfee Special) (Version: - )
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904 - Microsoft) Hidden
Evernote v. 5 (HKLM\...\{5A8A0DD8-14AF-11E3-9910-984BE15F174E}) (Version: 5.0.0.1137 - Evernote Corp.)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
inSSIDer 3 (HKLM\...\{CDF246AE-C6E3-438F-AA76-21700DCC15F6}) (Version: 3.0.6.42 - MetaGeek, LLC)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
MAGIX Foto & Grafik Designer 7 SE (HKLM\...\MAGIX_{305A1AC7-0B5C-457D-9B6F-2A889766E3A0}) (Version: 7.1.2.26041 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mass Watermark version 1.0.1 (HKLM\...\{25BB9D52-8471-4C26-BC79-D3B33BB1A4A7}_is1) (Version: 1.0.1 - masswatermark.com)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0 (x86 de) (HKLM\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)
Mozilla Firefox 28.0 (x86 de) (HKCU\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Norton 360 (HKLM\...\N360) (Version: 21.2.0.38 - Symantec Corporation)
PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Peggle Deluxe (HKLM\...\Peggle Deluxe) (Version: - )
Personal Backup 5.4 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RICOH Media Driver ver.2.07.01.04 (HKLM\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.07.01.04 - RICOH)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
SDFormatter (HKLM\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version: - Microsoft) Hidden
soft Xpansion Perfect Print 7 Express (HKLM\...\{98AD196C-B3B6-48df-AB53-A711C822497C}) (Version: 7.2.1.7 - soft Xpansion)
Spotify (HKCU\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Steuer-Spar-Erklärung 2013 (HKLM\...\{AEB61F7A-4BBA-4292-A096-7893E09034A4}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version: - eTeks)
System Explorer 5.5.0 (HKLM\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version: - Mister Group)
Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Universal Extractor 1.6.1 (HKLM\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version: - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version: - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version: - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wise Care 365 Version 2.92 (HKLM\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.92 - WiseCleaner.com, Inc.)
Wondershare PDF to Word (Build 4.0.1) (HKLM\...\{90599D63-1879-4B90-BE4F-051CE70FA576}_is1) (Version: 4.0.1 - Wondershare Software)
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
2013-08-22 08:13 - 2013-08-22 08:13 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts
==================== Scheduled Tasks (whitelisted) =============
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\WINDOWS\Tasks\Wise Care 365.job => ?
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => ?
==================== Loaded Modules (whitelisted) =============
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-11-23 12:20 - 2012-02-17 21:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-08 14:16 - 2012-09-08 14:16 - 00433664 _____ () C:\Users\Jürgen\AppData\Local\Apps\Evernote\Evernote\libxml2.dll
2012-09-08 14:16 - 2012-09-08 14:16 - 00315392 _____ () C:\Users\Jürgen\AppData\Local\Apps\Evernote\Evernote\libtidy.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\Users\Jürgen\SkyDrive:ms-properties
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Disabled items from MSCONFIG ==============
==================== Faulty Device Manager Devices =============
Name: Fingerprint Sensor
Description: Fingerprint Sensor
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/25/2014 03:36:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4044375
Error: (04/25/2014 03:36:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4044375
Error: (04/25/2014 03:36:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/25/2014 03:36:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4042797
Error: (04/25/2014 03:36:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4042797
Error: (04/25/2014 03:36:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/25/2014 03:36:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4041219
Error: (04/25/2014 03:36:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4041219
Error: (04/25/2014 03:36:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/25/2014 03:36:05 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3016
System errors:
=============
Error: (04/25/2014 07:44:23 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/25/2014 01:26:09 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (04/24/2014 10:13:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/24/2014 08:27:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/24/2014 08:12:40 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
Error: (04/24/2014 08:11:39 PM) (Source: Microsoft-Windows-Eventlog) (User: NT-AUTORITÄT)
Description: Der Ereignisprotokollierungsdienst hat beim Aktivieren des Herausgebers "{0BF2FB94-7B60-4B4D-9766-E82F658DF540}" für den Kanal "Microsoft-Windows-Kernel-ShimEngine/Operational" einen Fehler (5) erkannt. Dieser Fehler hat keinen Einfluss auf den Betrieb des Kanals, beeinträchtigt jedoch die Fähigkeit des Herausgebers, Ereignisse für den Kanal auszulösen. Dieser Fehler ist oft darauf zurückzuführen, dass der Anbieter die ETW-Anbietersicherheit verwendet und der Ereignisprotokoll-Dienstidentität keine Berechtigungen zum Aktivieren gewährt hat.
Error: (04/24/2014 08:10:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Error: (04/24/2014 06:43:16 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.
Error: (04/24/2014 06:24:31 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar
Error: (04/23/2014 10:16:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet:
%%2
Microsoft Office Sessions:
=========================
Error: (04/25/2014 03:36:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4044375
Error: (04/25/2014 03:36:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4044375
Error: (04/25/2014 03:36:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/25/2014 03:36:08 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4042797
Error: (04/25/2014 03:36:08 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4042797
Error: (04/25/2014 03:36:08 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/25/2014 03:36:07 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4041219
Error: (04/25/2014 03:36:07 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4041219
Error: (04/25/2014 03:36:07 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (04/25/2014 03:36:05 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3016
CodeIntegrity Errors:
===================================
Date: 2013-12-25 11:32:30.600
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6A85DA0-D724-417A-83C6-24FA0B2EAE2D}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2013-12-25 11:29:18.639
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Definition Updates\{89F37BAB-058F-4F22-8075-5413AF5B4D53}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2013-12-25 11:29:15.678
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Definition Updates\{4AE8E33E-5792-43E3-8ED9-1B916497B1D9}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Percentage of memory in use: 41%
Total physical RAM: 3069.98 MB
Available physical RAM: 1786.61 MB
Total Pagefile: 3581.98 MB
Available Pagefile: 2163.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1863.52 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:48.49 GB) (Free:8.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Swap) (Fixed) (Total:12.7 GB) (Free:12.09 GB) NTFS
Drive e: (Programme) (Fixed) (Total:97.66 GB) (Free:91.06 GB) NTFS
Drive f: (Daten) (Fixed) (Total:73.56 GB) (Free:52.19 GB) NTFS
==================== MBR & Partition Table ==================
==================== End Of Log ============================
|
|
25.04.2014, 19:08
| #5 |
| /// the machine /// TB-Ausbilder | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... Unsere Tools brauchen immer Adminrechte. Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
25.04.2014, 21:59
| #6 |
| | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...Code:
ATTFilter 22:55:54.0479 0x0368 TDSS rootkit removing tool 3.0.0.33 Apr 24 2014 14:02:50
22:56:03.0842 0x0368 ============================================================
22:56:03.0842 0x0368 Current date / time: 2014/04/25 22:56:03.0842
22:56:03.0842 0x0368 SystemInfo:
22:56:03.0842 0x0368
22:56:03.0843 0x0368 OS Version: 6.3.9600 ServicePack: 0.0
22:56:03.0843 0x0368 Product type: Workstation
22:56:03.0843 0x0368 ComputerName: JK-LAPTOP
22:56:03.0843 0x0368 UserName: JKadmin
22:56:03.0843 0x0368 Windows directory: C:\WINDOWS
22:56:03.0843 0x0368 System windows directory: C:\WINDOWS
22:56:03.0843 0x0368 Processor architecture: Intel x86
22:56:03.0843 0x0368 Number of processors: 2
22:56:03.0843 0x0368 Page size: 0x1000
22:56:03.0843 0x0368 Boot type: Normal boot
22:56:03.0843 0x0368 ============================================================
22:56:04.0973 0x0368 KLMD registered as C:\WINDOWS\system32\drivers\33087164.sys
22:56:06.0733 0x0368 System UUID: {A169C454-1FD7-6F40-6EB3-6DADD2638CA9}
22:56:09.0297 0x0368 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:56:09.0298 0x0368 ============================================================
22:56:09.0298 0x0368 \Device\Harddisk0\DR0:
22:56:09.0298 0x0368 MBR partitions:
22:56:09.0298 0x0368 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xF6000, BlocksNum 0x60F9000
22:56:09.0313 0x0368 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61EF800, BlocksNum 0x1964000
22:56:09.0328 0x0368 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7B54000, BlocksNum 0xC350000
22:56:09.0347 0x0368 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x13EA4800, BlocksNum 0x9320800
22:56:09.0347 0x0368 ============================================================
22:56:09.0391 0x0368 C: <-> \Device\Harddisk0\DR0\Partition1
22:56:09.0436 0x0368 D: <-> \Device\Harddisk0\DR0\Partition2
22:56:09.0518 0x0368 E: <-> \Device\Harddisk0\DR0\Partition3
22:56:09.0655 0x0368 F: <-> \Device\Harddisk0\DR0\Partition4
22:56:09.0655 0x0368 ============================================================
22:56:09.0656 0x0368 Initialize success
22:56:09.0656 0x0368 ============================================================
22:56:45.0486 0x0f34 ============================================================
22:56:45.0486 0x0f34 Scan started
22:56:45.0486 0x0f34 Mode: Manual; SigCheck; TDLFS;
22:56:45.0486 0x0f34 ============================================================
22:56:45.0486 0x0f34 KSN ping started
22:56:48.0333 0x0f34 KSN ping finished: true
22:56:50.0131 0x0f34 ================ Scan system memory ========================
22:56:50.0131 0x0f34 System memory - ok
22:56:50.0132 0x0f34 ================ Scan services =============================
22:56:50.0423 0x0f34 [ F7B9F821CF1C31B266F60A5733F8119A, F6CD1745CCE5F3023AA71BEBDD90ABF53AAB7BAC30FE6D28EB0CE73A46346875 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys
22:56:50.0562 0x0f34 1394ohci - ok
22:56:50.0593 0x0f34 [ 57F7923ACC5009218F6591B3C0F62E07, 2C55C3C05063A87AA3B8B4E229F473104DE3643B1905214F75643332F60AD77F ] 3ware C:\WINDOWS\system32\drivers\3ware.sys
22:56:50.0614 0x0f34 3ware - ok
22:56:50.0652 0x0f34 [ E6F53D6C0DEA3D375362265E175CA638, 6C0C25DF28DB250BE3CD3A672AED26C3383F16E91D6FD3D964D15CD80208A8B6 ] acedrv11 C:\WINDOWS\system32\drivers\acedrv11.sys
22:56:50.0679 0x0f34 acedrv11 - ok
22:56:50.0735 0x0f34 [ 97E855ABBF94A5B979BB3070833AE71C, 1BE118C8E9DE6C37D4B64980824B01552B18F468E710C5313CBBBAC4458F3CED ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys
22:56:50.0776 0x0f34 ACPI - ok
22:56:50.0796 0x0f34 [ DCA3C5F55150B3AEB8B75A5E8D1156DC, 5BECBA14872511E9195B66F5BA290C80978C0DFFB08FABB8C5502D6F4B2927B9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys
22:56:50.0815 0x0f34 acpiex - ok
22:56:50.0831 0x0f34 [ EE103776F838AE570EDBB2C1FB1356AF, 893FE536EEC3E9FBF08FBF3491DD96939DD92879E321A24E1AB4C6F7C5C84961 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys
22:56:50.0875 0x0f34 acpipagr - ok
22:56:50.0912 0x0f34 [ AC1BAD06E47D090C553FDEEAD1A7C463, FF4A46E0811B6857DDF1C8FB35E1D99CF2C13D7139FEC574B797F09CA0DC95CA ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys
22:56:50.0983 0x0f34 AcpiPmi - ok
22:56:51.0007 0x0f34 [ 519FA16CFE54F107861501D852322AEF, AC81AEAABF7C97F90769A8EE789449DB413815C2634999AE0C5825BF40656505 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys
22:56:51.0072 0x0f34 acpitime - ok
22:56:51.0170 0x0f34 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:56:51.0186 0x0f34 AdobeARMservice - ok
22:56:51.0257 0x0f34 [ C2CE3311D2477B1B24CFB67020AD49B6, 5F800CDD69BA4E8813876BE82FC9FED3F2584DB8C8ADED345F7B5C2A32F809AE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:56:51.0277 0x0f34 AdobeFlashPlayerUpdateSvc - ok
22:56:51.0342 0x0f34 [ D614199DF507F1047D2C9ADB89BDD49E, F858794161F40660CDFEDA895A3B924364F74F8D6165947A7605A3C695D9EE7D ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS
22:56:51.0402 0x0f34 ADP80XX - ok
22:56:51.0459 0x0f34 [ 38ED16BD714BD8AB7A1D78568E2C5B22, D03E82A895DC9F47488D4DDF4C47D241364F2FAFCA9C76576C934403BEFC046B ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll
22:56:51.0513 0x0f34 AeLookupSvc - ok
22:56:51.0550 0x0f34 [ 2AF7DA157FFF947A507FCB4AB8BB4C7C, 8AFED5AE592656507D307F00504FCCB4A450290544A171EE8BC8A4E99510D051 ] AFD C:\WINDOWS\system32\drivers\afd.sys
22:56:51.0623 0x0f34 AFD - ok
22:56:51.0653 0x0f34 [ 7A706DCF874214097A30694D3B686866, C565B0A0F59A79259D0D3958FF3FAAE252FCC2BF3964C426B37F8C3830A0C216 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys
22:56:51.0673 0x0f34 agp440 - ok
22:56:51.0713 0x0f34 [ 25815816E0032A26D2FE5FDA7F9A2BB7, F10F59CE1EB099BA7D6923BA7C8712E1D2E03C31A194F47A6B4CC824B479104B ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys
22:56:51.0766 0x0f34 ahcache - ok
22:56:51.0815 0x0f34 [ F0393267267B7E0EFD1E987781783B9F, 90BC0B0FA5DE930650104C9D3ED76A90EDB99DCAD097FAF964B1705BD2BE6825 ] ALG C:\WINDOWS\System32\alg.exe
22:56:51.0880 0x0f34 ALG - ok
22:56:51.0916 0x0f34 [ E7E154969EEDB8E8FC2C80DF690A175A, 3015D83058BF9B018473823B596F4F9F1A348E3ED2724C51CB9776E76082C479 ] amdagp C:\WINDOWS\system32\drivers\amdagp.sys
22:56:51.0934 0x0f34 amdagp - ok
22:56:51.0962 0x0f34 [ D9707ECC59834964EBA0D9D6C87305F6, EEC61004B16B4E1582D55D00C7A6DF497E72EC2B81A301B383584F5D6DFADCF0 ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys
22:56:52.0008 0x0f34 AmdK8 - ok
22:56:52.0474 0x0f34 [ 67CE039EE34FB4798365E4322E50192E, DF41E1CD58F1B4A58699A04AB246A8AC2DA8E369558BD2BE7275BAF13EDA5A90 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys
22:56:53.0113 0x0f34 amdkmdag - ok
22:56:53.0180 0x0f34 [ 77C11737D6F136F33F30FC4827A27F81, 68D3D4FC4C084C8C7D15676785ED653F2425CD400D44E30D03F26BDB1F72263C ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys
22:56:53.0230 0x0f34 amdkmdap - ok
22:56:53.0266 0x0f34 [ 7E4E0841365A02F77BD8497CCE347179, 915506A214730851CD789A4E0D1AC6501706D56929CD8AFB30BF77E4618AE574 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys
22:56:53.0297 0x0f34 AmdPPM - ok
22:56:53.0321 0x0f34 [ 5558A0EB3082EAC88C0578ABCE0C707D, 46DDFFE4E3DC5E98B06CA6DCF508C8B7BBCD1C9BED8DFA74B48AA08498E76EF2 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys
22:56:53.0339 0x0f34 amdsata - ok
22:56:53.0371 0x0f34 [ FB1A73A850C812F63BA9D174AB97BFB6, D15ECB48ECC459E564386101178E4E698B84B7763ABBC022F6D617CC5623F755 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys
22:56:53.0395 0x0f34 amdsbs - ok
22:56:53.0413 0x0f34 [ 43352B9C7917984404F893AD10468F63, 26270C5FBECF1D2E91ABB589196F3B57C46D5C941594D12EEA1A6BAD60B2E28A ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys
22:56:53.0430 0x0f34 amdxata - ok
22:56:53.0463 0x0f34 [ 1DE27858A431A5749E0F3DF54BA935B9, C6BB100BBEB1454A60F81E9DA9FA07FBA72156B65E1178E112CE690EF101FDF5 ] ApfiltrService C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
22:56:53.0480 0x0f34 ApfiltrService - ok
22:56:53.0530 0x0f34 [ 744F52D39EE8B38B85A047B6AFFE8696, 67594BD57863C48559B690D0C6FB2376B9ACBF7645232EE259464D54B786C5A8 ] AppID C:\WINDOWS\system32\drivers\appid.sys
22:56:53.0582 0x0f34 AppID - ok
22:56:53.0619 0x0f34 [ 74A94E7CE70DAABD1929F605392F3632, 4434B89229E220B35E071E63A478C67F9607AF5F17A4C2C0FEB8DA5E8E77C11E ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll
22:56:53.0652 0x0f34 AppIDSvc - ok
22:56:53.0684 0x0f34 [ 63F348EC88ACA15279C68A034040AF73, 8DB4AEB894AF959E73E4392C24F9F5B0CCF82FC08FD854D424F1C2A44B2E5023 ] Appinfo C:\WINDOWS\System32\appinfo.dll
22:56:53.0732 0x0f34 Appinfo - ok
22:56:53.0817 0x0f34 [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:56:53.0839 0x0f34 Apple Mobile Device - ok
22:56:53.0865 0x0f34 [ D45B9E7A13866AEEF0AAD9E60A24C604, 87911A658343575579F63A50CF93A8A69EEB64AC9E1EF692787CB1509E89CAF4 ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
22:56:53.0924 0x0f34 AppMgmt - ok
22:56:53.0983 0x0f34 [ 0016BF6CCFCBEE39188861476B700D8B, 8E90B8BA4C94E7CF4E970C2ACE34FD510E2A1643AC041F4C51D8CF1EE1A0DA4E ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll
22:56:54.0079 0x0f34 AppReadiness - ok
22:56:54.0160 0x0f34 [ D07789299DA4D79B123336534E960F62, E98CD0B2B80A71D8B7BCD152196B4D8B2B56EE39C798C35CB33C6D82C5C314A5 ] AppXSvc C:\WINDOWS\system32\appxdeploymentserver.dll
22:56:54.0233 0x0f34 AppXSvc - ok
22:56:54.0274 0x0f34 [ 0554DE27A3B4527C000073CEA0E84D1B, 526AA2C3B88AB21331C6DAA40F0443AE3437D673DECC330E7433F9FDC7ADDB54 ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys
22:56:54.0294 0x0f34 arcsas - ok
22:56:54.0312 0x0f34 [ 72FCAE2CE6DFEAB2AB072435017F3417, 1081DAD1DEC8956D7A0D2CE9AF5DCDC56620436B161A7D749EDE769AAE73F2D6 ] atapi C:\WINDOWS\system32\drivers\atapi.sys
22:56:54.0329 0x0f34 atapi - ok
22:56:54.0374 0x0f34 [ 44F4D3CA9A4FD8449FDB89B4ECC690FD, E89C3EE0C00327CC664E78B1C0E1CDF847FA9143E6D69D0785A9645ABF2885B6 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
22:56:54.0431 0x0f34 AudioEndpointBuilder - ok
22:56:54.0475 0x0f34 [ 382B358E83A71E4F0B385FF73A932516, 502B524CFA88A508E14F35D30624E9BAE08672AEC3FBF1B9D2849901E49A109E ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll
22:56:54.0537 0x0f34 Audiosrv - ok
22:56:54.0626 0x0f34 [ F4D6665EAABA19E9DCCD134613A21952, A61F1977010FDE6A6C6837BD0A23C81A2412EAFA15AE1A8B0F63ABD29D1E2469 ] Avgbootx C:\WINDOWS\system32\DRIVERS\avgbootx.sys
22:56:54.0645 0x0f34 Avgbootx - ok
22:56:54.0691 0x0f34 [ 4F5490453284A641F159FF7AE6E0D736, E19F26462273D6E98F1C154695E2670DCF963BACAFD90B7EF0EF1DBB38264A7B ] Avgdiskx C:\WINDOWS\system32\DRIVERS\avgdiskx.sys
22:56:54.0711 0x0f34 Avgdiskx - ok
22:56:54.0972 0x0f34 [ 7645B56EE79C68DFE19298BD531A66A3, 4FB045E7B947A4C9D7FA0EADE0BBC2C14F55BF1B660D8BA7D479935D74A9F5E7 ] AVGIDSAgent C:\Program Files\AVG\AVG2014\avgidsagent.exe
22:56:55.0093 0x0f34 AVGIDSAgent - ok
22:56:55.0153 0x0f34 [ FCA016A74EDAA915F903F2E802CCDDF7, 6CEBCE860CCE79D16B1D0FA227AE6487AEE3211E0327597CB76735C08A9960D7 ] AVGIDSDriver C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
22:56:55.0173 0x0f34 AVGIDSDriver - ok
22:56:55.0207 0x0f34 [ FF4297EC210BC9A6BCFEF929694EA88D, 965F7ABD89B4157E9FD47A727C217C8B3170631F974E10684E0B96E8F4660559 ] AVGIDSHX C:\WINDOWS\system32\DRIVERS\avgidshx.sys
22:56:55.0227 0x0f34 AVGIDSHX - ok
22:56:55.0290 0x0f34 [ 116DC7003DD7DB09A01AA0E3DFC57C88, 7479433B0F6770B68CB92F404E2A23C72E2600C55FA97BCC0E964FD026EEE69B ] AVGIDSShim C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys
22:56:55.0303 0x0f34 AVGIDSShim - ok
22:56:55.0354 0x0f34 [ D0F06211AE2BDD5F2F82279550EED31B, 431C24145B71ADDBBF6C4A44EC6F763F3C53D20614C379254657D04888FE4784 ] Avgldx86 C:\WINDOWS\system32\DRIVERS\avgldx86.sys
22:56:55.0375 0x0f34 Avgldx86 - ok
22:56:55.0417 0x0f34 [ 9D663E6EBFAF4E74A61B492A79AAB5A1, F411C248F4A22A6E6C4336CB2FF8386D866A84C5029D276F361B178636603F5B ] Avglogx C:\WINDOWS\system32\DRIVERS\avglogx.sys
22:56:55.0437 0x0f34 Avglogx - ok
22:56:55.0459 0x0f34 [ 5E26854C4FF7368A79C48F01D4388E28, 39DA13AA3D3794378053AC012F88FEC076CFD7A0FACF985C70E8AA861F81554E ] Avgmfx86 C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
22:56:55.0474 0x0f34 Avgmfx86 - ok
22:56:55.0503 0x0f34 [ DAC682B3F40824E1E1011A899ED2AF36, 315890594177028C2BB03457C7C2E8A573698F1E7BC4D5A4ACDD195C32D8321E ] Avgrkx86 C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
22:56:55.0516 0x0f34 Avgrkx86 - ok
22:56:55.0551 0x0f34 [ DBAEB3D23C653018629A76E53260E122, DF402D83206EDA77818D3B59456240E66C69D307FCC7419354BF363413BC7963 ] avgwd C:\Program Files\AVG\AVG2014\avgwdsvc.exe
22:56:55.0571 0x0f34 avgwd - ok
22:56:55.0586 0x0f34 [ 2F454422BAF26797471661690933F44E, A496B73DECA00DF2297A5EB134D42F0A8E5C81D76F84227BD83968E8A2D17808 ] Avgwfpx C:\WINDOWS\system32\DRIVERS\avgwfpx.sys
22:56:55.0606 0x0f34 Avgwfpx - ok
22:56:55.0644 0x0f34 [ E8EB0D954F852612B5558A2FA48141EF, 9EAFADF021D18BF7EBB9A0F3D7896EE4C4D144FE471447BECE1555FB3FF4148E ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll
22:56:55.0667 0x0f34 AxInstSV - ok
22:56:55.0713 0x0f34 [ 235EAE5E6E5F3F0DD49DA9204F86976E, 6F29B9E36C54717E94DBF346FEF5145A2CAEBA4C1BB336E4023C5A7FE09B5290 ] BasicDisplay C:\WINDOWS\System32\drivers\BasicDisplay.sys
22:56:55.0752 0x0f34 BasicDisplay - ok
22:56:55.0805 0x0f34 [ 363392A3AF1630C9D3A7B9A31267B5B3, C1F084BFCC05EE56585860DF4729198C72475AC75A2A38FD4D1551D8CA3A9EA3 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys
22:56:55.0833 0x0f34 BasicRender - ok
22:56:56.0078 0x0f34 [ DC7001507CD70FAD9D2D288C8F14E162, E0DB839B2ED13AAE879258D36011DCA4667596EDB2C50CAE4C96A0EC3FA187F2 ] BCM43XX C:\WINDOWS\system32\DRIVERS\bcmwl63l.sys
22:56:56.0355 0x0f34 BCM43XX - ok
22:56:56.0389 0x0f34 [ 596DB7E4D0DB6AC32DF142C861001979, D7E2C2334F286778A485391C0E0BA19DE2A7D2C3B94A74563C57D55EB0A8E858 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys
22:56:56.0401 0x0f34 bcmfn2 - ok
22:56:56.0443 0x0f34 [ BB66D3F11B9D1A71C14AA9175BA308E1, C110DA0892A6C4507D22537CD83DC8D923935624507F8C04B89D41367DD61ADC ] BDESVC C:\WINDOWS\System32\bdesvc.dll
22:56:56.0525 0x0f34 BDESVC - ok
22:56:56.0559 0x0f34 [ 38058AF65F15D0E9E1A5A9B8E75B0757, C7855B39DEAF8AE6E87FBF44FADD3344D69AC71AAC8737EA6FF21435685189F7 ] Beep C:\WINDOWS\system32\drivers\Beep.sys
22:56:56.0611 0x0f34 Beep - ok
22:56:56.0652 0x0f34 [ F871C1523C46C935FDC7B11CC737625B, 98BA6030AF7BD49FAA14B2BBC2311052CF4968864B417442118044F04B7A7920 ] BFE C:\WINDOWS\System32\bfe.dll
22:56:56.0737 0x0f34 BFE - ok
22:56:56.0932 0x0f34 [ 0305AF513F52CCCD0716002EC06AC2AA, 4D371F6077C8F8041E17D4ACA75CDD9FE4867E959205E822842B73333DE579F6 ] BHDrvx86 C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx86.sys
22:56:57.0007 0x0f34 BHDrvx86 - ok
22:56:57.0100 0x0f34 [ CF61A9210872D1C98FA82593A5A3EFA1, E4732961BB3D9220E692646D1B16984B375D8BD65B1881B25F9BD35FB1B0AFD2 ] BITS C:\WINDOWS\System32\qmgr.dll
22:56:57.0219 0x0f34 BITS - ok
22:56:57.0298 0x0f34 [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:56:57.0319 0x0f34 Bonjour Service - ok
22:56:57.0338 0x0f34 [ BC1FC15A5B1FAE717CE441537590FDD3, B16A29C37AAFD8BB63E96211A7B01A206E3370904F942DE0D85AAFE8EF49A8E9 ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys
22:56:57.0391 0x0f34 bowser - ok
22:56:57.0441 0x0f34 [ EE34AA2092B0FE415064B726EEB7EC24, C404E2A3BC02C33B8AC9329985D2C1029C3A7CCB651240A790A11544E2B397BC ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
22:56:57.0497 0x0f34 BrokerInfrastructure - ok
22:56:57.0532 0x0f34 [ B64CCCB190CB29C3D376932DE1F1281B, 994C36CA6F6CD61F3607D3B226E8A5F362A5C254C936EABF234A6EEF516A7ED8 ] Browser C:\WINDOWS\System32\browser.dll
22:56:57.0570 0x0f34 Browser - ok
22:56:57.0609 0x0f34 [ 48590B2DBCE55AC0DF0F7A3F23204CBF, CA57095FD6979A937FC26E9E4D804C8FA7248B36D84159D746F9FC8BADF08365 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
22:56:57.0652 0x0f34 BthAvrcpTg - ok
22:56:57.0672 0x0f34 [ 84CF99F7190D54D4C72E0F5D008BF88C, 585A87EC0A57057727D58A8D9B9ACDE90861AFB4BF4FBEF07C451A7EDF5DB96F ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys
22:56:57.0695 0x0f34 BthHFEnum - ok
22:56:57.0720 0x0f34 [ 1C0791BC4DC2AE0B41F8E84CD3154929, FEA1FF46493C6638E08FC2FBBFB66B9922680BB649B99695ADACF05713962A78 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys
22:56:57.0756 0x0f34 bthhfhid - ok
22:56:57.0774 0x0f34 [ 34915F2B5A85B46E5B9033634C937CCA, 3A6B32C55712581CEAC5E7159A302D8CC36AB69E6702A77F1B4F20D5DFF13574 ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys
22:56:57.0808 0x0f34 BTHMODEM - ok
22:56:57.0833 0x0f34 [ D0AD9879CC58ABB122EC0BF0F7B3925C, 09B3ECE40AA008B4E11955CE15453AC9F9262895E0568CEE2A169A0FE9526080 ] bthserv C:\WINDOWS\system32\bthserv.dll
22:56:57.0873 0x0f34 bthserv - ok
22:56:57.0966 0x0f34 [ 56C2811FD0D7B727808A69407B5BFAE0, 5F84A29A9E6D8F566F95399F3B41A82DD128EA69678BBBCF75AD914DE70D9A74 ] ccSet_N360 C:\WINDOWS\system32\drivers\N360\1502000.026\ccSetx86.sys
22:56:57.0997 0x0f34 ccSet_N360 - ok
22:56:58.0039 0x0f34 [ CE232BB0965C0C0B786C3F976CCBFB7D, B3EF33018585A1B0B560E774C6127354E45805F01779C5931C345853F9EFD48C ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys
22:56:58.0079 0x0f34 cdfs - ok
22:56:58.0105 0x0f34 [ E2FC132D48EA4E8B04432C33EFB77801, 732BCDFA8975FB54DD0EAF0D208CBD361CA2E9C68B82212481C843E2ED1C5237 ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys
22:56:58.0142 0x0f34 cdrom - ok
22:56:58.0175 0x0f34 [ 8EA77992FACEB94182B9610FA4A06A68, 18AC5B03A3B7FA783596B8BD63DC01F9C36520AEA5264AFD99CD9207F538C931 ] CertPropSvc C:\WINDOWS\System32\certprop.dll
22:56:58.0225 0x0f34 CertPropSvc - ok
22:56:58.0267 0x0f34 [ 98294CE233DE8687CEEC29BD632107D0, 91DCAD303EB49A0321E3991A7B77E77672A87B32B55656A6D9471F10F1C2EE27 ] circlass C:\WINDOWS\System32\drivers\circlass.sys
22:56:58.0298 0x0f34 circlass - ok
22:56:58.0340 0x0f34 [ 7559018F0024F00AC00198F18C6A0426, 29280C458A1C0F43D410E8582811D61A2ED5D7D8104FA5B17BB15E02DB080964 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys
22:56:58.0368 0x0f34 CLFS - ok
22:56:58.0403 0x0f34 [ 6D46D1CCDA47E9B76F2D7FF4417D31AD, 8AA40C74C284EBF78FB60D64614BC87BD8C1592AD0EFB03D0DEE7F0265050019 ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys
22:56:58.0457 0x0f34 CmBatt - ok
22:56:58.0512 0x0f34 [ C40F5940DDDCCFFEB8C3E55CDE1A3E0C, FE31772059442437306C5C2621E3FA2AF82BD8782B35F0EFB48A1A53046488BF ] CNG C:\WINDOWS\system32\Drivers\cng.sys
22:56:58.0566 0x0f34 CNG - ok
22:56:58.0583 0x0f34 [ EC086CEEC479CEDAD294D64D819CAABE, 07202C26C0691CE1C83112439FFDD9F4151B3FB16AE63A3B8F35D235C59D005B ] cnghwassist C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
22:56:58.0600 0x0f34 cnghwassist - ok
22:56:58.0619 0x0f34 [ F89853991E6A03526E17E4AE5239FD98, E10FBF25FCFA42D7D495B013B327E090517797E654FFAEA0A4D4F212A6A5D5CC ] CompositeBus C:\WINDOWS\System32\drivers\CompositeBus.sys
22:56:58.0668 0x0f34 CompositeBus - ok
22:56:58.0677 0x0f34 COMSysApp - ok
22:56:58.0696 0x0f34 [ C8A7949EBAC42923D59B2C2630D2AD84, F5828C42AC40B873A09879F80B8C5F51ED36F9633A11A2A34846BBB890A416B9 ] condrv C:\WINDOWS\system32\drivers\condrv.sys
22:56:58.0730 0x0f34 condrv - ok
22:56:58.0774 0x0f34 [ 1D0EF66A01276C2562A84E4C23C19F61, 791DC91B3348A24728165DC8E571FB02D068AF3E80D77DC32194DE083087BB48 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll
22:56:58.0831 0x0f34 CryptSvc - ok
22:56:58.0873 0x0f34 [ 0B74231D179C53D34158554C65821D3B, 38157084D67FA80AAE526E5ABF1241FA3FA83185068B39C31670F12DD7E4B247 ] CSC C:\WINDOWS\system32\drivers\csc.sys
22:56:58.0957 0x0f34 CSC - ok
22:56:59.0023 0x0f34 [ 4192B0B338B00B6E36A942287D68CF1E, 7075263FCE163F0AC2D2F6EA4C3F12D324CDC835EC9C677BEB72A4208916E45B ] CscService C:\WINDOWS\System32\cscsvc.dll
22:56:59.0100 0x0f34 CscService - ok
22:56:59.0125 0x0f34 [ 2ECC9D6E0104409B441EA7095233F323, 82F9340A98DEF7CA4DDDBF27EAF23C9E829F87863C11E81445A776B366A00CA8 ] dam C:\WINDOWS\system32\drivers\dam.sys
22:56:59.0142 0x0f34 dam - ok
22:56:59.0225 0x0f34 [ 05C0337538BEECC04FC695808EFF201C, DC32234686D38A7DD35DFE6AC9CB55F0DDAD8B463EE6B20857CC45884F00C093 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
22:56:59.0297 0x0f34 DcomLaunch - ok
22:56:59.0342 0x0f34 [ 2A3BCEDF55E49FCCF7A11A5FE05DFEDB, F4CB15D1279DF158F9BC6E73314091EFFE50FCF56CFD4F24C42F843BFB7464C6 ] defragsvc C:\WINDOWS\System32\defragsvc.dll
22:56:59.0396 0x0f34 defragsvc - ok
22:56:59.0455 0x0f34 [ CB7581E95D45B89503D6290277B3AEBA, E6645951628600EA62CE52CBF1CC2BFA46AFD429072B8CAB52530D93306CFCC0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
22:56:59.0516 0x0f34 DeviceAssociationService - ok
22:56:59.0563 0x0f34 [ 7F4B79568DD6BEC3ECC80C2AE93DC749, E21DFE1B4D3B2BF3B4C65AB5D2A875453EED66AD9958CB3FD4840EA057756474 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll
22:56:59.0599 0x0f34 DeviceInstall - ok
22:56:59.0634 0x0f34 [ 55758EBBC45E1628161121D7CFEAD4A1, 566B90D1600B5B0F71B85B7B5F775D3E77C3B8C73CE13A848784A9EC74478C80 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys
22:56:59.0682 0x0f34 Dfsc - ok
22:56:59.0738 0x0f34 [ 9732BF17608F83AEFB792F0A6F024797, 3178F162CD1FDF8F9821A26279542080D7A21B36A92799DCAFD1DF009FFA5EED ] Dhcp C:\WINDOWS\system32\dhcpcore.dll
22:56:59.0793 0x0f34 Dhcp - ok
22:56:59.0837 0x0f34 [ 832BDA661E26792B5512FC641A177F26, 10D4E4D2AE0974A48D6B5E8A294B4B53250B0BC6CA00EBBFE1F6119DD67509F8 ] disk C:\WINDOWS\system32\drivers\disk.sys
22:56:59.0867 0x0f34 disk - ok
22:56:59.0903 0x0f34 [ 0357F5F7C542249D8EAA4E6FCC69EE91, E23B6657E1126603D195145BED77AA239625057A28378AF535E5A3A7A4D1F36D ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys
22:56:59.0955 0x0f34 dmvsc - ok
22:56:59.0984 0x0f34 [ A47341D3C4D2FB3984BDCAF00AE4A6C7, E612CE37EF1C1F1090A95452349BA47CA9580A3928C7B3E1C5784117018F3E76 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
22:57:00.0041 0x0f34 Dnscache - ok
22:57:00.0090 0x0f34 [ EB46660185B04E24A66344699B5A3866, ADBF72CE72982D4C4F7D7DAC4DF0511FED3D7C936B9A1152E91C83ED6ADBEC51 ] dot3svc C:\WINDOWS\System32\dot3svc.dll
