|
Plagegeister aller Art und deren Bekämpfung: Windows 8.1 remote zugriff mit selbständiger TastatureingabeWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
12.10.2014, 01:08 | #1 |
| Windows 8.1 remote zugriff mit selbständiger Tastatureingabe Hi, vielen Dank im voraus für jede Hilfe. Ich versuche möglichst alle relevanten Informationen zu liefern. Folgendes Problem unter Windows 8.1 64bit (mit installiertem Antivir): Beim spielen von World of Warcraft plötzlich chaotisches Verhalten: wild auf und zu popende Fenster (wahrscheinlich durch das auslösen von Hotkeys) und hakelige oder selbst aktive Maus. Nach Wechsel des aktiven Tab auf Firefox und anklicken des Suchfeldes durch Nutzer erfolgt folgende Texteingabe (ohne Berührung der Tastatur): "interesse an einem irrsinnig verschmusten Kat" (langsam, wie bei Hacks in alten Filmen). Dann Pause, ziehen des Netzwerkkabels nach einigen Sekunden (kein WLAN). Kein weiteres auffälliges Verhalten. defogger und FRST ausgeführt, GMER hat sich einmal ausführen lassen, ich habe es aber wieder geschlossen um nochmal alles mit den Anweisungen abzugleichen, jetzt bringt Windows Fehlermeldung beim Startversuch von GMER (Screenshot im Anhang). Weder Reboot noch erneutes herunterladen haben etwas daran geändert. PC wird generell nur sehr sauber genutzt, kein Torrent, Per2Per, komische Downloads oder surfen in dunklen Ecken. Einzige bisher erkennbare Auffälligkeit ist wiederholte Probleme mit Zertifikaten bei einem Hoster in Thunderbird (diese müssen immer wieder (mit mehreren Wochen Abstand) neu heruntergeladen und als Ausnahmeregeln bestätigt werden), ist möglicherweise auf mangelhafte Konfiguration zurückzuführen. Formatieren und Neuinstallation des Systems ist ohne allzu großen Aufwand möglich, aber vorher würde ich gerne etwas mehr über den Vorfall erfahren. Code:
ATTFilter defogger_disable by jpshortstuff (23.02.10.1) Log created at 01:01 on 12/10/2014 (Debby) Checking for autostart values... HKCU\~\Run values retrieved. HKLM\~\Run values retrieved. Checking for services/drivers... -=E.O.F=- FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-10-2014 Ran by Debby (administrator) on SPEEDIE on 12-10-2014 01:04:33 Running from C:\Users\Debby\Downloads Loaded Profile: Debby (Available profiles: Debby) Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe (Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe (Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe (Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe (Avira Operations GmbH & Co. KG) D:\Avira\Avira\AntiVir Desktop\sched.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe (Adobe Systems Incorporated) D:\CS2.0\Adobe Version Cue CS2\bin\VersionCueCS2.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe (Advanced Micro Devices, Inc.) C:\AMD\ATI.ACE\Fuel\Fuel.Service.exe (Avira Operations GmbH & Co. KG) D:\Avira\Avira\AntiVir Desktop\avguard.exe (Microsoft Corporation) C:\Windows\System32\dasHost.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe () D:\CS2.0\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe (Avira Operations GmbH & Co. KG) D:\Avira\Avira\AntiVir Desktop\avshadow.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe (Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe (Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Skype Technologies S.A.) D:\Skype\Phone\Skype.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe (OpenOffice.org) D:\OpenOffice\program\soffice.exe (OpenOffice.org) D:\OpenOffice\program\soffice.bin (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Avira Operations GmbH & Co. KG) D:\Avira\Avira\AntiVir Desktop\avgnt.exe (CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe (Acronis) D:\Acronis\TrueImageHome\TrueImageMonitor.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe (Advanced Micro Devices Inc.) C:\AMD\ATI.ACE\Core-Static\MOM.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (ATI Technologies Inc.) C:\AMD\ATI.ACE\Core-Static\CCC.exe (Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2013-03-28] (Realtek Semiconductor) HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation) HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.) HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516928 2013-02-15] (Acronis) HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] () HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [JunosPulse] => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2103920 2012-09-19] (Juniper Networks, Inc.) HKLM-x32\...\Run: [avgnt] => D:\Avira\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-09] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.) HKLM-x32\...\Run: [TrueImageMonitor.exe] => D:\Acronis\TrueImageHome\TrueImageMonitor.exe [6421592 2013-12-13] (Acronis) HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis) HKLM-x32\...\Run: [StartCCC] => C:\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [Adobe Version Cue CS2] => d:\CS2.0\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated) HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG) HKU\S-1-5-21-3773492537-3824981863-2960111320-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4287536 2013-03-28] () HKU\S-1-5-21-3773492537-3824981863-2960111320-1001\...\Run: [Steam] => F:\Steam\steam.exe [1938624 2014-10-02] (Valve Corporation) HKU\S-1-5-21-3773492537-3824981863-2960111320-1001\...\Run: [icq] => C:\Users\Debby\AppData\Roaming\ICQM\icq.exe [28698984 2013-09-01] (ICQ) HKU\S-1-5-21-3773492537-3824981863-2960111320-1001\...\Run: [Skype] => D:\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.) Startup: C:\Users\Debby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> D:\OpenOffice\program\quickstart.exe () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x30F003899AE5CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java\bin\ssv.dll (Oracle Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{C90EB938-4E2F-4EC3-BE72-4B4CD2BB4F2C}: [NameServer] 129.13.64.5,129.13.96.2 FireFox: ======== FF ProfilePath: C:\Users\Debby\AppData\Roaming\Mozilla\Firefox\Profiles\4r115ql2.default FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll () FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> D:\Java\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @videolan.org/vlc,version=2.0.7 -> D:\VLC\npvlc.dll (VideoLAN) FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll () FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks) FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF Plugin HKCU: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) FF Extension: Avira Browser Safety - C:\Users\Debby\AppData\Roaming\Mozilla\Firefox\Profiles\4r115ql2.default\Extensions\abs@avira.com [2014-09-30] FF Extension: ColorZilla - C:\Users\Debby\AppData\Roaming\Mozilla\Firefox\Profiles\4r115ql2.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2013-03-31] FF Extension: Firebug - C:\Users\Debby\AppData\Roaming\Mozilla\Firefox\Profiles\4r115ql2.default\Extensions\firebug@software.joehewitt.com.xpi [2013-04-04] FF Extension: Adblock Plus - C:\Users\Debby\AppData\Roaming\Mozilla\Firefox\Profiles\4r115ql2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-28] FF Extension: Greasemonkey - C:\Users\Debby\AppData\Roaming\Mozilla\Firefox\Profiles\4r115ql2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-07-30] FF StartMenuInternet: FIREFOX.EXE - D:\Firefox\firefox.exe Chrome: ======= CHR Profile: C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-30] CHR Extension: (Google Drive) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-30] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-06] CHR Extension: (YouTube) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-30] CHR Extension: (Google-Suche) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-30] CHR Extension: (Avira Browser Safety) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-08] CHR Extension: (Google Wallet) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-30] CHR Extension: (Bitdefender QuickScan) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-10-11] CHR Extension: (Google Mail) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-30] ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-08] (Adobe Systems) [File not signed] R2 Adobe Version Cue CS2; d:\CS2.0\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated) [File not signed] R2 AMD FUEL Service; C:\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed] R2 AntiVirSchedulerService; D:\Avira\Avira\AntiVir Desktop\sched.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG) R2 AntiVirService; D:\Avira\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG) S4 AntiVirWebService; D:\Avira\Avira\AntiVir Desktop\avwebg7.exe [994096 2014-10-09] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG) R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation) S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation) S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation) S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [158208 2012-04-06] (Samsung Electronics) S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation) S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R1 A2DDA; D:\EMISOFTEMERGENCYKIT\BIN\a2ddax64.sys [26176 2014-10-11] (Emsisoft GmbH) S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.) R2 AODDriver4.3; C:\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) S3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare) R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG) R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43064 2014-10-09] (Avira Operations GmbH & Co. KG) R3 cleanhlp; D:\EmisoftEmergencyKit\bin\cleanhlp64.sys [57024 2014-10-11] (Emsisoft GmbH) S4 jnprTdi_731_26369; C:\Windows\system32\Drivers\jnprTdi_731_26369.sys [107896 2012-09-19] (Juniper Networks, Inc.) R3 JnprVaMgr; C:\Windows\system32\DRIVERS\jnprvamgr.sys [45352 2012-09-05] (Juniper Networks, Inc.) R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.) R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-04-08] (Acronis International GmbH) R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-04-08] (Acronis) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-12 01:04 - 2014-10-12 01:04 - 00017441 _____ () C:\Users\Debby\Downloads\FRST.txt 2014-10-12 01:04 - 2014-10-12 01:04 - 00000000 ____D () C:\FRST 2014-10-12 01:01 - 2014-10-12 01:01 - 02109952 _____ (Farbar) C:\Users\Debby\Downloads\FRST64.exe 2014-10-12 01:01 - 2014-10-12 01:01 - 00000472 _____ () C:\Users\Debby\Downloads\defogger_disable.log 2014-10-12 01:01 - 2014-10-12 01:01 - 00000000 _____ () C:\Users\Debby\defogger_reenable 2014-10-12 01:00 - 2014-10-12 01:00 - 00050477 _____ () C:\Users\Debby\Downloads\Defogger.exe 2014-10-11 23:30 - 2014-10-11 23:31 - 00000000 ___HD () C:\WINDOWS\AxInstSV 2014-10-11 23:30 - 2014-10-11 23:30 - 00000000 __SHD () C:\Users\Debby\AppData\Local\EmieUserList 2014-10-11 23:30 - 2014-10-11 23:30 - 00000000 __SHD () C:\Users\Debby\AppData\Local\EmieSiteList 2014-10-11 23:30 - 2014-10-11 23:30 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-10-11 23:28 - 2014-10-11 23:28 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Debby\Downloads\tdsskiller.exe 2014-10-11 23:03 - 2014-10-11 23:11 - 00000000 ____D () C:\Users\Debby\AppData\Roaming\QuickScan 2014-10-11 23:02 - 2014-10-11 23:02 - 00000000 _____ () C:\Users\Debby\Desktop\huhu.txt 2014-10-11 22:39 - 2014-10-11 22:39 - 00000794 _____ () C:\Users\Debby\Desktop\Start Emsisoft Emergency Kit.lnk 2014-10-02 10:17 - 2014-10-02 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-10-02 10:17 - 2014-10-02 10:17 - 00000000 ____D () C:\Program Files (x86)\Skype 2014-09-22 19:30 - 2014-09-22 19:30 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-09-19 23:20 - 2014-09-19 23:20 - 00013246 _____ () C:\Users\Debby\AppData\Local\recently-used.xbel 2014-09-14 11:39 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe 2014-09-14 11:39 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe 2014-09-14 11:39 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll 2014-09-14 11:39 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll 2014-09-14 11:39 