22:57:00.0139 0x0f34 dot3svc - ok
22:57:00.0174 0x0f34 [ F57ECB784590B2C7A974EE22EA16BE5F, 5A252316036C9A0DAAF27008D2C139A225E21736464E32C85709C39FC63DC2B1 ] DPS C:\WINDOWS\system32\dps.dll
22:57:00.0221 0x0f34 DPS - ok
22:57:00.0276 0x0f34 [ 115B0BCB58F274B46A9C6A5615C4B925, 2F66228A3BC128FDA2356CE5BE7386E91AB9CA155F4E4B45B8BC7D4D02361589 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
22:57:00.0297 0x0f34 drmkaud - ok
22:57:00.0337 0x0f34 [ 57B0E7924571AFC1F4617749D17C7BFF, 7A1E4E7B5AC1849D020B2DA67B07CAC86CD5D378727AC340376558FDCE1A1C7F ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll
22:57:00.0384 0x0f34 DsmSvc - ok
22:57:00.0498 0x0f34 [ 38EC892387B603803C12C87D95C67AAB, F8F2E1AC36174ADFF1D45445C93DAA399B163A18753400101B237F15EC24CDD9 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys
22:57:00.0595 0x0f34 DXGKrnl - ok
22:57:00.0636 0x0f34 [ BC17CF644AD174F7558D1DCB7D1D488E, 66DC5F0E4619F95674E553A09DA5558F1545B98F042D3D0298288D071F998B00 ] EapHost C:\WINDOWS\System32\eapsvc.dll
22:57:00.0689 0x0f34 EapHost - ok
22:57:00.0766 0x0f34 [ 08EE8892FD19A6A951F40254E97F6EF3, 76F19B49DDC7B1CD7839BF0DF6A417F2DD756C924931F39291BC1D25A3C6077D ] eeCtrl C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:57:00.0809 0x0f34 eeCtrl - ok
22:57:00.0845 0x0f34 [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] EFS C:\WINDOWS\System32\lsass.exe
22:57:00.0863 0x0f34 EFS - ok
22:57:00.0954 0x0f34 [ CC45B3BDE20129D940688B161532C844, D0DF3ED05E934C82F2F22B2BA5547D48DF2F12EC8F51BFAF4895E73BAF55C833 ] ehRecvr C:\WINDOWS\ehome\ehRecvr.exe
22:57:01.0044 0x0f34 ehRecvr - ok
22:57:01.0071 0x0f34 [ CA5B783BC3152588D5441671FBA50F52, BAFCCDDA8581DD6AF461085A13322FB178E1BEB8931F1BDAE714F4F15C0D4BEB ] ehSched C:\WINDOWS\ehome\ehsched.exe
22:57:01.0126 0x0f34 ehSched - ok
22:57:01.0166 0x0f34 [ AECFDE05D120822452BA8F606841B3FE, DC89D894C9C25E164DD409C31937D6E85824F504D3F834BE8B9DAC61819BC844 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys
22:57:01.0185 0x0f34 EhStorClass - ok
22:57:01.0212 0x0f34 [ BFDF5BA2B770B358CA607109240A739D, 20007ED67456BF90F080B4FC4BBA699CB0F2F10216B63350C0B6F9F4D7C5D1CB ] EhStorTcgDrv C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
22:57:01.0235 0x0f34 EhStorTcgDrv - ok
22:57:01.0275 0x0f34 [ 050D136C61DBCF36C257206ADBBEC009, 0FD13A4B43534ABF84B637F0749AED30CAF8EB2A50C0ABE70B76608AEE925A30 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:57:01.0292 0x0f34 EraserUtilRebootDrv - ok
22:57:01.0312 0x0f34 [ 6E7FD164E20C50F5A2D49AD0218FF4AE, 0625C6875E703AC0059B5DE55AE6BF725D337C168C499F79D2E772EBAC107EA6 ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys
22:57:01.0350 0x0f34 ErrDev - ok
22:57:01.0424 0x0f34 [ BC4E13AFEE0B35D87CE8F49EF5DF5634, EA6E7C135EE660070AD823F3D2BB940124FF7EDA599DAF7B7B86CCC58DC0BE5A ] EventSystem C:\WINDOWS\system32\es.dll
22:57:01.0468 0x0f34 EventSystem - ok
22:57:01.0500 0x0f34 [ 630E4FAFAE692F2D2D3835A4F37A583C, 282C2051F4BDA060958529E4A1F799DB91CA0855B804FF2F6E19EFF913533FE1 ] exfat C:\WINDOWS\system32\drivers\exfat.sys
22:57:01.0552 0x0f34 exfat - ok
22:57:01.0584 0x0f34 [ 2B731E0CF73B392B1923078F464D96DB, 741AE561704A0EF464EB6184C3353188AD6150A5B10130DF0E96D31CE821AD0C ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys
22:57:01.0609 0x0f34 fastfat - ok
22:57:01.0665 0x0f34 [ 1FE12BBB957D8D74DDACF51F40B1358F, E8E565E332EADEDB543AE451CD446BE6CDC1079798A9598B868943A434416E84 ] Fax C:\WINDOWS\system32\fxssvc.exe
22:57:01.0751 0x0f34 Fax - ok
22:57:01.0775 0x0f34 [ F2D60D87B15FF8ABBDA27371EBBEFE0B, EC2B48A3E259449E7C388C31BEF8ECF8B3CA9CB851CBE90E97673CE093CB4863 ] fdc C:\WINDOWS\System32\drivers\fdc.sys
22:57:01.0814 0x0f34 fdc - ok
22:57:01.0833 0x0f34 [ D6AEDD0E959AC11665BEABA0EC470A2B, 731295F996D1AD143FF788E3041B0D8E21C5F6C3ACDAE6662A1598E86545C84B ] fdPHost C:\WINDOWS\system32\fdPHost.dll
22:57:01.0871 0x0f34 fdPHost - ok
22:57:01.0894 0x0f34 [ A04078C96EDF2D475B76B23D35967344, BB37D73D2899EF60080B5CBCA6FFB14E82933C717F9316025757EB17A0A64E00 ] FDResPub C:\WINDOWS\system32\fdrespub.dll
22:57:01.0935 0x0f34 FDResPub - ok
22:57:01.0960 0x0f34 [ 472A9FFB696FD557828DEBD606FBD819, 5F8C8C5E5DF762A5E9CD4D82933F5BD881C6768194125A53FFBF81F8E8E5AC29 ] fhsvc C:\WINDOWS\system32\fhsvc.dll
22:57:01.0985 0x0f34 fhsvc - ok
22:57:02.0022 0x0f34 [ 878BE2CD1B68000D4BEEE293267B19CB, 136480B18E145E681C756792B57163349D49521A6DDEA78745E896F1EAB24B17 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys
22:57:02.0041 0x0f34 FileInfo - ok
22:57:02.0063 0x0f34 [ 5C427FD4AFAEAC08882A70EDA5013AF8, 74FDB9218D18154D6C541A835A54F17A88C6BE4EFA0A0C94BD642A752A500B0A ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys
22:57:02.0098 0x0f34 Filetrace - ok
22:57:02.0118 0x0f34 [ BB2091E613F6F06F24FF9507E0FAA20B, EFACAE4F4E586120C30C48EA503EC679E37D3BDE9052FE7392D6C81E8AE5010C ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys
22:57:02.0152 0x0f34 flpydisk - ok
22:57:02.0194 0x0f34 [ 2DEEDF529EECC1D8A43E7C09E517FB37, C1911BBECD24E3F261B760AFB40EA2426D583AE3AEBAC6939F01B9C22B932822 ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
22:57:02.0221 0x0f34 FltMgr - ok
22:57:02.0283 0x0f34 [ 98F4B2D16421264E8F6D061E825336A1, 2170C4C074BED3A1BE0E495249583BCDA633FE9520954F7B268ACE35C8731243 ] FontCache C:\WINDOWS\system32\FntCache.dll
22:57:02.0448 0x0f34 FontCache - ok
22:57:02.0568 0x0f34 [ 7B47332931E0B083D09F1E7FBDD3F147, D7812D0109291BCB5268913498E66F817009E8262050F546AD16B5FAC47F8CCA ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:57:02.0595 0x0f34 FontCache3.0.0.0 - ok
22:57:02.0632 0x0f34 [ 73F944AA04157781172CAD535AB6E172, 6C2FB6C0D4A10924A845A1CF18A98206EEAAB8243A0B36AEEC78B047BFFCDDAF ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys
22:57:02.0649 0x0f34 FsDepends - ok
22:57:02.0663 0x0f34 [ 6496F5E84CBC8C6D697939D6518D9B7A, 1E518FC7B478356E997E86FDD06A01A6833407C25F67A85CC91A49EC6F2EAEB1 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:57:02.0680 0x0f34 Fs_Rec - ok
22:57:02.0758 0x0f34 [ CBE4DFCCA2051EC308FD59BED99586A3, 00D4865CA95E29D48199F0F9646C7E0C880CDFA9A83BCD1CB8FF8DC116EE1015 ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys
22:57:02.0822 0x0f34 fvevol - ok
22:57:02.0878 0x0f34 [ B3CDDF19F6201210B8785FFD642A1632, 35A664BD1C51F9F448CADA2B82276F378BA65188D175C00515EBBD06E91641AC ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys
22:57:02.0927 0x0f34 FxPPM - ok
22:57:02.0953 0x0f34 [ 2DC88A077B783AFD416CDEE7BDE63868, C016325071D88371753C4049749C26C8D58FE8D787533B3289DB1D523E6F076B ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys
22:57:02.0972 0x0f34 gagp30kx - ok
22:57:03.0010 0x0f34 [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:57:03.0033 0x0f34 GEARAspiWDM - ok
22:57:03.0073 0x0f34 [ 2156802A56276A97FB6892412A0B899D, F97F253D7EE992A427D2A4F12601893FCEA93975547A7CE5D8C2DF25ABD23A97 ] gencounter C:\WINDOWS\System32\drivers\vmgencounter.sys
22:57:03.0106 0x0f34 gencounter - ok
22:57:03.0134 0x0f34 [ 73EFE8A2747BB87F66B5646AA2262AE4, 368AAFA38F214D474206B914A4258B3679CB0B1C9080D32DFB3BF890BD5611A8 ] GPIO C:\WINDOWS\System32\drivers\iaiogpio.sys
22:57:03.0172 0x0f34 GPIO - ok
22:57:03.0220 0x0f34 [ 5DDB379D541C2EE4C8D3734A0284A2DC, D18CA69EF148A267CFAF2F36B668416A79042CF9EE34C802B457DAB9AD91A431 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys
22:57:03.0240 0x0f34 GPIOClx0101 - ok
22:57:03.0327 0x0f34 [ B7F4799C6CAB7CACF937E1BBDB7440BD, CECECA7D70172D2FDBC45D71DAEC1610BC7DB02324E779772C422B72240BA025 ] gpsvc C:\WINDOWS\System32\gpsvc.dll
22:57:03.0419 0x0f34 gpsvc - ok
22:57:03.0488 0x0f34 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
22:57:03.0516 0x0f34 gupdate - ok
22:57:03.0526 0x0f34 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
22:57:03.0543 0x0f34 gupdatem - ok
22:57:03.0595 0x0f34 [ 449688B15D29787C8A440D6ECA9925B5, 7E1C88106F3F39394843B8B2B5921A8F5B215AC1538F46F151B9F4FAAC7AE1DE ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
22:57:03.0655 0x0f34 HdAudAddService - ok
22:57:03.0688 0x0f34 [ A31901DE6A22EA67AB83AAF7036F98CC, 0232E48473D5D071298009DDC83D753A3DDDF8D5272155CA3612502DE5F764F8 ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys
22:57:03.0728 0x0f34 HDAudBus - ok
22:57:03.0769 0x0f34 [ 5C5BF3E47BB6B07FAD8EA4565159659E, E8C52CC743408093B118D3E1E8C0E7E1E7EED7234422341C8B666C03A9FA0CC4 ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys
22:57:03.0807 0x0f34 HidBatt - ok
22:57:03.0829 0x0f34 [ 4A59C5DAF29CC28DA966C57DB863655E, 6A164BEB000AF2A8FBCBF8A15C8BF9D999CDCF90EAFDD748D4F7FAA27E67CD12 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys
22:57:03.0871 0x0f34 HidBth - ok
22:57:03.0891 0x0f34 [ 4AC33C5E591F9845E34DA8681E558A58, 4FC04C7EF2736D63CF77756566C5710764671EC54085FC035B4752377CABDDE7 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys
22:57:03.0913 0x0f34 hidi2c - ok
22:57:03.0933 0x0f34 [ 2E6CA4DE2AEDF7ABDFEA906F11EDC8B1, 69FD8513F4E0C1E8C78D01D007D90DC33D3C4DEAED05FEECD634A15334202D62 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys
22:57:03.0971 0x0f34 HidIr - ok
22:57:04.0002 0x0f34 [ 06692FEB8EBC5AD53AC6C610BC72F1C6, 4C2754E0F3FBCF147D7D7F9D1F433C85B6AB59922F9DA754B31CB57A90CDC175 ] hidserv C:\WINDOWS\system32\hidserv.dll
22:57:04.0041 0x0f34 hidserv - ok
22:57:04.0077 0x0f34 [ 71E4AD300E86C0754D6070FB92475CF7, 110AF2389CFC8AB481B6A8706F436BB600D10063669C2A6ABB5A63FB9E3A3495 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys
22:57:04.0109 0x0f34 HidUsb - ok
22:57:04.0148 0x0f34 [ 622B08BD041DE4B0B8F34D4F0F5A018C, 4EA4DB15CE5DD44FF30B5AE0D7EBEDAF3DDE8761D7633FED52CE7D022E0980E6 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll
22:57:04.0188 0x0f34 hkmsvc - ok
22:57:04.0221 0x0f34 [ D331E843F66501F57978F85FE695CEEE, CB2B23E3191DDE105A47D7C7361880DE968D79D55A16B371DA16456F047B7FE2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
22:57:04.0294 0x0f34 HomeGroupListener - ok
22:57:04.0339 0x0f34 [ 4FC945E08AF63491AFCC902C99046735, 3F62C132B8C8A35C09D1ED7C602658EC901ED6284550B0A8E9E6FE0AACB7A511 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
22:57:04.0412 0x0f34 HomeGroupProvider - ok
22:57:04.0455 0x0f34 [ BA073FD7F6C94FF18F97DF8F0297ED62, 132611011C0AEB1E529453A4FA983587D7F1CE286C04AC0B952F4D964B72BEC1 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys
22:57:04.0485 0x0f34 HpSAMD - ok
22:57:04.0523 0x0f34 [ 950CC1E6AE3A6CD23E0945CDE089B02C, C242AE9F21FE7FBC269BD11BDD3346936626DA15596561B527EF20CFAEF77055 ] HTCAND32 C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys
22:57:04.0575 0x0f34 HTCAND32 - ok
22:57:04.0614 0x0f34 [ 339ADEFAD60353F960E3CA67CE468C24, AF0953ACBE2CA6466595A31349DBF96452DEF2633FD279E8F2B59A3767B89AFC ] htcnprot C:\WINDOWS\system32\DRIVERS\htcnprot.sys
22:57:04.0658 0x0f34 htcnprot - ok
22:57:04.0716 0x0f34 [ 4196BBF0725EF4E4F220D5E1539EF553, EE78E340C8DE4256567A5D0589CE5B3C182EE80A7D6F663CB971651391BA3F92 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys
22:57:04.0775 0x0f34 HTTP - ok
22:57:04.0812 0x0f34 [ FAEB94F3ACCDFDA16E5FA585369FDEC4, 12A41592EEC9CEB5C8C10AAF2C09E7262E2AC28B615D181F9BCCA0DEC12648F3 ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys
22:57:04.0829 0x0f34 hwpolicy - ok
22:57:04.0855 0x0f34 [ 2DDC60AD29D845A745C9ECAAE35FC477, 1A4670D10744B36FFCDC5068C824315200F9D9BD24E5F2A111B2019C13CD59BE ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys
22:57:04.0874 0x0f34 hyperkbd - ok
22:57:04.0899 0x0f34 [ D360FFBA289307976BE1BBE7BE792F58, 6A787C493D226D6AB5A933B3EAF9D6EE4B18BDB2D07D1CAE59CE1EFA729B1B2D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
22:57:04.0933 0x0f34 HyperVideo - ok
22:57:04.0955 0x0f34 [ 5043E69532392A43549E5D41E22638AA, DC5186117FC60036A70CD6065810F090BD3EFFA24B59C760ECB6B7FB9C43F174 ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys
22:57:04.0998 0x0f34 i8042prt - ok
22:57:05.0030 0x0f34 [ 646D3B416BC970C3CD2F53844FD156A5, 045CBA642382B33DB1E222302B14DD46838895A73CE50426FD180B4CA918253A ] iaioi2c C:\WINDOWS\System32\drivers\iaioi2c.sys
22:57:05.0048 0x0f34 iaioi2c - ok
22:57:05.0094 0x0f34 [ 387637FC01BA30E95A2330DA3FFD0919, 836A100F766044B431D2263A57CB3BB3B43AA0C3E58220F31A2EF89E1BB8CB55 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys
22:57:05.0145 0x0f34 iaStorAV - ok
22:57:05.0177 0x0f34 [ D2E7F3611BB8F1C2661B8F7858D33A35, EFA7B2E8433AB6DE739EB12792154B64DF29B61C8BB2F467C95C393A40D84E1A ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys
22:57:05.0216 0x0f34 iaStorV - ok
22:57:05.0320 0x0f34 [ 373C0F67CC49772028D311FD147F4E85, D88613EB4DCB6F0A77D947D3DAB853689FFD71331484723C7CDCBADC7F01CB34 ] IDSVix86 C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140424.001\IDSvix86.sys
22:57:05.0446 0x0f34 IDSVix86 - ok
22:57:05.0456 0x0f34 IEEtwCollectorService - ok
22:57:05.0514 0x0f34 [ 92557399ED26FBABC5D8446B3C21CF0F, 71304B7614B1552FBA227683A3A9FC84B445BF6686341F6A91A37EDAEF4AE828 ] IKEEXT C:\WINDOWS\System32\ikeext.dll
22:57:05.0591 0x0f34 IKEEXT - ok
22:57:05.0632 0x0f34 [ B0F92A795C7E48E2C5F908265C655458, 6F6606C3F36FD3E603CF9FCFDD1213A108E4B1CF9936E4FE851E6FD5FEA5FEEC ] intelide C:\WINDOWS\system32\drivers\intelide.sys
22:57:05.0657 0x0f34 intelide - ok
22:57:05.0706 0x0f34 [ 1B96BF4186366306D917FBD187218F29, 8B1E85412D52B0EE7593D7BA08153DABF0852448A4E8DC01F2B24EE3289912AA ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys
22:57:05.0724 0x0f34 intelpep - ok
22:57:05.0757 0x0f34 [ 6DD61D8AFB56C9F853210C49FD4D8C16, DFE299AB383A81BDE531B93645F59076BC2D7E37038DA20649CA08230C043C55 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys
22:57:05.0807 0x0f34 intelppm - ok
22:57:05.0833 0x0f34 [ 23B5C10891B64FB4261F9FCADF24FE28, DCE73864B0BE98DE96C0EC6C88BA62E1BC2878837D6442BCC2220A956E350D0E ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:57:05.0877 0x0f34 IpFilterDriver - ok
22:57:06.0009 0x0f34 [ DD457C613576ED1E134297DF8D4C5922, FC99459FEA8D85D75236F34BB4F12E8CF67AF421B6593B592C9133DB101D7709 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll
22:57:06.0191 0x0f34 iphlpsvc - ok
22:57:06.0235 0x0f34 [ D395D5C2900596DFA30478E79110D003, BBED3586F653F9167430DF8FF42669FC7962F5EEA3E789289224DD91BAD3F18C ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys
22:57:06.0319 0x0f34 IPMIDRV - ok
22:57:06.0358 0x0f34 [ FA6C94C754A566EA8A61D658932F32DE, AEA11A21F850228B23714CBF981C0D038FF5CC22566594E6995BA0994343A256 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys
22:57:06.0406 0x0f34 IPNAT - ok
22:57:06.0483 0x0f34 [ 463790AEF94D8EAB674631257F53252E, A02972457F45AD6816CB5F60DE4CD15D68256695FA0F3E4EAD6F9E36CBE54576 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
22:57:06.0516 0x0f34 iPod Service - ok
22:57:06.0556 0x0f34 [ ADF675CF9EB57229E9D13BC2F5D4719D, 1CAE1C71951795D1E650C81D5271EF9DF3482E531AAF0E6E08BE9789DE8C1E5B ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys
22:57:06.0590 0x0f34 IRENUM - ok
22:57:06.0621 0x0f34 [ 2A0D17D431F13E87ADCB28DEEC84F252, 87C82734B58896BB71EE0707B70C4618D0E4895BE1409E9B55668F11E1715F30 ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys