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll 2014-09-14 11:39 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll 2014-09-14 11:39 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll 2014-09-14 11:39 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll 2014-09-14 11:39 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll 2014-09-14 11:39 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll 2014-09-14 11:39 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll 2014-09-14 11:39 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll 2014-09-14 11:39 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll 2014-09-14 11:39 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll 2014-09-14 11:39 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll 2014-09-14 11:39 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll 2014-09-14 11:39 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll 2014-09-14 11:39 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll 2014-09-14 11:38 - 2014-07-24 17:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS 2014-09-14 11:38 - 2014-07-24 17:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys 2014-09-14 11:38 - 2014-07-24 17:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys 2014-09-14 11:38 - 2014-07-24 17:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys 2014-09-14 11:38 - 2014-07-24 17:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys 2014-09-14 11:38 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe 2014-09-14 11:38 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll 2014-09-14 11:38 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll 2014-09-14 11:38 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll 2014-09-14 11:38 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe 2014-09-14 11:38 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL 2014-09-14 11:38 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe 2014-09-14 11:38 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe 2014-09-14 11:38 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys 2014-09-14 11:38 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi 2014-09-14 11:38 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe 2014-09-14 11:38 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi 2014-09-14 11:38 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe 2014-09-14 11:38 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll 2014-09-14 11:38 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll 2014-09-14 11:38 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll 2014-09-14 11:38 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll 2014-09-14 11:38 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll 2014-09-14 11:38 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll 2014-09-14 11:38 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys 2014-09-14 11:38 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys 2014-09-14 11:38 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll 2014-09-14 11:38 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL 2014-09-14 11:38 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe 2014-09-14 11:38 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll 2014-09-14 11:38 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll 2014-09-14 11:38 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll 2014-09-14 11:38 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll 2014-09-14 11:38 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll 2014-09-14 11:38 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll 2014-09-14 11:38 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL 2014-09-14 11:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL 2014-09-14 11:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL 2014-09-14 11:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL 2014-09-14 11:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL 2014-09-14 11:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL 2014-09-14 11:38 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL 2014-09-14 11:38 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll 2014-09-14 11:38 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys 2014-09-14 11:38 - 2014-07-24 13:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys 2014-09-14 11:38 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys 2014-09-14 11:38 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys 2014-09-14 11:38 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys 2014-09-14 11:38 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys 2014-09-14 11:38 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys 2014-09-14 11:38 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll 2014-09-14 11:38 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll 2014-09-14 11:38 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll 2014-09-14 11:38 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll 2014-09-14 11:38 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll 2014-09-14 11:38 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll 2014-09-14 11:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL 2014-09-14 11:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL 2014-09-14 11:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL 2014-09-14 11:38 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL 2014-09-14 11:38 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL 2014-09-14 11:38 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL 2014-09-14 11:38 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL 2014-09-14 11:38 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll 2014-09-14 11:38 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll 2014-09-14 11:38 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl 2014-09-14 11:38 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll 2014-09-14 11:38 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll 2014-09-14 11:38 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll 2014-09-14 11:38 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll 2014-09-14 11:38 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe 2014-09-14 11:38 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll 2014-09-14 11:38 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll 2014-09-14 11:38 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll 2014-09-14 11:38 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll 2014-09-14 11:38 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll 2014-09-14 11:38 - 2014-07-24 11:58 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll 2014-09-14 11:38 - 2014-07-24 11:54 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll 2014-09-14 11:38 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll 2014-09-14 11:38 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll 2014-09-14 11:38 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl 2014-09-14 11:38 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll 2014-09-14 11:38 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll 2014-09-14 11:38 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll 2014-09-14 11:38 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll 2014-09-14 11:38 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll 2014-09-14 11:38 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe 2014-09-14 11:38 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll 2014-09-14 11:38 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll 2014-09-14 11:38 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll 2014-09-14 11:38 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll 2014-09-14 11:38 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll 2014-09-14 11:38 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll 2014-09-14 11:38 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll 2014-09-14 11:38 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll 2014-09-14 11:38 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe 2014-09-14 11:38 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll 2014-09-14 11:38 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll 2014-09-14 11:38 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll 2014-09-14 11:38 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll 2014-09-14 11:38 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe 2014-09-14 11:38 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll 2014-09-14 11:38 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll 2014-09-14 11:38 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll 2014-09-14 11:38 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll 2014-09-14 11:38 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll 2014-09-14 11:38 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll 2014-09-14 11:38 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll 2014-09-14 11:38 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll 2014-09-14 11:38 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll 2014-09-14 11:38 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll 2014-09-14 11:38 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll 2014-09-14 11:38 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll 2014-09-14 11:38 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll 2014-09-14 11:38 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll 2014-09-14 11:38 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll 2014-09-14 11:38 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll 2014-09-14 11:38 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll 2014-09-14 11:38 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll 2014-09-14 11:38 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll 2014-09-14 11:38 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll 2014-09-14 11:38 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2014-09-14 11:38 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll 2014-09-14 11:38 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv 2014-09-14 11:38 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll 2014-09-14 11:38 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll 2014-09-14 11:38 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll 2014-09-14 11:38 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll 2014-09-14 11:38 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll 2014-09-14 11:38 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe 2014-09-14 11:38 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll 2014-09-14 11:38 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll 2014-09-14 11:38 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll 2014-09-14 11:38 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll 2014-09-14 11:38 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll 2014-09-14 11:38 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll 2014-09-14 11:38 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll 2014-09-14 11:38 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2014-09-14 11:38 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll 2014-09-14 11:38 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll 2014-09-14 11:38 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll 2014-09-14 11:38 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv 2014-09-14 11:38 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll 2014-09-14 11:38 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll 2014-09-14 11:38 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll 2014-09-14 11:38 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll 2014-09-14 11:38 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll 2014-09-14 11:38 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll 2014-09-14 11:38 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll 2014-09-14 11:38 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll 2014-09-14 11:38 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll 2014-09-14 11:38 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll 2014-09-14 11:38 