22:57:06.0639 0x0f34 isapnp - ok
22:57:06.0666 0x0f34 [ B664CD9178C4BB43CB5113EC3CD03C84, 4741F757C95D65C7D6BF3374BCF32E0162F955901EBA17EA865EA2CF82C29FE8 ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys
22:57:06.0695 0x0f34 iScsiPrt - ok
22:57:06.0743 0x0f34 [ 37A0B80B513E18322CF768D4AAA6B302, 062CD99E69FE47A4631457AA8309A7E2792A195E5DC821AA66CC320E2F39971F ] k57nd60x C:\WINDOWS\system32\DRIVERS\k57nd60x.sys
22:57:06.0805 0x0f34 k57nd60x - ok
22:57:06.0826 0x0f34 [ 4504C8B75A6B2E5BE800DE03B26891D3, 4DC5DA3A2CBBB43B0E9CACE094D7EADE458347D134012F9693CAC2014EFE4145 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys
22:57:06.0855 0x0f34 kbdclass - ok
22:57:06.0871 0x0f34 [ 8BAF1904393EACA7178A5EF962256D3F, 7CC026151E96D239C68758A016C206278ED262594C87EB7BFCD73A73631DBBC8 ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys
22:57:06.0908 0x0f34 kbdhid - ok
22:57:06.0934 0x0f34 [ 3FF50BD6E481C6690A16D0542A2D818F, C7A87459C770380DFC5CF275382B8AC9F81C65A58131A4FDB7D2C251481BA963 ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys
22:57:06.0953 0x0f34 kbldfltr - ok
22:57:06.0966 0x0f34 [ 7F896C99637CB0E48262F307FC0F3557, 51B1A2038443F581EAE8057FF487398CBAA4753E7AA854B191E47502F9D7D69B ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys
22:57:07.0016 0x0f34 kdnic - ok
22:57:07.0042 0x0f34 [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] KeyIso C:\WINDOWS\system32\lsass.exe
22:57:07.0061 0x0f34 KeyIso - ok
22:57:07.0099 0x0f34 [ 21719E6D6B4EDEB062F0A9D8F7720FEF, 6BEF2890270D4127EAEA6C627B663495A7576A781EDB4E4623E9C68D2DE3EE22 ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys
22:57:07.0119 0x0f34 KSecDD - ok
22:57:07.0151 0x0f34 [ 09C2C25E6199901B93716FE4A82E682C, DC242E688EC66F9667320A1FA6CD73CF6FFE635E3459E1C851DAE1B2D8B07E9A ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys
22:57:07.0173 0x0f34 KSecPkg - ok
22:57:07.0216 0x0f34 [ EC89E8C1334D257C27197A52099FA960, 5243DD460A78CBCCF6296C13944ADC0F7FA7BD152BCE9633EB8CA911B055C3F0 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll
22:57:07.0275 0x0f34 KtmRm - ok
22:57:07.0317 0x0f34 [ 3EDE75D96CF18AA2A94E01F1EBC30DC5, 775A888CC04D7AA4B1C09DCBC130CA19617EFA64A2756047BFD0D0BE29476A9F ] LanmanServer C:\WINDOWS\system32\srvsvc.dll
22:57:07.0358 0x0f34 LanmanServer - ok
22:57:07.0409 0x0f34 [ B230EE02279BBD757637B3CAE1CF660B, D74B85548818E0C9DAE10076AB00198AAD3838BB3A8C0212762716E5EBC3A3C8 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
22:57:07.0449 0x0f34 LanmanWorkstation - ok
22:57:07.0501 0x0f34 [ 4CE8FBDB422165F1D336C1E4251F233A, 7FA894864637E3F504A68A5E2037D55BAC300B827ECC48E8E002387EED147F46 ] lfsvc C:\WINDOWS\System32\GeofenceMonitorService.dll
22:57:07.0567 0x0f34 lfsvc - ok
22:57:07.0607 0x0f34 [ 369ED2626209D245BA1CEBB626F9A376, C28A0B4998DF1027AB3C234742AD51E140889CC065CF2F073665297B61A31F6F ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys
22:57:07.0646 0x0f34 lltdio - ok
22:57:07.0678 0x0f34 [ E7857CCA67A54E265533EF68C7B90A0C, 3CC312DAFD7C539467D5833002D448D62C8B3A2F2894523CBA18C49D2129F609 ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll
22:57:07.0716 0x0f34 lltdsvc - ok
22:57:07.0748 0x0f34 [ A44270027BA1C8983CCC414183AD5726, 26F0881DF03F7C521A7CA9FE91432B40313B1ED5A9F2779F4CAA3CF6625219B7 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll
22:57:07.0803 0x0f34 lmhosts - ok
22:57:07.0840 0x0f34 [ 876BA8550E9F1F4EF8A7D056E66678F6, 55937F75D1332923FD348B9931BC28E379DEBC13841E0EE4D1330D3D4E7707DF ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys
22:57:07.0859 0x0f34 LSI_SAS - ok
22:57:07.0882 0x0f34 [ 6FB4E344E66F7243D23F0F52A9610790, 7AAEE5EB222539AD767B0B01FD1F821EE35263699BC4D123E95906C4AE62D3F6 ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys
22:57:07.0902 0x0f34 LSI_SAS2 - ok
22:57:07.0922 0x0f34 [ 2E61D97CA19BBECCCF7CDE9C0C7392B5, 237A5739DE9A643CBEE7432522E43DAAB289EAA322FB2E67A66E24D2A0E859E1 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys
22:57:07.0940 0x0f34 LSI_SAS3 - ok
22:57:07.0961 0x0f34 [ 3986C8FAA6E397725024E7189BAC69CE, FD934C8D5E51153D9E69764B628E1A983D96CF223115B4E549FA67BA819A27E8 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys
22:57:07.0979 0x0f34 LSI_SSS - ok
22:57:08.0031 0x0f34 [ 1D5999E703FAA551DFF0E4E7F6AA2150, D73332190244FE2943CE93C298EDBB09290AFDD1B12F286F94E4B67323F1A1F9 ] LSM C:\WINDOWS\System32\lsm.dll
22:57:08.0098 0x0f34 LSM - ok
22:57:08.0138 0x0f34 [ A1E31C77F407F629F430A070B8747A44, 80E50D95CBDB85DBA2462BF133140AFEAB2D047F70168E87CE95E8D90A83C99E ] luafv C:\WINDOWS\system32\drivers\luafv.sys
22:57:08.0162 0x0f34 luafv - ok
22:57:08.0210 0x0f34 [ 8566E3E7E14517C3142F9EBAF68C3CF4, 1E7A279B8EF1FA8C4D7DB0B72E031DDC39D82FC694A22808BD6C76EF98BB7BF1 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
22:57:08.0243 0x0f34 McComponentHostService - ok
22:57:08.0284 0x0f34 [ E00D0D70EE37CBAAF01668EE6102C3D5, 55935BAC853C07D3EA937E4CE33BDA630B34C5EC38B509B3D37554CB978D43F1 ] Mcx2Svc C:\WINDOWS\system32\Mcx2Svc.dll
22:57:08.0312 0x0f34 Mcx2Svc - ok
22:57:08.0329 0x0f34 [ EE038F0B57FD34B872AE2ADD7679C1E2, FC6C352A4EFE659961513B131B68871AFFAD8174672C3D5BF955D83BA1F9CEA0 ] megasas C:\WINDOWS\system32\drivers\megasas.sys
22:57:08.0347 0x0f34 megasas - ok
22:57:08.0387 0x0f34 [ 2E3BE5DA8078B170DA14CE3181C5D3AC, F4E8251C554A47682F00FCE7A0F3B0D0FD0F3D74970BA501F63860A7C824407E ] megasr C:\WINDOWS\system32\drivers\megasr.sys
22:57:08.0430 0x0f34 megasr - ok
22:57:08.0492 0x0f34 Microsoft SharePoint Workspace Audit Service - ok
22:57:08.0538 0x0f34 [ 01946468EA6196F9C54A245354C1240A, 96BE9EF1D791417BFBD9AC9F24D38F128DEE409C95F25138B8CDAE3F86E17D4A ] MMCSS C:\WINDOWS\system32\mmcss.dll
22:57:08.0607 0x0f34 MMCSS - ok
22:57:08.0648 0x0f34 [ FFE175CCDA4BC0278E88149F183B6C5E, B84F9E1E20B0C0BF64BC8DABC238776A307286ECC5AEFEDD74F6C187F5FD0671 ] Modem C:\WINDOWS\system32\drivers\modem.sys
22:57:08.0681 0x0f34 Modem - ok
22:57:08.0704 0x0f34 [ 523C526BBB796FC2087C0C8AC2B669BD, 79FAC4B32BD35E140B7FAFC5A58FA039B1FB16EF68A4DCEB25B2B153B1B0FE0D ] monitor C:\WINDOWS\System32\drivers\monitor.sys
22:57:08.0746 0x0f34 monitor - ok
22:57:08.0788 0x0f34 [ 1B621475FA22B947B60EE004A8EE11F5, EC4BBD6C586686BD3E05F861FF7D9E82E7C787DDBC9BC3CDEEE613BFCAFC34D3 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys
22:57:08.0810 0x0f34 mouclass - ok
22:57:08.0833 0x0f34 [ 64DAA33D69C4442AD4CC52D478895355, 686CD366539D41331ACC41A66B165EF7B659CD8FC0048596E6F38D1FBF3120C8 ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys
22:57:08.0861 0x0f34 mouhid - ok
22:57:08.0884 0x0f34 [ 8CF63AB55709A9E415190219C226A855, E061AE50F74F46D9D58E406254515B104B32D7B7DE64C1045E9901942A953FCF ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys
22:57:08.0904 0x0f34 mountmgr - ok
22:57:08.0957 0x0f34 [ A7A117CB1104D0829466F48E17BE0A71, 040F18FC1AF72BE2B7123170C2F5F131A9518B8AA57C20F23203625D213C792B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:57:08.0985 0x0f34 MozillaMaintenance - ok
22:57:09.0005 0x0f34 [ 4B300E2D06B03410064CF443E1CE6B25, 9B75E288392DBB24C84C573823AB0C94F2CFA6AA8AF3F6D8E3ED93DA57F5ABB8 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys
22:57:09.0043 0x0f34 mpsdrv - ok
22:57:09.0117 0x0f34 [ C67F755D89AE52C7F2249ACE98416265, EA115A4165E3657452CDF69E0C5704BB685A8E0FD451F37EA1FC3D5A8BCE5A9E ] MpsSvc C:\WINDOWS\system32\mpssvc.dll
22:57:09.0224 0x0f34 MpsSvc - ok
22:57:09.0354 0x0f34 [ 53E370C8ED69C68DFD26BAE4588095F3, C72A759D0C31CF2E6C153D8D008DE03575C5D6A74067C381E580B09850890EBB ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys
22:57:09.0407 0x0f34 MRxDAV - ok
22:57:09.0441 0x0f34 [ 3225D40D8CBA74A79D3B10879A14755E, 030818F38C2A94FAA69189B16C158DA50339CD44402E26A854AFB81DFE914D82 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:57:09.0486 0x0f34 mrxsmb - ok
22:57:09.0514 0x0f34 [ F37F40422662235AB5768C303E829602, B1350AE9827FCF48FDC7BCA83CE5A7E1C54550449F6F56AC39E1E1ECB9EA56DD ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
22:57:09.0558 0x0f34 mrxsmb10 - ok
22:57:09.0594 0x0f34 [ 8A652A1B9BF586E973EA08404549BF7A, F890074E49C3F7E624BB5FBDCD1E5FA5C737F79DDAB99F55A081F455264ABFD9 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
22:57:09.0636 0x0f34 mrxsmb20 - ok
22:57:09.0654 0x0f34 [ 41CAFD1FAE3272E9B5DD67400ED59475, 689C8899F36D73652ADCAD6CEB2F3AC6024DDCB4619D908DA8575536978E85A6 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys
22:57:09.0691 0x0f34 MsBridge - ok
22:57:09.0731 0x0f34 [ 18919845004A5A05D69CF5EAE19D0E68, 809FC3AF3CCA004712CE3B841E08BD0D47E2A1C0B938AD68337B642D5D43B0C3 ] MSDTC C:\WINDOWS\System32\msdtc.exe
22:57:09.0757 0x0f34 MSDTC - ok
22:57:09.0781 0x0f34 [ D99C98D630C34A448A93DE552DC7DD68, B3A216B119737476182B3CD080B3466506D673ED2889C9F8C36F0E92A4657029 ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
22:57:09.0820 0x0f34 Msfs - ok
22:57:09.0845 0x0f34 [ 22FFBD5F9BCE2E970C617B95103079DC, BD431517B572EC80127881124C697434B31F016BF897382F6D2C5D0FF904C1C6 ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys
22:57:09.0862 0x0f34 msgpiowin32 - ok
22:57:09.0882 0x0f34 [ 30DA16E72C4CB4D5F06D35D0DFA16E2C, F8C4073C3AA001FD22087BEBD0CEBDFA8F0BD1965B8F3346BBAEC0E3208F927B ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys
22:57:09.0902 0x0f34 mshidkmdf - ok
22:57:09.0913 0x0f34 [ 26B1961255650B59107FC4990B2CEF34, 273E5E0DD5708BE9E188934CF1A19E63946179280F9AC149376053AD863A8239 ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys
22:57:09.0932 0x0f34 mshidumdf - ok
22:57:09.0963 0x0f34 [ BF7ABD4461576528028FB86633A7EA24, 3AF39AEA9FEAAE7D79A3691714AD700288411DC594F38A07756F149D6D7463BE ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys
22:57:09.0980 0x0f34 msisadrv - ok
22:57:10.0010 0x0f34 [ A876A975BAF66A8D209240F43AC07A07, 11B26C8004B8F191F9AF7A25C90500DAE344392561DDA9C5516FC0EAB6DDEE26 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll
22:57:10.0036 0x0f34 MSiSCSI - ok
22:57:10.0045 0x0f34 msiserver - ok
22:57:10.0074 0x0f34 [ 02238D563EDB7DFE17BF8AE12D9F3D30, 77BB0671B7B9150E15F7744B8F3D83375948694C1612198CB24D93842FE1A32B ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
22:57:10.0095 0x0f34 MsKeyboardFilter - ok
22:57:10.0113 0x0f34 [ 0B2A5AB2591D7F6E8E64A0516325F2AD, 083775925CA8B4677029B5FDF4F60F08E325CF05486FAE63D311B40C7EF3786F ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:57:10.0148 0x0f34 MSKSSRV - ok
22:57:10.0168 0x0f34 [ 2B1E1DA9C5FA25DB8DAC2F34BCF10196, AE346D5711E4EA9C6365D55411E907683147064B34192B88EEAA9E871DECE2B0 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys
22:57:10.0201 0x0f34 MsLldp - ok
22:57:10.0229 0x0f34 [ 86729EC40EB28DBBAB6A672B138B4DC5, 13F097572A8BE21EC9FA44C950F143BF0AFEEF09131DCD115B951AB5EF13BA13 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:57:10.0257 0x0f34 MSPCLOCK - ok
22:57:10.0284 0x0f34 [ 4E5FB5BD76165A81EE181A82EB665C8A, 16C50027D92F059C07CCB28FDE339C3E35DE9BF1752B0F16577845C38B77B776 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
22:57:10.0318 0x0f34 MSPQM - ok
22:57:10.0349 0x0f34 [ C90BB8C3DC3F50FBA1A668B844C84315, 4ABA28B0047B2038E881583DB0F1A6A78FAB8ACF3759ECCB7A835D7F8944CC83 ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys
22:57:10.0372 0x0f34 MsRPC - ok
22:57:10.0391 0x0f34 [ CF61A813430B7F12452BCED287135676, D5400E8C47D6441830EA48E153BDB2CC70672176B69E90D89EC3DD6D17BCFAFA ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys
22:57:10.0407 0x0f34 mssmbios - ok
22:57:10.0415 0x0f34 [ C323F63D61AD8CEC79B3CF4B8463B208, FE1E91267B1050EDF05E89B33AFBEE2F6A5912251024A2130D756DE53C93BD81 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys
22:57:10.0435 0x0f34 MSTEE - ok
22:57:10.0460 0x0f34 [ 06442D8CA4425EFF66F47D8F82493450, 82D3698938B2CA169C0564F90941423FC4F87261CCD1A214517DA95605671A32 ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys
22:57:10.0494 0x0f34 MTConfig - ok
22:57:10.0517 0x0f34 [ 6CD6189DFA649EEBFCBE81CB30030355, 7F50DD0ACDFC2AFFF1FA8BA5065B7B232C491D7AE7E67AE833BB02105AB7AF77 ] Mup C:\WINDOWS\system32\Drivers\mup.sys
22:57:10.0536 0x0f34 Mup - ok
22:57:10.0556 0x0f34 [ 8122A46E9A5EBD2E001FF5FB34A12A47, 8CC747B11E77AB0F15A7F08D48160FB66AD26C81021D25A10335ECE967A847F4 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys
22:57:10.0575 0x0f34 mvumis - ok
22:57:10.0769 0x0f34 [ 1B9C5DD538C53B26096CE534A4869533, 1666B074866FB44C76DD58D2D646A6A39BF34E1AF904BA4EF1775FC664A4D4DC ] N360 C:\Program Files\Norton 360\Engine\21.2.0.38\N360.exe
22:57:10.0800 0x0f34 N360 - ok
22:57:10.0862 0x0f34 [ E5B61DB218E01A850C7A92616E97F5EB, 26EA66D8EB058EB9CE8D2913D5A1397D26653E26AB0261119B802D8DFC11AE87 ] napagent C:\WINDOWS\system32\qagentRT.dll
22:57:11.0012 0x0f34 napagent - ok
22:57:11.0047 0x0f34 NasPmService - ok
22:57:11.0092 0x0f34 [ 5D4472322913D013C82A7048886188E1, 4032A2060C8F09032C2046652632F44BE893383BCC67D3A7001B95CD708CF43B ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys
22:57:11.0193 0x0f34 NativeWifiP - ok
22:57:11.0274 0x0f34 [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140425.001\NAVENG.SYS
22:57:11.0297 0x0f34 NAVENG - ok
22:57:11.0424 0x0f34 [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15 C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140425.001\NAVEX15.SYS
22:57:11.0543 0x0f34 NAVEX15 - ok
22:57:11.0592 0x0f34 [ 54C905054922B43A91521D075E34024B, 4B2DF68DF11B26D2A224930CE2B8FAF40B19D960BCFDF5D523B52A82125B487A ] NcaSvc C:\WINDOWS\System32\ncasvc.dll
22:57:11.0636 0x0f34 NcaSvc - ok
22:57:11.0661 0x0f34 [ F81A77CF6B0C9513AC20A24DD2997E26, 756818D6DEB6B7D036C2BF6B442EC8C435F9FB3E384E109FCCD9740F7651B3AB ] NcbService C:\WINDOWS\System32\ncbservice.dll
22:57:11.0735 0x0f34 NcbService - ok
22:57:11.0756 0x0f34 [ 10A61CCF540D1E2260D3AE76377810F5, DFF0F1EAF03518220500C70BCC52286CA599EA2E00D3AB97D88D9BF15F1E26AD ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll
22:57:11.0863 0x0f34 NcdAutoSetup - ok
22:57:11.0939 0x0f34 [ 14F983A265A9A84B13C8F03F1BE639B0, CA2C7BE7C998F14B7EF5EE20C170E1144DDD0098E9EEDAFDBD9E3B592EB586A0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys
22:57:12.0014 0x0f34 NDIS - ok
22:57:12.0055 0x0f34 [ 9FA562E35A0263FBD01D44559224D46B, 9C8CBDDFA09EA86B025BD7F04F63C5517296FF7EDAC9E87C096766054C448F1E ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys
22:57:12.0079 0x0f34 NdisCap - ok
22:57:12.0096 0x0f34 [ E0E3F52E028D5AEB0AAEA4DEBFE5F696, 7CDA2500C3440B8A5EF0C4D64DB27E91A08A1D143CA6FA6568E5C7FBBD277B02 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
22:57:12.0136 0x0f34 NdisImPlatform - ok
22:57:12.0158 0x0f34 [ BD856EB36898EFA1B11346996ECA764C, 52CF7CC4DEB3CC0F3B09E8A4D83E20538765C44DD04FE0746BD17B09C67AC78C ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:57:12.0180 0x0f34 NdisTapi - ok
22:57:12.0205 0x0f34 [ 1D34650E97E74DF51BD86E0A102DB241, B4B6A2C073348C3829E5CD0565A0B44CA6A0AD05E3744767FA8D89134ED8002E ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:57:12.0243 0x0f34 Ndisuio - ok