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll 2014-09-14 11:38 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll 2014-09-14 11:38 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll 2014-09-14 11:38 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll 2014-09-14 11:38 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll 2014-09-14 11:38 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll 2014-09-14 11:38 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll 2014-09-14 11:38 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll 2014-09-14 11:38 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll 2014-09-14 11:38 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll 2014-09-14 11:38 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll 2014-09-14 11:38 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll 2014-09-14 11:38 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll 2014-09-14 11:38 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll 2014-09-14 11:38 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll 2014-09-14 11:38 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll 2014-09-14 11:38 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll 2014-09-14 11:38 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls 2014-09-14 11:38 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls 2014-09-14 11:38 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll 2014-09-14 11:38 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll 2014-09-14 11:38 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll 2014-09-14 11:38 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll 2014-09-14 11:38 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll 2014-09-14 11:38 - 2014-07-10 01:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml 2014-09-14 11:38 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys 2014-09-14 11:38 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll 2014-09-14 11:38 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll 2014-09-14 11:38 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll 2014-09-14 11:38 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll 2014-09-14 11:38 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll 2014-09-14 11:38 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll 2014-09-14 11:38 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys 2014-09-14 11:38 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll 2014-09-14 11:38 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll 2014-09-14 11:38 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys 2014-09-14 11:38 - 2014-06-19 04:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys 2014-09-14 11:38 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll 2014-09-14 11:38 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll 2014-09-14 11:38 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll 2014-09-14 11:38 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll 2014-09-14 11:38 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys 2014-09-14 11:38 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll 2014-09-14 11:38 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll 2014-09-14 11:38 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll 2014-09-14 11:38 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll 2014-09-14 11:38 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll 2014-09-14 11:38 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll 2014-09-14 11:38 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll 2014-09-14 11:38 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll 2014-09-14 11:38 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll 2014-09-14 11:38 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll 2014-09-14 11:38 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll 2014-09-14 11:38 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll 2014-09-14 11:38 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll 2014-09-14 11:38 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll 2014-09-14 11:38 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll 2014-09-14 11:38 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll 2014-09-14 11:38 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll 2014-09-14 11:32 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys 2014-09-12 00:34 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll 2014-09-12 00:34 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll 2014-09-12 00:34 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll 2014-09-12 00:34 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll 2014-09-12 00:34 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll 2014-09-12 00:34 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll 2014-09-12 00:34 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll 2014-09-12 00:34 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll 2014-09-12 00:34 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll 2014-09-12 00:34 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll 2014-09-12 00:34 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll 2014-09-12 00:34 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll 2014-09-12 00:34 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll 2014-09-12 00:34 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll 2014-09-12 00:34 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll 2014-09-12 00:34 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll 2014-09-12 00:34 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll 2014-09-12 00:34 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll 2014-09-12 00:34 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe 2014-09-12 00:34 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl 2014-09-12 00:34 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll 2014-09-12 00:34 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll 2014-09-12 00:34 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll 2014-09-12 00:34 