22:57:12.0278 0x0f34 [ 53D21FFC20728406A20BCCF145DC2AD4, 116B06A3827C6EB584C8DC13FE2554EFC1CE5A96BA298C4C7766B700E56C282F ] NdisVirtualBus C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
22:57:12.0324 0x0f34 NdisVirtualBus - ok
22:57:12.0353 0x0f34 [ 11312D35028616E585DCF02AFAFA56DC, E7B0503FAA2B93F6751FD792D2F424B40E2F9A20D9E827253563B916A1CFAC06 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:57:12.0402 0x0f34 NdisWan - ok
22:57:12.0442 0x0f34 [ 11312D35028616E585DCF02AFAFA56DC, E7B0503FAA2B93F6751FD792D2F424B40E2F9A20D9E827253563B916A1CFAC06 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:57:12.0468 0x0f34 NdisWanLegacy - ok
22:57:12.0487 0x0f34 [ 9F76B41778F62A7E582ADA902E8D149E, 140A62ACA0B198A23A4236AE28CD4E32D5378F4D21CBE55FD05684EEE91C1B4E ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
22:57:12.0511 0x0f34 NDProxy - ok
22:57:12.0538 0x0f34 [ C6003C8BB723B4D7FCDFB4C419D676A1, 9D2639A104D962C899CC9EBB40BF8AA6FB9E440AD5DB6861C9723BDB4B9361FE ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys
22:57:12.0579 0x0f34 Ndu - ok
22:57:12.0597 0x0f34 [ F0F2377D72E48EBCA9B9BE5F3DE3F355, 89C05AB573C0F97FD3F0C43024212A0A55BFA3698598DABFD33FC481D5D58E3C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
22:57:12.0621 0x0f34 NetBIOS - ok
22:57:12.0648 0x0f34 [ BC242922B0D08F61CF7C87FD08FAFA8B, D9E96D9C01FD9FFF80C60E76950B31E5D010EDE1A6CF0E4B5A85BD5E7A5DB715 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
22:57:12.0675 0x0f34 NetBT - ok
22:57:12.0694 0x0f34 [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] Netlogon C:\WINDOWS\system32\lsass.exe
22:57:12.0713 0x0f34 Netlogon - ok
22:57:12.0757 0x0f34 [ B587D8BBD8FB55FEA7C6CCE86D98DDA7, AC0EFCECF14B680A260D32BA13AA29E94663171E6EE2B9E1F3BD6BFD7997FE3D ] Netman C:\WINDOWS\System32\netman.dll
22:57:12.0802 0x0f34 Netman - ok
22:57:12.0855 0x0f34 [ 9C005769C00F380DBEB33C0164BBB7F8, C67498DBB6EB1B71CCA11E29D5CFDE77748201A3B3AB68770E43B82F221FCEC6 ] netprofm C:\WINDOWS\System32\netprofmsvc.dll
22:57:12.0902 0x0f34 netprofm - ok
22:57:13.0009 0x0f34 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:57:13.0032 0x0f34 NetTcpPortSharing - ok
22:57:13.0053 0x0f34 [ 6A90783186DA0F93D21C805F6FAFD9CE, EABCD828F1BB745E80AA6B8FDCD32BD644F63FDD724809D8B94CBB90EE16F48E ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys
22:57:13.0087 0x0f34 netvsc - ok
22:57:13.0121 0x0f34 [ 6DF13740F8E98AD840B13D056CA86511, 08C2491C82E1733C4317E565298BD8C19508F415A9B544044D57CC1C3E596590 ] NlaSvc C:\WINDOWS\System32\nlasvc.dll
22:57:13.0164 0x0f34 NlaSvc - ok
22:57:13.0182 0x0f34 [ 6CB2336E1C247A8164ADFF8A0D2FBCA4, 2EEE5E0754E01615D56EA9FC3A76195B3A9B7E32536F67C9394B452FC64697CD ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
22:57:13.0204 0x0f34 Npfs - ok
22:57:13.0242 0x0f34 [ 1B134DECC25E59D0C8AD95B64D475297, 7656D18FF1BBC83900109039F78DBC156A8E651638DBE3C6A6189408A0DF4511 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys
22:57:13.0273 0x0f34 npsvctrig - ok
22:57:13.0289 0x0f34 [ 4763A0EC9B205B32E1194024E50F0C32, 10DCC2099B971661045F9D9224316E7D72D96E0DB642DC65FA8FA546CEE98FC8 ] nsi C:\WINDOWS\system32\nsisvc.dll
22:57:13.0331 0x0f34 nsi - ok
22:57:13.0352 0x0f34 [ 3D383D0C64FFC3D3DDE2ED4EF828CFAB, 3F24F3E1874C5B1A1426C85D531580A30073CFCFA180DAFAD655BC6BC58428A5 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys
22:57:13.0388 0x0f34 nsiproxy - ok
22:57:13.0525 0x0f34 [ BAFDB3519A9D1A6A0665A70696BA98D5, FA7F861139C4805F6D59D397D7AEBC69DEA96AFBACA4466336343EC5873A7B6B ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
22:57:13.0661 0x0f34 Ntfs - ok
22:57:13.0681 0x0f34 [ C68CBBB69A8C611EFA668FA36DE542D9, 2026BA1505619F62DBD06B293DD061A53B824FFD962D18B89297353F48D88017 ] Null C:\WINDOWS\system32\drivers\Null.sys
22:57:13.0728 0x0f34 Null - ok
22:57:13.0760 0x0f34 [ CE9BC6B9B2D5A9782B20B8EF1D48FC6E, D91145F57A4E2A6F03523C215B211BB5B431D29D3B8E0D15685967A01EC33D95 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys
22:57:13.0780 0x0f34 nvraid - ok
22:57:13.0809 0x0f34 [ 8BC42FC48C9DB301025D7A5C6B20ECD9, 97A79CB628F1F806E7874CEAA3B9232DC56C2171AD1A50C07FE8246E3799C013 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys
22:57:13.0836 0x0f34 nvstor - ok
22:57:13.0861 0x0f34 [ 5FC39F8B065128F2A59F92EE9AE3F286, 0BDA69197BAD4151DF895E3869E310D1E1C513332C0BADDF99D4C40E02232F46 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys
22:57:13.0881 0x0f34 nv_agp - ok
22:57:13.0930 0x0f34 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:57:13.0947 0x0f34 ose - ok
22:57:14.0226 0x0f34 [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:57:14.0485 0x0f34 osppsvc - ok
22:57:14.0572 0x0f34 [ 51B0BA395EE58B2088F03162B3D3208C, 1F6676D168D18727061B756C333C2BA0F0489F5CCA3942984885E70FEE209599 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll
22:57:14.0647 0x0f34 p2pimsvc - ok
22:57:14.0694 0x0f34 [ 2F3FD70DBD4CA80C20E0354E1B71FCF2, 66B31A2FC594C9B61806A550E5D28AD9EEAE220D6FBB684A64AAEF9468BBE403 ] p2psvc C:\WINDOWS\system32\p2psvc.dll
22:57:14.0764 0x0f34 p2psvc - ok
22:57:14.0806 0x0f34 [ 4F30970F15ADCC382544B31D5D7E368E, F8A66D12796887A60015466A6EC1932EE9F63C5C7F83E1F0E65D338D23F89602 ] Parport C:\WINDOWS\System32\drivers\parport.sys
22:57:14.0843 0x0f34 Parport - ok
22:57:14.0869 0x0f34 [ C503DA12698E7F775F8252F7A6FEA47F, F85664D23549B6485A6CDEFDC9362A13A688EBB8998F7A1A4AEE6E95C0EB3229 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys
22:57:14.0888 0x0f34 partmgr - ok
22:57:14.0904 0x0f34 [ 60450D9CA16603770DFCA15E68D8EAD3, 37DAC10DC550D0A1A2F44A95E9C4E0EDE69E29F6162C4C17BD356E6FAF10D9F6 ] Parvdm C:\WINDOWS\System32\drivers\parvdm.sys
22:57:14.0925 0x0f34 Parvdm - ok
22:57:14.0994 0x0f34 [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
22:57:15.0034 0x0f34 PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
22:57:16.0056 0x0f34 Detect skipped due to KSN trusted
22:57:16.0057 0x0f34 PassThru Service - ok
22:57:16.0137 0x0f34 [ 81F10577DBE53F1F6990280D1926DAC9, 9FC674CADAC6DCD40F8AD9891199B8ADF7873667377BA12F67EB9EF2156A5561 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll
22:57:16.0196 0x0f34 PcaSvc - ok
22:57:16.0250 0x0f34 [ 8F8DB22F78C74514A42A51211DAE24E9, BA32DAC0784D2634065303F3703A383F3B0A2FA0CE2C2B32A6D29336ED4AE13F ] pci C:\WINDOWS\system32\drivers\pci.sys
22:57:16.0289 0x0f34 pci - ok
22:57:16.0322 0x0f34 [ 05C7426981598F0E45824BC912D5177B, 46559C2A0EF523E89AAAB0670700263A2D5580D8A35BBA5404BB4E2BFBA29B4F ] pciide C:\WINDOWS\system32\drivers\pciide.sys
22:57:16.0339 0x0f34 pciide - ok
22:57:16.0361 0x0f34 [ F404AA7E499C83117C7442C2C2801C03, 4E30D0B41550FECECD7957822398E0E1897B5DB12A6799B7E1119CC7626E6959 ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys
22:57:16.0382 0x0f34 pcmcia - ok
22:57:16.0406 0x0f34 [ E0F759702BBA5095CB0AE570333B194B, BC8882F24038A83487C88569EFDD1407A55FA45778E4AF630167F4B2EB927DB5 ] pcw C:\WINDOWS\system32\drivers\pcw.sys
22:57:16.0425 0x0f34 pcw - ok
22:57:16.0467 0x0f34 [ ACDB8C7FDD48AA326B6D1D681275237F, FD1116B0AB07D4959FD241432BABC2DE068EA061F46D1646AB50DEC0677C0126 ] pdc C:\WINDOWS\system32\drivers\pdc.sys
22:57:16.0493 0x0f34 pdc - ok
22:57:16.0616 0x0f34 [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files\PDF Architect\HelperService.exe
22:57:16.0673 0x0f34 PDF Architect Helper Service - ok
22:57:16.0741 0x0f34 [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files\PDF Architect\ConversionService.exe
22:57:16.0776 0x0f34 PDF Architect Service - ok
22:57:16.0849 0x0f34 [ 1A9DFE5854BD66E28178431E9C96E77D, 8731CAB4C426FC641864A868AADC33EAED00E08A2E2F9B9F31484EE3852C1D6D ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys
22:57:16.0938 0x0f34 PEAUTH - ok
22:57:17.0054 0x0f34 [ DCB79C8D79D46BF6E9B46ED7CE388D93, 52BFECDA9CB1043FB3E7E6565E3B675340D7B4F70EE2F40593947334C74581FC ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll
22:57:17.0204 0x0f34 PeerDistSvc - ok
22:57:17.0306 0x0f34 [ 685A51594574DA70A4305C7ADE6F9649, FA3C9F383DC4A89473F7EA09C3FE71C13739291883D1EF5C9746808F903503FE ] pla C:\WINDOWS\system32\pla.dll
22:57:17.0425 0x0f34 pla - ok
22:57:17.0455 0x0f34 [ 7F4B79568DD6BEC3ECC80C2AE93DC749, E21DFE1B4D3B2BF3B4C65AB5D2A875453EED66AD9958CB3FD4840EA057756474 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll
22:57:17.0484 0x0f34 PlugPlay - ok
22:57:17.0510 0x0f34 [ 7A232CD15E6DF06044C8782FC6532B58, C46D1C5ACE232592380E87E0D5D5735082A4E977AD92A06EF927BA553713D3C0 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll
22:57:17.0546 0x0f34 PNRPAutoReg - ok
22:57:17.0582 0x0f34 [ 51B0BA395EE58B2088F03162B3D3208C, 1F6676D168D18727061B756C333C2BA0F0489F5CCA3942984885E70FEE209599 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll
22:57:17.0612 0x0f34 PNRPsvc - ok
22:57:17.0658 0x0f34 [ CABCC1083EC2BD8503385080F02C1901, 6A602FD80D10EC1E68ECA1194B1A46E0CC073ACBFA8CF8C0D4BD6D539930A702 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll
22:57:17.0733 0x0f34 PolicyAgent - ok
22:57:17.0787 0x0f34 [ A35DF6D1C00783CEFA0ADC975B09BE7E, 1C137583E2669081FDA43186DFB7896BCAB3AC92B7185EE717FD5FBE28173671 ] Power C:\WINDOWS\system32\umpo.dll
22:57:17.0830 0x0f34 Power - ok
22:57:17.0864 0x0f34 [ 0F72D9FB662C37F818209D4554B200C3, 1B1099064CD812E7BDC4071872891C472482C7ACF1CDFDFDE065DA6B9413FDBA ] Printer Control C:\WINDOWS\system32\PrintCtrl.exe
22:57:17.0878 0x0f34 Printer Control - detected UnsignedFile.Multi.Generic ( 1 )
22:57:18.0882 0x0f34 Detect skipped due to KSN trusted
22:57:18.0883 0x0f34 Printer Control - ok
22:57:19.0110 0x0f34 [ 801FDB9F5F565B56C917CFEF555F2B91, 24559B1D976460D88AD727CEEBA38A8F5EB037BE0479051F76CA31A92470DA80 ] PrintNotify C:\Windows\system32\spool\drivers\W32X86\3\PrintConfig.dll
22:57:19.0410 0x0f34 PrintNotify - ok
22:57:19.0463 0x0f34 [ 0BE3706EE01AA76D1583E82AE2E680D6, 05B86010B88BA13ADE4A9A3ECDEC376D833C7FB6BAC61ACD9E3B406CF007E46E ] Processor C:\WINDOWS\System32\drivers\processr.sys
22:57:19.0485 0x0f34 Processor - ok
22:57:19.0534 0x0f34 [ 7298FC235A76EDC1D03272B24FD1B33E, FB56223F92671EA308588E81E97CBEE72CEB9B9BBCD497C523AA1D11FAB556CA ] ProfSvc C:\WINDOWS\system32\profsvc.dll
22:57:19.0598 0x0f34 ProfSvc - ok
22:57:19.0652 0x0f34 [ 9F6173E6F8E4034C008FCE29BFD4FBB2, E91251433567035F0EDA5971A8D154E9FC911222365C3BAD16DC10A5CDC38860 ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys
22:57:19.0685 0x0f34 Psched - ok
22:57:19.0712 0x0f34 [ BC63CB1761AEC25186C4E707C4A23ED4, D12F55F1445AF325A247B02B016A4F321CDDB8616D9A5432479085F3B10FE365 ] QWAVE C:\WINDOWS\system32\qwave.dll
22:57:19.0774 0x0f34 QWAVE - ok
22:57:19.0792 0x0f34 [ C619F26983C63B2BB1F6FDD6B52490E0, D35D7AF400133D6E6CE75C963285E13DABCD1F7EE46E96629EED9466DC999048 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys
22:57:19.0843 0x0f34 QWAVEdrv - ok
22:57:19.0867 0x0f34 [ 91D50E991F182B40E10E06A9D21D8779, 00F584B07BD3366D4DB6AD80A9AE6BC61572B163C74888A399DF85940D2F9A50 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:57:19.0894 0x0f34 RasAcd - ok
22:57:19.0939 0x0f34 [ 13867EC172CDA1E4278EF98F3822B5E1, BD5BF2E622F1B075758D29EEBFA779807244545E3BEFFD7A4E4AD36FD9DF4EE9 ] RasAuto C:\WINDOWS\System32\rasauto.dll
22:57:19.0984 0x0f34 RasAuto - ok
22:57:20.0030 0x0f34 [ 80812558CF8E87F248B9BA0C4825945B, 4DA89447C31A5EC8B5C21941D47EECB767673201859B72B33E3145E6D3B6DA26 ] RasMan C:\WINDOWS\System32\rasmans.dll
22:57:20.0113 0x0f34 RasMan - ok
22:57:20.0141 0x0f34 [ 1B6351227867FBD8917769479F7D84A3, E38EF2291CE47956DC1A3F0C7D98E5FF97CA1EB515267A451ED99AA22370DC8E ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:57:20.0180 0x0f34 RasPppoe - ok
22:57:20.0224 0x0f34 [ 8810FA3D36B8922B7BD1935378CD1667, 483DBA29212149D14E6EF873CF71B32A89C36E018E6F424C67699735B233858A ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:57:20.0287 0x0f34 rdbss - ok
22:57:20.0310 0x0f34 [ 4E3C895DB9831A925CAFAF9F04FE89CC, 9F518A1A046082FFDC6E171385B36EEBBE8A7C6D0234660D00A69CB327B2D869 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys
22:57:20.0357 0x0f34 rdpbus - ok
22:57:20.0369 0x0f34 [ 67E91843B0344411820A012063E876B2, BFD92EEB961BDE9AE4324F8FDB01597B5D334FAAD6990324E2839687DC3A4E0E ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys
22:57:20.0408 0x0f34 RDPDR - ok
22:57:20.0440 0x0f34 [ EA6B3264660145F588643C5B65C7C9EB, AE9B9A8D92F9CC3CCD53AA2A46521E6FF8DCF28EBD22073A4C9F427E3EF4D5B7 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
22:57:20.0460 0x0f34 RdpVideoMiniport - ok
22:57:20.0508 0x0f34 [ ED5DA057B5C00042CDF0E705C59B3CB1, 195F37E7C6D748C4190C3E55594B4E48BD87F0BE6C3F4D0F2E316F6C7696027F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys
22:57:20.0540 0x0f34 rdyboost - ok
22:57:20.0586 0x0f34 [ FE591904131230C3FB98E9F97AAABE4A, C7C108E384F2F27A9AA58DDC0CCDC63D32629E11AEC7E2FC2F1A3F609BC94390 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
22:57:20.0647 0x0f34 RemoteAccess - ok
22:57:20.0687 0x0f34 [ 148CA6950C5F9385B67F18C0584376B3, 1EC021529C15420E5E1646520FC78119236FD01FA1065FBA16672D07D53BD7CB ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
22:57:20.0732 0x0f34 RemoteRegistry - ok
22:57:20.0764 0x0f34 [ DF672613FBBCD58C38BB0BC2694BCFB0, 9B574773C7E796B7E30481F7A22D996078D5D3D295270B5BA5931A2D2F03EB4B ] rimmptsk C:\WINDOWS\System32\drivers\rimmptsk.sys
22:57:20.0796 0x0f34 rimmptsk - ok
22:57:20.0820 0x0f34 [ 9BFB54D3559F2FF7301271D29D383564, DA7F9D7432D2DD4B8FCEEB5D995E4E0A2BF6226C3A244BE4EE6BF08EF29C8687 ] rimsptsk C:\WINDOWS\System32\drivers\rimsptsk.sys
22:57:20.0851 0x0f34 rimsptsk - ok
22:57:20.0884 0x0f34 [ DCB87DA83CC1010CBC9FC4DC9E395BBC, 2123B7CAD746141C69F7DFCB4C351905C32E5B433F806EDA50074B088DC886DC ] rismxdp C:\WINDOWS\System32\drivers\rixdptsk.sys
22:57:20.0925 0x0f34 rismxdp - ok
22:57:20.0965 0x0f34 [ 67138062CED5A0E30DC42EBC087EA76C, F43FBCA3475A63145DB487C8852CB0AB7C5EB844303C7565E5F4FE238AC5E2DC ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll
22:57:20.0990 0x0f34 RpcEptMapper - ok
22:57:21.0029 0x0f34 [ 56C6CFC3375CAA49E0DAE65472FD028F, CE19E793E7ACDBCC5C8486361E14BFC86458BCC55C8E56BE31CDA442BB76FEBE ] RpcLocator C:\WINDOWS\system32\locator.exe
22:57:21.0069 0x0f34 RpcLocator - ok
22:57:21.0132 0x0f34 [ 05C0337538BEECC04FC695808EFF201C, DC32234686D38A7DD35DFE6AC9CB55F0DDAD8B463EE6B20857CC45884F00C093 ] RpcSs C:\WINDOWS\system32\rpcss.dll
22:57:21.0174 0x0f34 RpcSs - ok
22:57:21.0210 0x0f34 [ A7B0D780D365635525B8A2B10CE493C4, D27F12DAB4B6BD7BE2E72650ED5BD48790E706B290A838882C6A34123B67D70E ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys
22:57:21.0253 0x0f34 rspndr - ok
22:57:21.0275 0x0f34 [ 14FC57F255EB705ECA023FB85D70BF7B, C05CEF9583C5EC04E291F65293E843FAEFE8BA1FC6B4EC0C26789ACB39BBD5C6 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys
22:57:21.0304 0x0f34 s3cap - ok
22:57:21.0329 0x0f34 [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] SamSs C:\WINDOWS\system32\lsass.exe
22:57:21.0358 0x0f34 SamSs - ok
22:57:21.0410 0x0f34 [ 98A297A744DDF9B2E14B05E511439ABC, E1399BC222E02F5EBCB00F6A6C4FD52BFAD10F70F42063C7C8BAB55ED33D1F3A ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys