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll 2014-09-12 00:34 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll 2014-09-12 00:34 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll 2014-09-12 00:34 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll 2014-09-12 00:34 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll 2014-09-12 00:34 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl 2014-09-12 00:34 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll 2014-09-12 00:34 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll 2014-09-12 00:34 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll 2014-09-12 00:34 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll 2014-09-12 00:34 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll 2014-09-12 00:34 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-12 01:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru 2014-10-12 01:01 - 2014-01-08 16:38 - 00000000 ____D () C:\Users\Debby 2014-10-12 00:55 - 2014-07-30 12:50 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-12 00:52 - 2013-04-18 13:16 - 00000000 ____D () C:\Users\Debby\AppData\Roaming\Skype 2014-10-11 23:42 - 2013-03-28 09:00 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3773492537-3824981863-2960111320-1001 2014-10-11 23:16 - 2013-11-14 09:26 - 01898206 _____ () C:\WINDOWS\system32\PerfStringBackup.INI 2014-10-11 23:16 - 2013-11-14 09:11 - 00809718 _____ () C:\WINDOWS\system32\perfh007.dat 2014-10-11 23:16 - 2013-11-14 09:11 - 00178660 _____ () C:\WINDOWS\system32\perfc007.dat 2014-10-11 23:12 - 2014-07-30 12:50 - 00002202 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-10-11 23:11 - 2014-07-30 12:50 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-11 23:11 - 2014-01-08 16:58 - 00000000 __RDO () C:\Users\Debby\SkyDrive 2014-10-11 23:10 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT 2014-10-11 23:01 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI 2014-10-11 22:58 - 2013-11-14 00:18 - 00111454 _____ () C:\WINDOWS\PFRO.log 2014-10-11 22:37 - 2013-08-22 16:46 - 00308322 _____ () C:\WINDOWS\setupact.log 2014-10-11 22:25 - 2014-01-18 18:26 - 00000000 ____D () C:\Users\Debby\AppData\Local\Battle.net 2014-10-11 17:35 - 2014-01-08 16:43 - 01544661 _____ () C:\WINDOWS\WindowsUpdate.log 2014-10-11 17:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness 2014-10-09 10:53 - 2014-01-11 23:24 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys 2014-10-09 10:53 - 2014-01-11 23:24 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys 2014-10-09 10:53 - 2014-01-11 23:24 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys 2014-10-05 23:55 - 2013-03-29 21:30 - 00000000 ____D () C:\Users\Debby\AppData\Roaming\TS3Client 2014-10-02 10:17 - 2014-03-08 21:58 - 00002493 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-10-02 10:17 - 2013-04-18 13:16 - 00000000 ____D () C:\ProgramData\Skype 2014-09-29 13:03 - 2013-08-22 16:44 - 00363224 _____ () C:\WINDOWS\system32\FNTCACHE.DAT 2014-09-28 22:03 - 2014-01-18 18:26 - 00000000 ____D () C:\Users\Debby\AppData\Roaming\Battle.net 2014-09-22 19:31 - 2014-04-27 17:04 - 00000000 ____D () C:\ProgramData\Package Cache 2014-09-22 19:30 - 2014-08-05 12:19 - 00001160 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-09-22 19:30 - 2014-01-11 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-09-22 11:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache 2014-09-19 23:20 - 2013-03-28 12:03 - 00000000 ____D () C:\Users\Debby\.gimp-2.8 2014-09-14 16:48 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal 2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData 2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel 2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility 2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore 2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup 2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod 2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup 2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions 2014-09-14 16:48 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe 2014-09-14 16:37 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp 2014-09-12 00:35 - 2014-06-11 10:41 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll 2014-09-12 00:35 - 2014-06-11 10:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll 2014-09-12 00:35 - 2014-06-11 10:40 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll 2014-09-12 00:35 - 2014-06-11 10:40 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll 2014-09-12 00:35 - 2014-06-11 10:40 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe 2014-09-12 00:35 - 2014-06-11 10:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe 2014-09-12 00:35 - 2014-06-11 10:40 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe 2014-09-12 00:35 - 2014-06-11 10:40 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll 2014-09-12 00:35 - 2014-06-11 10:40 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll 2014-09-12 00:35 - 2014-06-11 10:40 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll 2014-09-12 00:35 - 2014-06-11 10:40 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll 2014-09-12 00:35 - 2014-06-11 10:40 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll 2014-09-12 00:35 - 2014-06-11 10:40 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll 2014-09-12 00:35 - 2014-06-11 10:40 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll 2014-09-12 00:35 - 2014-05-20 13:47 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb 2014-09-12 00:35 - 2014-05-20 13:47 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb Some content of TEMP: ==================== C:\Users\Debby\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe C:\Users\Debby\AppData\Local\Temp\avgnt.exe C:\Users\Debby\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-11 23:42 ==================== End Of Log ============================ --- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2014 Ran by Debby at 2014-10-12 01:05:02 Running from C:\Users\Debby\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859} AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) A Virus Named TOM (HKLM-x32\...