22:57:21.0432 0x0f34 sbp2port - ok
22:57:21.0472 0x0f34 [ 54F017E5C8B7B5DDEA1878F4A0CF3B9C, 91B676F4371BE1FECE630BA97C341D2B15F56939E806F26842A9997A38B700C9 ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll
22:57:21.0518 0x0f34 SCardSvr - ok
22:57:21.0539 0x0f34 [ BC673C31F2665788938F85073BEBEDEA, 90F96D1FFA9D269CA198DD79576C468204D263257F68FF0FB4DB2541AE4EA234 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll
22:57:21.0569 0x0f34 ScDeviceEnum - ok
22:57:21.0592 0x0f34 [ 631F9D546CD6D206F2D1273EFDA8B048, 2C7BBF8EA6D45D0B5456102E83B54BD126D443D7BEB8BAC8F4E4FFA5D9DCF1B0 ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys
22:57:21.0629 0x0f34 scfilter - ok
22:57:21.0711 0x0f34 [ 4318B9E84A0B869FC381F8565501D1F2, C62EC4169349378CDA56DA396F4C956BA3A297F4CAF5284F63A190DA622BE470 ] Schedule C:\WINDOWS\system32\schedsvc.dll
22:57:21.0830 0x0f34 Schedule - ok
22:57:21.0874 0x0f34 [ 8EA77992FACEB94182B9610FA4A06A68, 18AC5B03A3B7FA783596B8BD63DC01F9C36520AEA5264AFD99CD9207F538C931 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll
22:57:21.0900 0x0f34 SCPolicySvc - ok
22:57:21.0951 0x0f34 [ 83811B6DFB3154338DB07C1452F13C36, C5EA94BA28F3E10DA987B70A2BBFB5BE7708500CADC399C9CC8A4B51A125B102 ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys
22:57:21.0991 0x0f34 sdbus - ok
22:57:22.0029 0x0f34 [ 6A90C0C56CABEAA19779434BA6A9875B, 42EA31F112D555F47D02D85922DE4C8415882FC2FB6CFF408D3DD390E6A1EB08 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys
22:57:22.0062 0x0f34 sdstor - ok
22:57:22.0079 0x0f34 [ A8CC993CED4DF9710ADAABC9DA66B660, 76D64D0D762DCF05AE494749514D91D3F0FF4EC2D0A1FFEA8A5F8708832DF17C ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys
22:57:22.0102 0x0f34 secdrv - ok
22:57:22.0141 0x0f34 [ 8B3C0BDAF6CAE7DC52B38054BC2D3ADD, 15EE0827485E30442A920BAC20DFED50B2659BC14B6A56EFD6317072764DB0E1 ] seclogon C:\WINDOWS\system32\seclogon.dll
22:57:22.0182 0x0f34 seclogon - ok
22:57:22.0202 0x0f34 [ 68E8C6017442C4D2FB20032239878B4C, 24568AEF503DB6D214767E13A4C106818556E97A55932CCBF0DB332553544F0B ] SENS C:\WINDOWS\System32\sens.dll
22:57:22.0232 0x0f34 SENS - ok
22:57:22.0260 0x0f34 [ F9A0314ED1FB0318C417299841D8A235, 2E4B129101DF70B07F310CE18B482622BC0100523AA0E6AF0974AE12927AFFA5 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll
22:57:22.0318 0x0f34 SensrSvc - ok
22:57:22.0365 0x0f34 [ B9B7306D989D3B205EE9637ABB937978, 1CDEDB934381C64052AD2BF71F092D2A2CCFEC99CA1907F0B96897D0BCC12F9A ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys
22:57:22.0389 0x0f34 SerCx - ok
22:57:22.0426 0x0f34 [ 617029159ED22EF9CB3F83FE5AF968CB, 4D89F71CCBF521EA9C83EE1ADF74AC4BFB9CB03ACAE5A4812771B0E0661097B7 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys
22:57:22.0450 0x0f34 SerCx2 - ok
22:57:22.0473 0x0f34 [ DE87128CFA9AED45BC26B7422B06CE06, B6C7AB6BE6260047176FEB14838B859A3601326F2FD34E3594A7F1901DFD7E56 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys
22:57:22.0498 0x0f34 Serenum - ok
22:57:22.0527 0x0f34 [ 8C86C60A471B4E6DF644B07FD30957C4, CC15109CE20ACEB0A5E10A96051CAAEE796F1DB640C6622B81D6CB76B8C9959D ] Serial C:\WINDOWS\System32\drivers\serial.sys
22:57:22.0572 0x0f34 Serial - ok
22:57:22.0602 0x0f34 [ 83F70AC05D00530EFAE71C913AEB5F3B, BA50F3F120D5514FE17E2FFF4BDEA07CA7B46EE8EA8AB0BC890B862AA0626B84 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys
22:57:22.0634 0x0f34 sermouse - ok
22:57:22.0688 0x0f34 [ ADC071E4F65BAC3AEF4807B23438472A, D45DEAE2AA7CD1D2627C80252D0024CDD932E760FD6346C74EA60CFE0538FC24 ] SessionEnv C:\WINDOWS\system32\sessenv.dll
22:57:22.0764 0x0f34 SessionEnv - ok
22:57:22.0782 0x0f34 [ 4FC275DBBE9F48EB07418E066843058D, AF550B24A7B4EE55259D45DDECFDAB61AE0D2E4E1874E6693A62EC66AEE6096E ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys
22:57:22.0804 0x0f34 sfloppy - ok
22:57:22.0854 0x0f34 [ F17175CD44231011EC33F3F62F8A9314, EE172A54BA33340D8C0B6C8C08D67C44016F9734FD851AB7DBFB7AAB93EC8E36 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
22:57:22.0915 0x0f34 SharedAccess - ok
22:57:22.0989 0x0f34 [ EBE31F23BF3EF06EE08CE4AC4F26DC80, 64C58B6AA318C4DF2EF8E2E8EB0D13B518775AE89C5F3BC60003C1510A5A70FE ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:57:23.0051 0x0f34 ShellHWDetection - ok
22:57:23.0086 0x0f34 [ 0EFBAF5C195B78D7897701EA3084AFA8, 82E539F7697AA9A57B74EFFDA1D9D9865890EAB9EBAEE3843D3DC9C7AD2621FC ] sisagp C:\WINDOWS\system32\drivers\sisagp.sys
22:57:23.0109 0x0f34 sisagp - ok
22:57:23.0133 0x0f34 [ 447DAF85E9F4D53710636468AD9911EA, B1A3840E2A671FEE9D0F17BFFEBEE1EED04EB736A6150389A09E5B6156DF99E3 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys
22:57:23.0151 0x0f34 SiSRaid2 - ok
22:57:23.0169 0x0f34 [ 5C08041AA0DB4FE983D496D820AFACB7, 2E513D9B6FA0B27D9A2A4CD1C57AD98C1A8C50D4DAD75AC384793F3A697E671F ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys
22:57:23.0188 0x0f34 SiSRaid4 - ok
22:57:23.0230 0x0f34 [ 980D0CBAE757EEB1C9B21DEB4FA3B5F8, 5357033FAA1624549E84F6B5AB40345CD2C82353173F0FCE317EEEF0F59663F2 ] smphost C:\WINDOWS\System32\smphost.dll
22:57:23.0288 0x0f34 smphost - ok
22:57:23.0333 0x0f34 [ 4A0B28346252F1165FD6FB38B2177F18, A9D754F11DBED4DB886CAB6DEDBD4B3FB01FF5F0FA2DE226A6D8F970D9C15A3E ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe
22:57:23.0376 0x0f34 SNMPTRAP - ok
22:57:23.0427 0x0f34 [ B8175C3532D80D6747E828CDDE633D5B, D8B13E4F3725DCC33BF41FF1068870EFAF64F8F08336BB4AEE73BDF60A483516 ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys
22:57:23.0457 0x0f34 spaceport - ok
22:57:23.0478 0x0f34 [ E0A6F5DA31A1B0F3C8D8A4802F97667D, 65770A9C2442522BD122AA2036E1EDAFBCDA2D7F9661412D90DCA01A5D676D01 ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys
22:57:23.0498 0x0f34 SpbCx - ok
22:57:23.0554 0x0f34 [ B9EA3BE9957037FC5EA972621FB7EE36, 30CA80EBE2A7CC8CE5E700A53F1931DC6479A94E2ED5D4B23A312C977A344E5F ] Spooler C:\WINDOWS\System32\spoolsv.exe
22:57:23.0640 0x0f34 Spooler - ok
22:57:23.0918 0x0f34 [ B269FCFAE6A576139BBDA4E805AAEDC4, 1CD8EC94B35EBDA7161FBB6C73EECE5330F458E59B17C7D1FCD52D353ACCC8F9 ] sppsvc C:\WINDOWS\system32\sppsvc.exe
22:57:24.0322 0x0f34 sppsvc - ok
22:57:24.0632 0x0f34 [ 91C966DE2058116525748050A22C8170, EE64D29ED2C5EDE035E6BE56AE28403B42C10815A89AC08A5395DE72375AF550 ] SRTSP C:\WINDOWS\System32\Drivers\N360\1502000.026\SRTSP.SYS
22:57:24.0670 0x0f34 SRTSP - ok
22:57:24.0721 0x0f34 [ 1B6D68043F488F70E889276E1585B7AA, 574925053F0EB2DED6DA03D0720A8E1588590948DFF1E2C6DE84EA5B6856E3DB ] SRTSPX C:\WINDOWS\system32\drivers\N360\1502000.026\SRTSPX.SYS
22:57:24.0733 0x0f34 SRTSPX - ok
22:57:24.0782 0x0f34 [ 4B6B140C66BC2B095E4B1CC0AB2C1A6E, A89B2E55CF6F2CE54268E494EAB4070CC07B1935714584DC0DE2E32A9CFC4F52 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys
22:57:24.0845 0x0f34 srv - ok
22:57:24.0896 0x0f34 [ 942446A34B7DA366D7E498C51D41BDFE, 304B4B11AA5E36E3B61B130214936C8321AAC75B7FC60FA7590F2A95585A9807 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys
22:57:24.0945 0x0f34 srv2 - ok
22:57:24.0977 0x0f34 [ FA325535014E8513CA81A66F1A649B91, 360550AB003B3BF576A22D63A2DAD5FB07EDF31EF0637DBECABEF735D6E99F2F ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys
22:57:25.0019 0x0f34 srvnet - ok
22:57:25.0073 0x0f34 [ BB6EDB0257860083193CC1581AC7D485, DE2A6AA57C48D4FACF155C2FD876D5F3238A9107F8313FB3D0BF7CE34B0ED559 ] ssadbus C:\WINDOWS\System32\drivers\ssadbus.sys
22:57:25.0097 0x0f34 ssadbus - ok
22:57:25.0126 0x0f34 [ 5BCB68F7B62159C07789D3F405750623, 5363AC26FDD7114BB23F09F79541A691FF6E140C4B802F5AE284BCE5F623D5E0 ] ssadmdfl C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
22:57:25.0138 0x0f34 ssadmdfl - ok
22:57:25.0170 0x0f34 [ 1588A89F9CD9E68DE9FCC9F60FDB5C08, E2E547A0AC10DAA55029500052D89A7FB124FFBE7742F16AD41B857890AED50F ] ssadmdm C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
22:57:25.0187 0x0f34 ssadmdm - ok
22:57:25.0238 0x0f34 [ E6CE6348A4F6E06925548F62527F0F99, AD39D46311F79EDFC4F7DA2922EB95CE0F27C3A1B1642371C4E7E48F6515CB7B ] sscdbus C:\WINDOWS\System32\drivers\sscdbus.sys
22:57:25.0265 0x0f34 sscdbus - ok
22:57:25.0298 0x0f34 [ 68820F9A67F0D170A6842094EBDCD924, C1A8B53BF6804D17B30FA5CDEC0ADD0B0252D773F1AECCB687B53BB8BF7FB240 ] sscdmdfl C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
22:57:25.0311 0x0f34 sscdmdfl - ok
22:57:25.0333 0x0f34 [ 0A3B7562002C50F208FCCDEB7380B57B, D2E34E622D37B6820F185B7072F7895410F92C3C064E1419AD7FDC7E594326BB ] sscdmdm C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
22:57:25.0350 0x0f34 sscdmdm - ok
22:57:25.0407 0x0f34 [ 6CBF9EBA48E820CC19742919B2FAF67B, 87658A7D24BAFA653373C0599AC3756F1D44B77F2189B2CCA813ED4A06A9D564 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
22:57:25.0444 0x0f34 SSDPSRV - ok
22:57:25.0509 0x0f34 [ 60F21B841226BF06EA420A5322A4279E, FDC563B5AFCCFB1DDC5FB39187BCAACB2B91528426E8A198A527379CC3EB5C89 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll
22:57:25.0575 0x0f34 SstpSvc - ok
22:57:25.0623 0x0f34 [ B4489EA5810BF73778CD8BDC305109CE, E42EC87D2B8622AA25E9DAA64F98EA4129FC231BEDAD5D2ECF6DD7F19C710E07 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys
22:57:25.0640 0x0f34 stexstor - ok
22:57:25.0686 0x0f34 [ 8F96D826AFDDCDBA871BF0423F44890B, 35FBBDD5FDCB2A824D0E54D52EC8BCCAAF7B23B68FBC6067738FFDB318F41C3E ] StillCam C:\WINDOWS\system32\DRIVERS\serscan.sys
22:57:25.0720 0x0f34 StillCam - ok
22:57:25.0768 0x0f34 [ AE30DD60D851221BC26A4D6848AD78CC, 593CD0E77942472112E359A2FB156E5CD04E5003DB67B0B989DDF0C7A00089E1 ] StiSvc C:\WINDOWS\System32\wiaservc.dll
22:57:25.0879 0x0f34 StiSvc - ok
22:57:25.0901 0x0f34 [ BA47EC0DC91660274059C437DC53D82B, 49BC1483F92457F5EDA40B598CCC64F0379C49EEA1E21CA1E182F670AA6959ED ] storahci C:\WINDOWS\system32\drivers\storahci.sys
22:57:25.0928 0x0f34 storahci - ok
22:57:25.0956 0x0f34 [ FA5A48CAB745A7A8CB83ECFE26BD2A11, DBF39A5D4663DE7F8809B2E21EDD5DE4EC291F023CFFBBDEC33AD569245F8B52 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
22:57:25.0976 0x0f34 storflt - ok
22:57:26.0019 0x0f34 [ 54614BE0F68CD3E9C6DEB8E8FBD12397, 2C3CDAF70BF5165965B03A83B7161862A4D5590EEFF34B4A71281DC8DA7EA2CD ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys
22:57:26.0039 0x0f34 stornvme - ok
22:57:26.0078 0x0f34 [ 01DC138AF03B0DF86044D29BA6FA20C8, 608A1220154256AA5C1FDA43B32F852E1C277D445C1CA24E72CCE946C0A60291 ] StorSvc C:\WINDOWS\system32\storsvc.dll
22:57:26.0136 0x0f34 StorSvc - ok
22:57:26.0172 0x0f34 [ 19AC4D3BB088AA4561036B220FEB99DE, ECD0071B7229BEB1CEC80A1F302A9864E35958AB7EF659780695E80A14B9E647 ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys
22:57:26.0210 0x0f34 storvsc - ok
22:57:26.0295 0x0f34 [ 77BBD7D3F9229A4FA1F4B61D12A06762, 2500C903E1EC45D31F54CE4B4ED4F2052C55396AC4DA29D2DDBBCC347FF9F535 ] svsvc C:\WINDOWS\system32\svsvc.dll
22:57:26.0335 0x0f34 svsvc - ok
22:57:26.0343 0x0f34 [ BDD8121BEB8227A65D83C87FD4BE5AFE, 3B2C207180349752E39128316EEFA95B080333FC057E48A0F260D3224ED67B48 ] swenum C:\WINDOWS\System32\drivers\swenum.sys
22:57:26.0360 0x0f34 swenum - ok
22:57:26.0478 0x0f34 [ 2D8869F3A3DF73B201B08892E82E8EE9, 63EDCF9D646BBB294B2EC90F3367DDD05A0C68882C74DDEBE102AE6CD19511CD ] swprv C:\WINDOWS\System32\swprv.dll
22:57:26.0525 0x0f34 swprv - ok
22:57:26.0593 0x0f34 [ B54FD2CFB84FAC78D136434530461BA4, 5FEDAD9CD96B73ABA43223CAA66CFF981C09CFE188BFBEA2BE9018663A9444F0 ] SXDS10 C:\Program Files\Common Files\soft Xpansion\sxds10.exe
22:57:26.0629 0x0f34 SXDS10 - ok
22:57:26.0709 0x0f34 [ 4C3DEF736D3857570166DE5C858600F5, 45613D3F1935AFDDB1DFE3A427222A0B38430ABF15F9110A35E7C55CDADF1D43 ] SymDS C:\WINDOWS\system32\drivers\N360\1502000.026\SYMDS.SYS
22:57:26.0739 0x0f34 SymDS - ok
22:57:26.0824 0x0f34 [ B70A98F20B4180F2751CFD7656116342, F4BB1904DC4818CE012AA264A7714AA9977F06255CF857FDB3E55B0DBA3D8A9C ] SymEFA C:\WINDOWS\system32\drivers\N360\1502000.026\SYMEFA.SYS
22:57:26.0885 0x0f34 SymEFA - ok
22:57:26.0921 0x0f34 [ 02F3073C3933190DFD24BC35800172B4, 365C945ECB485455E113A4CD6B429311C29AC2D94393CEB78940C401F93D54F8 ] SymELAM C:\WINDOWS\system32\drivers\N360\1502000.026\SYMELAM.SYS
22:57:26.0938 0x0f34 SymELAM - ok
22:57:26.0979 0x0f34 [ E987A9CB539147527F56943BB34B7375, 4627C3E237549587B53CBD0D89AC2CEFF03C04F7624E2868936BCE5D70496AFD ] SymEvent C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
22:57:26.0998 0x0f34 SymEvent - ok
22:57:27.0053 0x0f34 [ E3A3CA230C7547364BB3D9DA0C301A36, 8F173DE08BAF81A7BE7F2D306DC595D60E6537D95AFE32A39E521E43C35AB629 ] SymIRON C:\WINDOWS\system32\drivers\N360\1502000.026\Ironx86.SYS
22:57:27.0073 0x0f34 SymIRON - ok
22:57:27.0152 0x0f34 [ CCD9B61DD6AB649B69143523C0D6391B, 3366F31D7683159126F197C2BDE8248462BB80098327258CE62B1034039E8FE5 ] SymNetS C:\WINDOWS\System32\Drivers\N360\1502000.026\SYMNETS.SYS
22:57:27.0201 0x0f34 SymNetS - ok
22:57:27.0644 0x0f34 [ A08AEDA37F3BC5A7E72C2D7732C26FC0, B9521CC77BB8001142C64A7D1B8480F52A4ADC0AE0A94D04578EDAE67F2BEF65 ] SysMain C:\WINDOWS\system32\sysmain.dll
22:57:27.0813 0x0f34 SysMain - ok
22:57:27.0945 0x0f34 [ F4273A2ED357007B2A98F90946174762, EBEBA946A538CCEBAAAB49F8E80169459C6B214EFFDD31CBEEE88199D2A5C51A ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
22:57:28.0029 0x0f34 SystemEventsBroker - ok
22:57:28.0203 0x0f34 [ 7EAEF49D206899909EB63014FC8DC19A, 4A806C91C14FA7348D4DD99CFC9DA56308823F8F8F112190A425E07F57E517E2 ] SystemExplorerHelpService C:\Program Files\System Explorer\service\SystemExplorerService.exe
22:57:28.0235 0x0f34 SystemExplorerHelpService - ok
22:57:28.0307 0x0f34 [ 89BAFF8F0D332009A95EA5F217C57DE1, 6BB67736A8F15A218924060FC927EBDB524305550EAAFA5EFD228228353CE1F3 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
22:57:28.0343 0x0f34 TabletInputService - ok
22:57:28.0382 0x0f34 [ 4FCDFA214133956B0DA8358D366F536B, E243B05AA9C0D2FB7FBD6774ADE2251C9A9ED6B3460956321E4388E2C0FDAE4E ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
22:57:28.0442 0x0f34 TapiSrv - ok
22:57:28.0559 0x0f34 [ 37A337C45D90B2E15D3C68C95A83FF13, 238776651F170DA4808F087514282547348F00269DAD62AD3C9F7479E572A1FF ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys
22:57:28.0756 0x0f34 Tcpip - ok
22:57:29.0081 0x0f34 [ 37A337C45D90B2E15D3C68C95A83FF13, 238776651F170DA4808F087514282547348F00269DAD62AD3C9F7479E572A1FF ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:57:29.0168 0x0f34 TCPIP6 - ok
22:57:29.0268 0x0f34 [ 31D0E1BF76AA85F5A72F4FD488C3B508, AADDDAB1B41356EDDE6BE7091BAC24345C4D0BEC4DABD2B4F50D753320A6E1AE ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys
22:57:29.0337 0x0f34 tcpipreg - ok
22:57:29.0400 0x0f34 [ DB0C184142CF9FA1746F598A16EE92B2, 27341EDDB764FE978AB0B4E6E89A9BA41E064578CCEA5AC56AA83CD99828DB93 ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys
22:57:29.0460 0x0f34 tdx - ok
22:57:29.0500 0x0f34 [ 87F4612CBEF6CD97043911BA43ABB53B, FFC4B03D5450782EAFA4E91B1F4F64B37E5ECEA3762A15768D068D80FB5F5941 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys
22:57:29.0562 0x0f34 terminpt - ok
22:57:29.0640 0x0f34 [ 7A8E1158291CF4C8D8474A2091B9BF6D, D6A8C3A92AFC26AA0F710EF51E28943EC658AD7738A5C7EE65F1D9CC3288132E ] TermService C:\WINDOWS\System32\termsrv.dll
22:57:29.0787 0x0f34 TermService - ok
22:57:29.0827 0x0f34 [ 97DDFC419054D0B0D6C5AE698F840307, 5131563E607BA121BA491434CB02E82B63AD8DFCFF30C899C971507445053D43 ] Themes C:\WINDOWS\system32\themeservice.dll
22:57:29.0906 0x0f34 Themes - ok
22:57:29.0955 0x0f34 [ 01946468EA6196F9C54A245354C1240A, 96BE9EF1D791417BFBD9AC9F24D38F128DEE409C95F25138B8CDAE3F86E17D4A ] THREADORDER C:\WINDOWS\system32\mmcss.dll
22:57:29.0987 0x0f34 THREADORDER - ok
22:57:30.0028 0x0f34 [ 63B6FF7650AD844484624541772CCEBA, ADE044BDB9FE02EBEF17F3F0542B2FBBDBFFD0570A0FF53CB754BA8FC248E4AF ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll
22:57:30.0099 0x0f34 TimeBroker - ok
22:57:30.0148 0x0f34 [ 7441A1E10500AC6229DDCE369A953929, E0C5863A7B89F86A09DBCC602907A3EF3D4511B593A9878FEF559737075FA280 ] TPM C:\WINDOWS\system32\drivers\tpm.sys
22:57:30.0169 0x0f34 TPM - ok
22:57:30.0209 0x0f34 [ AEB123A17BE77809C23DA9422505A356, F80D8A3BEB72C719DBE216061B45E00AA97D36175F4A84082A5AF12BDB5D31E0 ] TrkWks C:\WINDOWS\System32\trkwks.dll
22:57:30.0236 0x0f34 TrkWks - ok
22:57:30.0301 0x0f34 [ 37EA57301CE18BEAB54417989450D9E1, 0DAD10998F66149189E79343D880330C33856464582FC81C4F4810F4BF3C7625 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
22:57:30.0338 0x0f34 TrustedInstaller - ok
22:57:30.0362 0x0f34 [ 3E87B8167BA1CA5274DFACC4856B3FD9, ED06CD0BC2E525BC7F4467EECEF361CE4DBC456156AD1D4440FDA144B8310983 ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys
22:57:30.0431 0x0f34 TsUsbFlt - ok
22:57:30.0462 0x0f34 [ 3F6FA4385342780468C0FEE5D09BB431, DB820F8A0B8443871F0EF1817D9516FDA8A3A6C71112951B52641C318176FCD5 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys
22:57:30.0483 0x0f34 TsUsbGD - ok
22:57:30.0514 0x0f34 [ C9AF1C4C24DA2FF092B1A4548EEC5ACB, CD638FECB87AA8A6861CE248EBBD18AB42F2A71FB06446E28A7E9496968100DE ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys
22:57:30.0541 0x0f34 tunnel - ok
22:57:30.0558 0x0f34 [ 61FC1405334298EFE7D49970C5346551, 5068C5D1A8F08140A5FC2FA1122D86E146C7F10AEAF41C314EB85383E5C72560 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys
22:57:30.0578 0x0f34 uagp35 - ok
22:57:30.0598 0x0f34 [ 0E919230A74FA541CC5C2D3F917340B7, 0C960B511C1AB67C8556604EAAE994B9366F5ED90B0C4C6C44D6F88E244C4C79 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys
22:57:30.0619 0x0f34 UASPStor - ok
22:57:30.0664 0x0f34 [ BC87FFF7ACB60F25CEE11C03856D2BFD, 440854D481E170A1D0D9DB915823E87C35A2D0D2B274CA4ED56AE08646E34D31 ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys
22:57:30.0688 0x0f34 UCX01000 - ok
22:57:30.0720 0x0f34 [ 070CDA00BE4D9E4E92F5471B8D24CBD8, B8407DCBF5E878FA440EA229E2FED457C27BD53CA47EC5326F7A8917CD6AC529 ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys
22:57:30.0759 0x0f34 udfs - ok
22:57:30.0780 0x0f34 [ 31C53FFBFD9977D3F2061627A69274D2, 6B95519B26C0B588E2D8973B838E03DF658C95BBF2D5940116E4256462518E63 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys
22:57:30.0798 0x0f34 UEFI - ok
22:57:30.0851 0x0f34 [ 0424574BB406E7B793D122D0F1A198CE, 7A3084E6EE1F4FFDD7B61F4D4E1AFC9B7439BC6C3C9F358C9CFD1C1232A8E302 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe
22:57:30.0884 0x0f34 UI0Detect - ok
22:57:30.0908 0x0f34 [ 202F1C6EBA7D84F59C03E708F45A28C3, 009D0E5D342929B0489D10AA4CBE704D11C1E81CB8FE8E55B50DCF5D246A469B ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys
22:57:30.0926 0x0f34 uliagpkx - ok
22:57:30.0953 0x0f34 [ 8CB5D86BDB3890CFC4D94593935C2F4B, A1C26146D1FA78E66C878287D27BAC1E474EB7A3BC82A5FF2EF19223AAF5498A ] umbus C:\WINDOWS\System32\drivers\umbus.sys
22:57:30.0993 0x0f34 umbus - ok
22:57:31.0018 0x0f34 [ C4115675F53E9E853294C15131D5EBBC, 1E9EFBAAFDDA6BCCABAD2CA0F0D48019AFA7299A5E4D5E56ED5364F7398DFC26 ] UmPass C:\WINDOWS\System32\drivers\umpass.sys
22:57:31.0056 0x0f34 UmPass - ok
22:57:31.0104 0x0f34 [ 6843992F07DE867B29277B422F08A72B, 60588DFFDE7A20D0685BFF5FB0E94D8729CDCBC878968181BE4467EECF7FF576 ] UmRdpService C:\WINDOWS\System32\umrdp.dll
22:57:31.0158 0x0f34 UmRdpService - ok
22:57:31.0189 0x0f34 [ B9DDAEA3770B3752B6AA7191B5AA16AA, 27D8ED0F417E57E242E6758639A2FFC7E5CF43B6AB8D4A9074273CF046355FC6 ] upnphost C:\WINDOWS\System32\upnphost.dll
22:57:31.0235 0x0f34 upnphost - ok
22:57:31.0266 0x0f34 [ 8651DACA9D5A52378E6E53282E5F3F84, 8581D32DD13E2BFD7CB53F3A3BBE3B8966032641838494E13603A62F65DCE9F6 ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys
22:57:31.0290 0x0f34 usbccgp - ok
22:57:31.0332 0x0f34 [ 9D941A00FD49FBC8670EFE0B48F41994, 947643E72D70E62C42DB39762D0668FF2151ED9B12CFB5B7B62203E8C2E48332 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys
22:57:31.0374 0x0f34 usbcir - ok
22:57:31.0409 0x0f34 [ 7DCCCE20A4A92BC246E1AB04A4BB4103, 7C978E2A0AB0A19A919D7EF58FEE5CEE4BC0D74A7D866D44B2F8523A2B280937 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys
22:57:31.0430 0x0f34 usbehci - ok
22:57:31.0466 0x0f34 [ 719A4B2BA45363AC0B158F6CB4BCD295, 7A8FCA890C9992D6AB8F9448F3140C7DC92A52D35C993611F7455FF01AE8F57E ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys
22:57:31.0507 0x0f34 usbhub - ok
22:57:31.0549 0x0f34 [ 3314871104ECDA48F467057F1EEE4976, 391339FE499CBE453FC721E400C087D8858B71616598C36060CC5F6B532A5F07 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys
22:57:31.0592 0x0f34 USBHUB3 - ok
22:57:31.0611 0x0f34 [ B1E835C5F75F98B0439ED0A56B85C3E8, 427313F3847C056DBCF6CF58EE7CC5BF1F22CA73C711D1A63537F3B18FB04FBA ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys
22:57:31.0636 0x0f34 usbohci - ok
22:57:31.0659 0x0f34 [ F4FA8FC5577F5F603FD79663BD8F3005, 3D91D7312EFEEFA002C805F9A679EE50A3D8C7BF45C06A514BE5177582B156C0 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys
22:57:31.0696 0x0f34 usbprint - ok
22:57:31.0727 0x0f34 [ C76EEA7AE00350204BAA04CB2F3A9C52, 66EBBBC5E9BE5A9F934E537B0D4CDB55E9DC142F05263AAED6974AE44AE77AA6 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS
22:57:31.0748 0x0f34 USBSTOR - ok
22:57:31.0769 0x0f34 [ CCCD22C19D5CC3FC410CDB0F21D08AB9, 1B25778C02CBAC2A8D31F73A5025E858BA60597E50190038F8BABA78324F0AC7 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys
22:57:31.0789 0x0f34 usbuhci - ok
22:57:31.0814 0x0f34 [ DCEF75D41DD4FE665FA2F41F901E67AF, C946CFA766081BE2645DAA07557001EA2593686CD1E94998CA47312ABB840DB3 ] usbvideo C:\WINDOWS\System32\Drivers\usbvideo.sys
22:57:31.0841 0x0f34 usbvideo - ok
22:57:31.0889 0x0f34 [ 0CEA7C4EC8BAB5DEFC8F7198BEE03850, AB5933A4C89CF2C2975A24119DC30A122C17572D74565DE0F5C895CF29EEED06 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS
22:57:31.0920 0x0f34 USBXHCI - ok
22:57:31.0943 0x0f34 [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] VaultSvc C:\WINDOWS\system32\lsass.exe
22:57:31.0962 0x0f34 VaultSvc - ok
22:57:31.0981 0x0f34 [ 3D06B8D4A1ED1B91C8566DF7AC510AF2, 1639DA43B066D5D615133178AAB3251EF1F80B2330994C02B11122D8F1EC5C64 ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys
22:57:31.0998 0x0f34 vdrvroot - ok
22:57:32.0068 0x0f34 [ 22DF64B9DA3F480FB78C886B329A1048, 0E2708A91818313501472BAF829703EE9EB6AA019C725DA36E0A13ED432063FF ] vds C:\WINDOWS\System32\vds.exe
22:57:32.0157 0x0f34 vds - ok
22:57:32.0193 0x0f34 [ E0915FFD3BDFB98B723C46FEB8070B8A, 7D9B52E4D35E92823E3D8DE24DF8A405E23B34C84BF0E42DD04001C49C1F0EC0 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys
22:57:32.0215 0x0f34 VerifierExt - ok
22:57:32.0262 0x0f34 [ 3AF00F5A0742B10CB10F54A4D6E17D8B, B6CABE42363AC8F797594879117EF1B352BAC5612F46F0930F966F4D6A2D5222 ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys
22:57:32.0302 0x0f34 vhdmp - ok
22:57:32.0327 0x0f34 [ 33CA244E0808BBD784EA6938605FED28, 381F320300D558261C79ED62EEB187D31E3606222B9B7B24EBDD00E782F03F87 ] viaagp C:\WINDOWS\system32\drivers\viaagp.sys
22:57:32.0346 0x0f34 viaagp - ok
22:57:32.0370 0x0f34 [ EBBBCBC27D7F391188CDF4196ED80D63, 2493F56BE61DFA54138C2FFAEEB13ED40E168E345CE4B381EF7F34DEBC6152EC ] ViaC7 C:\WINDOWS\System32\drivers\viac7.sys
22:57:32.0393 0x0f34 ViaC7 - ok
22:57:32.0414 0x0f34 [ 75B08537DCF231A7B536ACE2ED8E8A35, 520D87B7AE1E351AF4C1798528D371188102F6552F2C576C40D6A2AB55B8A718 ] viaide C:\WINDOWS\system32\drivers\viaide.sys
22:57:32.0432 0x0f34 viaide - ok
22:57:32.0459 0x0f34 [ 744DBD744910FAB62EACD05F25471D61, 99ED66D0E47976F1AA8C999032E0CF1649B91ED47AFCD4AEE880F4D926CD4D80 ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys
22:57:32.0478 0x0f34 vmbus - ok
22:57:32.0498 0x0f34 [ 1F02B273254268F975612210D8CB6859, BB5EAC399CD3D7ACC5A20DB0EA4BD6DBF5D2D475A4A206E3CD1F31FBAE3C88D2 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys
22:57:32.0518 0x0f34 VMBusHID - ok
22:57:32.0566 0x0f34 [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
22:57:32.0620 0x0f34 vmicguestinterface - ok
22:57:32.0640 0x0f34 [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll
22:57:32.0672 0x0f34 vmicheartbeat - ok
22:57:32.0691 0x0f34 [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
22:57:32.0743 0x0f34 vmickvpexchange - ok
22:57:32.0763 0x0f34 [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicrdv C:\WINDOWS\System32\ICSvc.dll
22:57:32.0796 0x0f34 vmicrdv - ok
22:57:32.0819 0x0f34 [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll
22:57:32.0851 0x0f34 vmicshutdown - ok
22:57:32.0874 0x0f34 [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmictimesync C:\WINDOWS\System32\ICSvc.dll
22:57:32.0909 0x0f34 vmictimesync - ok
22:57:32.0928 0x0f34 [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicvss C:\WINDOWS\System32\ICSvc.dll
22:57:32.0960 0x0f34 vmicvss - ok
22:57:32.0983 0x0f34 [ D78640FCD9043EEFE3DDE69855A72567, 0668F913E5F3D21BC921E5344AE9D354CCAC0FB1962A74D4BE95822F7F4BC228 ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys
22:57:33.0003 0x0f34 volmgr - ok
22:57:33.0040 0x0f34 [ 57566A1F8D39071BB56AA0B083A75544, 3B63E53B05A5417084A1BC4ECB118FAC3DE4C5FA1EE30834564F670CCD79352E ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys
22:57:33.0077 0x0f34 volmgrx - ok
22:57:33.0122 0x0f34 [ 085918BF459BCB835CFC535BE7138539, 96042BB1E42FA266EECC1CDDD5F594C5A108A7C75D0BC348B89E96E1CB81C30A ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys
22:57:33.0150 0x0f34 volsnap - ok
22:57:33.0174 0x0f34 [ 10B78A2D45B1330C162FDE8FEE78F315, F3D790D2352422F335432BA50198C192F397BAAC713BAB99B577ED7C33C0348B ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys
22:57:33.0196 0x0f34 vsmraid - ok
22:57:33.0267 0x0f34 [ 62CE3778D54D324503A14EBE9DB776C6, 1DA47CD4C46EADED6439192125640BEA6EAE805591719B3EED6595A5D670C85F ] VSS C:\WINDOWS\system32\vssvc.exe
22:57:33.0347 0x0f34 VSS - ok
22:57:33.0387 0x0f34 [ 761B3F51660CD3D9F815E5C916235D0B, 64DA061674047ECC3D0A034CFCB3D926712C14599807E06194688ED7E9F8ADCA ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys
22:57:33.0415 0x0f34 VSTXRAID - ok
22:57:33.0452 0x0f34 [ 47BF83648E9FBD88A8CDB7C2A169D100, C00971C6DC1EA10FBB8D3291BF196DE45C66E234D143D08F3B9A97DDE08547FF ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys
22:57:33.0482 0x0f34 vwifibus - ok
22:57:33.0505 0x0f34 [ EE26ACF159A7460894044A0CCDD11256, 8AB8F88C829C8A95EB168EB410C16865E55B91C332B2B80E045A4EB91B41449B ] vwififlt C:\WINDOWS\system32\DRIVERS\vwififlt.sys
22:57:33.0530 0x0f34 vwififlt - ok
22:57:33.0542 0x0f34 [ 9A1A48766FFA9239A93B75C0DE2B2067, F8AFE8926727B199203BEE2A074824B2655AB19CC1C2573B986D64E36A4FCC7B ] vwifimp C:\WINDOWS\system32\DRIVERS\vwifimp.sys
22:57:33.0566 0x0f34 vwifimp - ok
22:57:33.0614 0x0f34 [ 6300EDA4700C9BEEA42867D4F0A1F9E5, 8258ECE4E8B2A989F392B2E69AFE54BB3F444753ACE7E7990307EBCA143B6868 ] W32Time C:\WINDOWS\system32\w32time.dll
22:57:33.0657 0x0f34 W32Time - ok
22:57:33.0676 0x0f34 [ 67B211F7AB2D49C6403E7FD970421806, B81E270723397450A9689F7EE9D014F2623FC90A5051D671484F141DC116D5CF ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys
22:57:33.0700 0x0f34 WacomPen - ok
22:57:33.0778 0x0f34 [ A3A21FF9BE9C183F1AF9B538B9D37DD1, F959E22580425BF9C0FE9C72776EFF1934575021DFDBD1834E6BB881D3BA4A97 ] wbengine C:\WINDOWS\system32\wbengine.exe
22:57:33.0900 0x0f34 wbengine - ok
22:57:33.0950 0x0f34 [ CE81100317C426F778651FD1D5C16492, 91CE2B6C43632D48859B9961F6CAF3F519D06C3A13FF23E906E1ED93DEB896B2 ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll
22:57:33.0981 0x0f34 WbioSrvc - ok
22:57:34.0044 0x0f34 [ 30DBF746D895BC3A6EC4CF55B81A8A81, 3CED8ED3D260A2F95B956CE0B962C5F6D90BADAB489C8B9724016E4DBEBF7662 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll
22:57:34.0092 0x0f34 Wcmsvc - ok
22:57:34.0184 0x0f34 [ 531A627D02CAEC304B30A1EBDE99DADE, 410B2FEB23333861E61107C64F628FAA0A3FC8C62C17D4F5854EC891D8D83516 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll
22:57:34.0255 0x0f34 wcncsvc - ok
22:57:34.0275 0x0f34 [ 69059CD0ABD70C3884117652E3B70431, 8568210E62C827C43377C09F40974628FF25CFD35A45EA4D4E3FDD5884F91617 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
22:57:34.0318 0x0f34 WcsPlugInService - ok
22:57:34.0354 0x0f34 [ 33058AB3DFD2939E54F984A757983A71, E2D449B8B274A63C802D6E2702C5AA37EAD510D349E290BA9288C24743D236D6 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys
22:57:34.0371 0x0f34 WdBoot - ok
22:57:34.0439 0x0f34 [ C49F1B047C2080FC5AA662A769887631, 55BC1C77250B0B2AF2B81120DDBE41C25B875FCD72040A529D1BA88D5BFD5E7F ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys
22:57:34.0491 0x0f34 Wdf01000 - ok
22:57:34.0513 0x0f34 [ 594DD2B67D8B37A9F8A28C234D6D8804, 2CB861EE3DD34BCE2E5F1FF0DD67FF2AB411DC55C586E8306849673BF63FD8B1 ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys
22:57:34.0537 0x0f34 WdFilter - ok
22:57:34.0555 0x0f34 [ DACD90541CBF7DE095801B05ABB4F355, 2CB55E01DE3603DFA91CB151C7EE4E978EB3DD0F818BDC8277D3C9407751F7B5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll
22:57:34.0598 0x0f34 WdiServiceHost - ok
22:57:34.0605 0x0f34 [ DACD90541CBF7DE095801B05ABB4F355, 2CB55E01DE3603DFA91CB151C7EE4E978EB3DD0F818BDC8277D3C9407751F7B5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll
22:57:34.0639 0x0f34 WdiSystemHost - ok
22:57:34.0665 0x0f34 [ 08CDD386E83107B957FBB0AEEE082F83, BFDDA38663DC08B7C377214A1CFA58AB2094FEDB84B032F6831D05AC89116CBF ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys
22:57:34.0685 0x0f34 WdNisDrv - ok
22:57:34.0758 0x0f34 [ 2F8EA381E46DCAF5B32E2669ED7DD2DC, 6583BC7AA7C375C0B30E7AD22F9EBD95FDECE09FC50E2FCB1154DA53E1C5D99A ] WdNisSvc C:\Program Files\Windows Defender\NisSrv.exe
22:57:34.0798 0x0f34 WdNisSvc - ok
22:57:34.0824 0x0f34 [ 0C82E61095A8E801FA580B04C304A0EC, 12C0F7D6701A9A5D9184A5260E0474B05E91FF53F4B3B4E15922CE3DE85E3AB1 ] WebClient C:\WINDOWS\System32\webclnt.dll
22:57:34.0875 0x0f34 WebClient - ok
22:57:34.0905 0x0f34 [ 03EA9E300DCDF78E8A92625F0BA1CCB2, B8C73C05D2955400800B5D36DC20E8973F75411E32CCD8B2CFA03B6283A50A44 ] Wecsvc C:\WINDOWS\system32\wecsvc.dll
22:57:34.0947 0x0f34 Wecsvc - ok
22:57:34.0968 0x0f34 [ E4016FA4757738263BD714190FB26BA6, C5B121ED9EFFC5C040CF5F658AF9CC63A6FFEDC4C62F7D28D6B474632DC0178B ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll
22:57:34.0994 0x0f34 WEPHOSTSVC - ok
22:57:35.0036 0x0f34 [ B83AC02F1FF0137AB3CB2B5B1AC801DA, 6F871E9A8EAA979D3624FDD3088DD37C3411BFBB43A8FFF75B39DF07B1A95D05 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll
22:57:35.0089 0x0f34 wercplsupport - ok
22:57:35.0132 0x0f34 [ 7EC47083E7470A4BC538FA1EBE60BF58, 4AF817DAB7192182D0A782EA058E3916D22A44C6AB9F89371E1327E8D27C379A ] WerSvc C:\WINDOWS\System32\WerSvc.dll
22:57:35.0173 0x0f34 WerSvc - ok
22:57:35.0207 0x0f34 [ CBF73734B883C712BC07796708FCB0CD, 8DA54162866A71E7CEE188A49400964100E58D194B21F86821B01407C4334CA6 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
22:57:35.0225 0x0f34 WFPLWFS - ok
22:57:35.0250 0x0f34 [ 5876A572A52FA14CEE2F11D7A71ABA2D, 159883D0F10FE6FA05DAB56B598C12000BC25B977329E81BD67DE329B80F79B4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll
22:57:35.0292 0x0f34 WiaRpc - ok
22:57:35.0311 0x0f34 [ A4A63DD4E1B72B8C8189AD3F09914AF0, 9B9773C8FB84A224FA6A48D93D46ACE2761E3AC123544C86B50D3895C8A39B41 ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys
22:57:35.0329 0x0f34 WIMMount - ok
22:57:35.0360 0x0f34 [ 7A291131D7EEE12DDD8F478CA1454E5F, 7A45671708C7784389CBC64562C90AD4D48FEB2833302F2C42A79FC7DA7BE10E ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
22:57:35.0377 0x0f34 WinDefend - ok
22:57:35.0467 0x0f34 [ 984B3226C7A4CFC9FE91D7BACA133D8D, B8058FC049217DE89F13730425207C19B1967194F3BE3C8CAE2F8AA3BD932721 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
22:57:35.0519 0x0f34 WinHttpAutoProxySvc - ok
22:57:35.0593 0x0f34 [ D08485FAEA1C3505A22FB5C1EBEBC062, 7377B0FE90C60A67789A12FEBBA7FD38C2580BB09F406CED3DD2E1F5EEF123CC ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
22:57:35.0633 0x0f34 winmgmt - ok
22:57:35.0742 0x0f34 [ 5B8D7F29CA815E6DB156DF9853F0472D, 8E343EC8241C146F7ECB85361BF1AD78C718552B42115A6EE1577B7959901F3D ] WinRM C:\WINDOWS\system32\WsmSvc.dll
22:57:35.0881 0x0f34 WinRM - ok
22:57:35.0938 0x0f34 [ 7683DEBE4329EF289BC2B1FC709ED629, F4353FF4E52457058FAE64B9EBAE59563D1E60E8D4CC2C1EF04CC4C3E9C03C78 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys
22:57:35.0981 0x0f34 WinUsb - ok
22:57:36.0068 0x0f34 [ A7C993F86BE5AF035DE06DF9160D7008, 9890293AD584C846C5F2444BEF8E6130C6EE450EFF0387FCECDE056CD7D0C02C ] WiseBootAssistant C:\Program Files\Wise\Wise Care 365\BootTime.exe
22:57:36.0114 0x0f34 WiseBootAssistant - ok
22:57:36.0190 0x0f34 [ 28E0A4DBB0C86BA72C4B4E68EAAE37B7, 19CF8D5B426D4AEED58F9D7D27873C956A265147C769878BB3B27551329E4F76 ] WlanSvc C:\WINDOWS\System32\wlansvc.dll
22:57:36.0278 0x0f34 WlanSvc - ok
22:57:36.0358 0x0f34 [ 8885B2E1A62EC9C6BA7C6CDEEBF0C6E4, AF543870A8DAEA095E8543B32E5628C4F0F47034EF8764F85D0FCF29ABE33782 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll
22:57:36.0435 0x0f34 wlidsvc - ok
22:57:36.0467 0x0f34 [ AF01C55490366930DFAF1D3655C763BD, 59081AC6B83E0A4A376A62417458C520ABA7DB4FB1AEEEC4C45FC8C0AF61FC20 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys
22:57:36.0499 0x0f34 WmiAcpi - ok
22:57:36.0551 0x0f34 [ 57D8CE143395C99E185EA7D753F5C04F, 5778CD5B6EF11071C728416192353C3143C7E875AA8555E1F2CDB26F5B0FA08A ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe
22:57:36.0577 0x0f34 wmiApSrv - ok
22:57:36.0657 0x0f34 [ A511D963C744DD2C86FFF20ADEEE49F9, D3DB5ADF7C32706FC386C608E73F93D03DA4CFDB0B5F80B1C35B30348B76CC31 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
22:57:36.0722 0x0f34 WMPNetworkSvc - ok
22:57:36.0819 0x0f34 [ DB3F0877E5C225693A131AE82C262957, BEE887EC134F7A27120915F709670FBDC9223E70EA928A0FDC4284FBDFD65ADB ] Wof C:\WINDOWS\system32\drivers\Wof.sys
22:57:36.0855 0x0f34 Wof - ok
22:57:36.0962 0x0f34 [ 13CA3725B92CD7B98237E0F173A0F8C3, 6DC5EABE02018A9A4830578723D2FEB8E3D75526422B1C98BA8C1D01F8FC8EB6 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll
22:57:37.0144 0x0f34 workfolderssvc - ok
22:57:37.0193 0x0f34 [ 9002F15F0CD7CF6AFEFB0B7818AD1A42, 89F156792D9E9FB5C171D6C46F2E782DC36347DCE651FC972F0491D8EC6050B7 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
22:57:37.0211 0x0f34 wpcfltr - ok
22:57:37.0246 0x0f34 [ D7C14B416FC4F76A596A01A76FC5F873, 15D6D10186173F6CEFED503AC061F74F85A0C92B8C0D44684FF57B878AB96D5B ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll
22:57:37.0289 0x0f34 WPCSvc - ok
22:57:37.0306 0x0f34 [ 942AA793A262EB8A6A94DB087D29E744, D52AE53AE985F527657CB22F202AE3007E319B22AA89BA2CDEBDC529A18CFB2D ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll
22:57:37.0339 0x0f34 WPDBusEnum - ok
22:57:37.0373 0x0f34 [ 6D8FA63A8C9765A853264D3977EECC19, F8172DA54DC417E9DA812469A3CD677932F82CCA676DB09187E5A201660D1E83 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys
22:57:37.0389 0x0f34 WpdUpFltr - ok
22:57:37.0431 0x0f34 [ 12BCBE7CA69586AF483C86255739793F, 25714CD7ED802C70AD3580E2C26150392EA452BA355EB3426170B94ABEDDC172 ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:57:37.0470 0x0f34 ws2ifsl - ok
22:57:37.0511 0x0f34 [ 4ACEA6CEDDC18DE41D9D59EFA5095A59, 6612FFF2E9BF04B05E1F0E3AEE9865359AB786E0AE48D834AA9DCF00CACA4102 ] wscsvc C:\WINDOWS\System32\wscsvc.dll
22:57:37.0546 0x0f34 wscsvc - ok
22:57:37.0571 0x0f34 [ D6CC95C9AB741215C54B231043045D0A, 61112A6BF8C93C0240B87B0CDC615B924219C435C803F9CF5FB5BEBB3A62991C ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys
22:57:37.0607 0x0f34 WSDPrintDevice - ok
22:57:37.0642 0x0f34 [ 66040C953845533DDACA721E2900C226, 03A60C5951A1FC0169E64C399000ACD2DD5CCCA0427726B798EF1A587844A329 ] WSDScan C:\WINDOWS\System32\drivers\WSDScan.sys
22:57:37.0679 0x0f34 WSDScan - ok
22:57:37.0686 0x0f34 WSearch - ok
22:57:37.0857 0x0f34 [ 2535EE24CC1BB639A7639B4CA5BDE7C5, B855B693D413144CA26286CE49825F608870AE23DEAC641DAFD693F5F70D9ECB ] WSService C:\WINDOWS\System32\WSService.dll
22:57:37.0998 0x0f34 WSService - ok
22:57:38.0179 0x0f34 [ 1D09DC9C73398BF32BD308DDFF9B507B, 9581B66143A9D782380865F623E44398F4EEEDA4A4E9C669FAF25AEA18D4C164 ] wuauserv C:\WINDOWS\system32\wuaueng.dll
22:57:38.0336 0x0f34 wuauserv - ok
22:57:38.0386 0x0f34 [ 99EAF7E92720AF13D2CBBC7B0E2E4162, A78EA57231A9D4DAD99FBFE4E4A421C78629B90D35D98C21F088B77DCD60DA86 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys
22:57:38.0424 0x0f34 WudfPf - ok
22:57:38.0455 0x0f34 [ AF04004069C5525E2E88A5476B385223, DC88F507CD786B02F87CB2A0140BCE4BAB75994132A8604E8B107586CE90D192 ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys
22:57:38.0495 0x0f34 WUDFRd - ok
22:57:38.0544 0x0f34 [ 47575E783D399C38E9200DD73A712443, BFA635FC6927BABA46F6E11C1A99A952CC5C0A9090FE1550A7847CA728AA570C ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll
22:57:38.0569 0x0f34 wudfsvc - ok
22:57:38.0600 0x0f34 [ AF04004069C5525E2E88A5476B385223, DC88F507CD786B02F87CB2A0140BCE4BAB75994132A8604E8B107586CE90D192 ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:57:38.0625 0x0f34 WUDFWpdFs - ok
22:57:38.0635 0x0f34 [ AF04004069C5525E2E88A5476B385223, DC88F507CD786B02F87CB2A0140BCE4BAB75994132A8604E8B107586CE90D192 ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:57:38.0661 0x0f34 WUDFWpdMtp - ok
22:57:38.0700 0x0f34 [ 0D3C738EC8FF12C8B69925229949ED05, 5E7A28F35D83B29925CAA663E12DF970961C10AD5887997E543D1C0ADA11345B ] WwanSvc C:\WINDOWS\System32\wwansvc.dll
22:57:38.0775 0x0f34 WwanSvc - ok
22:57:38.0802 0x0f34 楗敳潂瑯獁楳瑳湡t - ok
22:57:38.0999 0x0f34 ================ Scan global ===============================
22:57:39.0046 0x0f34 [ BEC87D938F9B07206DC39535D99F6771, F29468A3BE54CDA8EE7DBEFCC5CB2322D81C1E2B41D37EF91196CBA6DE442C2A ] C:\WINDOWS\system32\basesrv.dll
22:57:39.0083 0x0f34 [ DBD08C890F4148C2C26D2247FA36E947, 505182658C0E6DC39197BFB8D25885274B3948E548E3618796FF3AF64E626326 ] C:\WINDOWS\system32\winsrv.dll
22:57:39.0123 0x0f34 [ 9C56B7F2F68F73F735E367BBCF39D15B, D7370BE7D57A5A7EB1719241365946C35E321EF28EC640648103AA13FAA89CEA ] C:\WINDOWS\system32\sxssrv.dll
22:57:39.0164 0x0f34 [ 271DDD0B858CA6A6FF5D8CB04BE887C6, C09D2E8FCFA7C92F5C0459B6F7F519CA9F0E1942590DD576CCA6259A2E45C7E9 ] C:\WINDOWS\system32\services.exe
22:57:39.0175 0x0f34 [ Global ] - ok
22:57:39.0175 0x0f34 ================ Scan MBR ==================================
22:57:39.0188 0x0f34 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:57:39.0730 0x0f34 \Device\Harddisk0\DR0 - ok
22:57:39.0731 0x0f34 ================ Scan VBR ==================================
22:57:39.0737 0x0f34 [ 5FED2B15B84ECAF175405F3AE625AC12 ] \Device\Harddisk0\DR0\Partition1
22:57:39.0766 0x0f34 \Device\Harddisk0\DR0\Partition1 - ok
22:57:39.0792 0x0f34 [ 303D28C058713CE1676D74670EFB79BB ] \Device\Harddisk0\DR0\Partition2
22:57:39.0811 0x0f34 \Device\Harddisk0\DR0\Partition2 - ok
22:57:39.0828 0x0f34 [ 80AE5C25728E4F2C931C4903C58AB3CC ] \Device\Harddisk0\DR0\Partition3
22:57:39.0839 0x0f34 \Device\Harddisk0\DR0\Partition3 - ok
22:57:39.0865 0x0f34 [ 41CCA8098706FF5ED2629FD8C59AAE14 ] \Device\Harddisk0\DR0\Partition4
22:57:39.0885 0x0f34 \Device\Harddisk0\DR0\Partition4 - ok
22:57:39.0887 0x0f34 Waiting for KSN requests completion. In queue: 151
22:57:40.0888 0x0f34 Waiting for KSN requests completion. In queue: 151
22:57:41.0966 0x0f34 AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4563 ), 0x41000 ( enabled : updated )
22:57:42.0003 0x0f34 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x60100 ( disabled : updated )
22:57:42.0005 0x0f34 AV detected via SS2: Norton 360 Premier Edition, C:\Program Files\Norton 360\Engine\21.2.0.38\WSCStub.exe ( 21.2.0.0 ), 0x51000 ( enabled : updated )
22:57:42.0009 0x0f34 FW detected via SS2: Norton 360 Premier Edition, C:\Program Files\Norton 360\Engine\21.2.0.38\WSCStub.exe ( 21.2.0.0 ), 0x51010 ( enabled )
22:57:43.0004 0x0f34 ============================================================
22:57:43.0004 0x0f34 Scan finished
22:57:43.0004 0x0f34 ============================================================
22:57:43.0027 0x1a78 Detected object count: 0
22:57:43.0027 0x1a78 Actual detected object count: 0
Code:
ATTFilter Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org
Database version: v2014.04.25.10
Windows 8 x86 NTFS
Internet Explorer 11.0.9600.17031
JKadmin :: JK-LAPTOP [administrator]
25.04.2014 21:28:38
mbar-log-2014-04-25 (21-28-38).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 346041
Time elapsed: 1 hour(s), 22 minute(s), 6 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
|
|
26.04.2014, 15:54
| #7 |
| /// the machine /// TB-Ausbilder | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... Schick das Log mal bitte an den AVG Support, ich denke es ist ein Fehlalarm.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
29.04.2014, 21:21
| #8 |
| | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... Hi, das hab ich getan - mir wurde vom deutschen AVG Support empfohlen die Dateien an AVG zu senden, um diese zu prüfen. Ein Fehlalarm sei möglich. Ist eine englisch sprachige seite. Das Problem: wo kann ich denn diese Dateien finden? edit: In einem anderen aktuellen Thread hier Betreff: "Abo Falle per E-Mail oder nicht, hab kein Plan" hat einer wohl diegleiche E-Mail wie ich erhalten und den Anhang geöffnet - es wäre interessant ob und wenn ja welcher Virus/Trojaner gefunden wurde? Das geht aus dem Thread auch nicht hervor.... schon komisch - vielleicht ist der so gut getarnt/neu, dass ihn noch kein Virenprogramm erkennt? Übrigens habe ich soeben eine weitere dieser E-Mails erhalten, inkl. Anhang. Habe die Mail noch nicht mal angerührt, mich würde aber sehr die Analyse des Anhangs interessieren - gibt es denn eine Möglichkeit diese Datei irgendwo hinzusenden? Es gibt ja schon einige Seiten die vor dieser Abo Mail warnen - aber keine berichtet, welche Art von Schadsoftware sich hier hinter dieser Rechnung verbigrt. Gruß free-eagle Geändert von free-eagle (29.04.2014 um 21:58 Uhr) |
|
01.05.2014, 00:07
| #9 |
| /// the machine /// TB-Ausbilder | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... Leite mir die mail mal weiter an schrauber(at)trojaner-board.de
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
01.05.2014, 20:03
| #10 |
| | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... edit: Mist, zu früh gefreut: Mail kam zurück mit Fehlermeldung: this e-mail is considered spam. Therefore, the server rejects it Konnte ich dir also leider nicht senden an o.g. E-Mail Adresse. "ok - soeben versendet. Bin sehr gespannt, was sich dahinter verbirgt. Danke." Gruß free-eagle |
|
02.05.2014, 16:45
| #11 |
| /// the machine /// TB-Ausbilder | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... Nix bekommen. Kannste die Mail als Anhang weiterleiten?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
03.05.2014, 19:46
| #12 |
| | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... Hi, habe versucht die Mail mit web.de zu speichern, aber er speichert lediglich eine HTML Mail und scheinbar nicht den Anhang.....wenn das überhaupt ne Zip ist - sind tausend "hieroglyphen" als Dateiname. Also irgendwie ist die Zusendung so schwierig - ich könnte höchstens probieren, nur den ZIP Anhang zu speichern und dir zuzusenden. Hoffe ich fange mir dann aber nicht allein durch den Speichervorgang schon was ein ? Gruß free-eagle |
|
04.05.2014, 07:52
| #13 |
| /// the machine /// TB-Ausbilder | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... Solange du das ZIP nicht öffnest passiert da nix.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
04.05.2014, 12:43
| #14 |
| | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... Hi, also beim Versuch per Outlook die Datei zu speichern ist sie plötzlich verschwunden. Das neu installierte AVG hatte angeschlagen und wortlos die Mail in den Mülleimer und einen Trojaner in Quarantäne geschoben! Dort habe ich sie gefunden mit dem Hinweis von AVG, dass der Trojaner Sheur4.BUOP sich in Quarantäne befindet. Also ist das wohl der betreffende. Kann sich dieser damals nur beim öffnen der Mail (html mail) doch geöffnet haben als AVG noch nicht installiert war ? Steht der Trojaner vielleicht in Zusammenhang mit dem Befall der Eingangs genannten Dateien? Weil noch steht ja ein Fehlalarm im bereich des möglich. Eine Zip datei (wenn es denn überhaupt je eine war) habe jedenfalls niemals geöffnet. Ist bekannt was der Trojaner anstellt? Sicherheitshalber doch Laptop platt machen? Geändert von free-eagle (04.05.2014 um 12:50 Uhr) |
|
04.05.2014, 20:07
| #15 |
| /// the machine /// TB-Ausbilder | AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... Eigentlich passiert beim reinen Öffnen der Mail erstmal nix. DU musst den Anhang schon laden und explizit öffnen/entpacken/ausführen. Wenn es denn dieser Trojaner ist, und wenn er denn je auf dem Rechner aktiv war, ausser jetzt in dem Anhang der Mail, sollte man Passwörter und Co ändern. Deine Logs sind aber alle sauber.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... |
| aufsetzen, avg, center, email, ergebnis, erwischt, fehlalarm, frage, infektion, infizierte, laptop, löschen, malwarebytes, neu, nicht löschen, norton, norton 360, parallel, plötzlich, rootkit, scanner, seltsam, systemdateien, verschwunden, virenscanner |
Linear-Darstellung