\Steam App 207650) (Version: - Misfits Attic) Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated) Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version: - ) Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated) Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden Adobe InDesign CS2 (x32 Version: 004.000.000 - Adobe Systems Incorporated) Hidden Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated) Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.) Adobe Version Cue CS2 (x32 Version: 2.0 - Adobe Systems, Inc.) Hidden AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.) AMD Fuel (Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden Anno 2070 (HKLM-x32\...\Steam App 48240) (Version: - BlueByte) Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira) Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.) Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment) Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software) Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - Canon Inc.) Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.) Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version: - Canon Inc.) Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version: - Canon Inc.) Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.) Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version: - ) Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden Chicken Shoot Gold (HKLM-x32\...\Steam App 259340) (Version: - ToonTRAXX Studios) CrystalDiskMark 3.0.2e (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2e - Crystal Dew World) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment) Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version: - ) ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - ) Faerie Solitaire (HKLM-x32\...\Steam App 38600) (Version: - Subsoap) Fortix (HKLM-x32\...\Steam App 45400) (Version: - Nemesys Games) Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team) Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.) Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.) Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment) ICQ 8.1 (build 6337) (HKCU\...\ICQ) (Version: 8.1.6337.0 - Mail.Ru) Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle) Java SE Development Kit 7 Update 21 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle) Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.3.1.26369 - Juniper Networks, Inc.) Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.) Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.) Junos Pulse (Version: 3.1.26369 - Ihr Firmenname) Hidden Junos Pulse 3.1 (HKLM-x32\...\Junos Pulse 3.1) (Version: 3.1.26369 - Juniper Networks, Inc.) Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.) Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation) Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation) Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games) MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com) Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Mozilla Firefox 19.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 19.0.2 (x86 de)) (Version: 19.0.2 - Mozilla) Mozilla Firefox 32.0.3 (x86 de) (HKCU\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0.4 - Mozilla) Mozilla Thunderbird 17.0.4 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.4 (x86 de)) (Version: 17.0.4 - Mozilla) Mozilla Thunderbird 24.6.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation) OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation) Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version: - ) Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.) PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.) Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden RAIDXpert (HKLM-x32\...\InstallShield_{8A4A80C2-87B1-44FB-BC24-9168930EB150}) (Version: 3.3.1540.24 - AMD) RAIDXpert (x32 Version: 3.3.1540.24 - AMD) Hidden Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.) Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.09.00 - Samsung Electronics Co., Ltd.) Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.) Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version: - Sumo Digital) Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH) Torchlight II (HKLM-x32\...\Steam App 200710) (Version: - Runic Games) Tower Wars (HKLM-x32\...\Steam App 214360) (Version: - SuperVillain Studios) True Image WD Edition (HKLM-x32\...\{F801E99E-0C2D-4A37-8870-25FFE2C65547}) (Version: 16.0.5958 - Acronis) Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT) VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN) Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.) WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.) WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.) Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation) Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation) World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) CustomCLSID: HKU\S-1-5-21-3773492537-3824981863-2960111320-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom) ==================== Restore Points ========================= 22-09-2014 09:46:00 Geplanter Prüfpunkt 30-09-2014 19:56:42 Geplanter Prüfpunkt ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList Task: {0C771EF1-CCA1-4B56-A8E0-8F8A6F8D5670} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation) Task: {0D5B23E0-EBB3-4F28-955A-0E0A640957A8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation) Task: {163FD0EC-E4E0-47FF-978A-D5E6AFCED5BA} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation) Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate Task: {2DA58ED3-E462-46B3-B909-697335EC2D28} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft) Task: {346DCAD6-32BA-4AF6-991B-D23BB9F3449E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation) Task: {394BBA12-6782-4067-A0DA-85714A681AF5} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation) Task: {3FAE28E3-2EC3-4F53-91CD-05DABD2C8591} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management Task: {476BBBA7-900A-4215-A8AE-3B7385169883} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation) Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance Task: {63564223-53A3-4DB3-9CF6-C119697325AA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-11] (Microsoft Corporation) Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work Task: {A8843AA8-4864-4FBD-A438-C5B5C20A796B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-30] (Google Inc.) Task: {AEAAE548-D838-4114-81FB-05990A4EA095} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation Task: {B29FC0E8-D813-474D-BCDD-8F4CDA6D95CC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv Task: {C187FBAF-4889-44CC-B63B-BD517A722465} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation) Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE Task: {F35657F7-C6D5-4611-B988-D8212BA7AF64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-30] (Google Inc.) Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe ==================== Loaded Modules (whitelisted) ============= 2013-04-01 15:25 - 2011-04-11 07:26 - 00034304 _____ () C:\WINDOWS\System32\spd__l.dll 2014-04-17 22:29 - 2014-04-17 22:29 - 00214528 _____ () C:\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\AMD\ATI.ACE\Fuel\Device.dll 2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\AMD\ATI.ACE\Fuel\Platform.dll 2005-04-06 16:53 - 2005-04-06 16:53 - 03502080 _____ () d:\CS2.0\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe 2013-03-30 17:07 - 2012-12-11 14:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll 2012-10-16 11:39 - 2012-10-16 11:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe 2014-04-17 22:29 - 2014-04-17 22:29 - 00102400 _____ () C:\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll 2012-09-17 02:37 - 2012-09-17 02:37 - 00431163 _____ () C:\Program Files (x86)\Common Files\Juniper Networks\WX Client\sqlite3.dll 2005-04-06 16:52 - 2005-04-06 16:52 - 00028791 _____ () d:\CS2.0\Adobe Version Cue CS2\jre\bin\hpi.dll 2005-04-06 16:53 - 2005-04-06 16:53 - 00057453 _____ () d:\CS2.0\Adobe Version Cue CS2\jre\bin\verify.dll 2005-04-06 16:53 - 2005-04-06 16:53 - 00102515 _____ () d:\CS2.0\Adobe Version Cue CS2\jre\bin\java.dll 2005-04-06 16:53 - 2005-04-06 16:53 - 00053364 _____ () d:\CS2.0\Adobe Version Cue CS2\jre\bin\zip.dll 2005-04-06 16:53 - 2005-04-06 16:53 - 00057455 _____ () D:\CS2.0\Adobe Version Cue CS2\jre\bin\net.dll 2005-04-06 16:53 - 2005-04-06 16:53 - 00032880 _____ () D:\CS2.0\Adobe Version Cue CS2\jre\bin\nio.dll 2005-04-06 16:53 - 2005-04-06 16:53 - 00434255 _____ () d:\CS2.0\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll 2005-04-06 16:53 - 2005-04-06 16:53 - 01019904 _____ () d:\CS2.0\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll 2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll 2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll 2014-09-26 10:57 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll 2014-09-26 10:57 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll 2014-09-26 10:57 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll 2014-09-26 10:57 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll 2014-09-26 10:57 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll 2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () D:\OpenOffice\program\libxml2.dll 2014-08-05 12:19 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Debby\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll 2013-12-13 00:56 - 2013-12-13 00:56 - 13673296 _____ () D:\Acronis\TrueImageHome\ti_managers.dll 2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll 2013-12-12 23:30 - 2013-12-12 23:30 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll 2014-09-26 10:57 - 2014-09-23 06:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\Users\Debby\SkyDrive:ms-properties ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver" HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver" ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) HKLM\...\StartupApproved\Run32: => "JunosPulse" HKLM\...\StartupApproved\Run32: => "Adobe Version Cue CS2" HKCU\...\StartupApproved\Run: => "Pando Media Booster" HKCU\...\StartupApproved\Run: => "Steam" ========================= Accounts: ========================== Administrator (S-1-5-21-3773492537-3824981863-2960111320-500 - Administrator - Disabled) ASPNET (S-1-5-21-3773492537-3824981863-2960111320-1004 - Limited - Enabled) Debby (S-1-5-21-3773492537-3824981863-2960111320-1001 - Administrator - Enabled) => C:\Users\Debby Gast (S-1-5-21-3773492537-3824981863-2960111320-501 - Limited - Disabled) HomeGroupUser$ (S-1-5-21-3773492537-3824981863-2960111320-1006 - Limited - Enabled) ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (10/11/2014 11:50:17 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (10/11/2014 11:49:22 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (10/11/2014 11:42:33 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: ) Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057) Error: (10/11/2014 11:30:59 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3. Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion. In Konflikt stehende Komponenten:. Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest. Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest. Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT) Description: Der Ereignisfilter mit der Abfrage "select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'" konnte im Namespace "//./root" aufgrund des Fehlers "0x80041033" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden. Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT) Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert. Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT) Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert. Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT) Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/CIMV2" nicht vorhanden ist. Die Abfrage wird ignoriert. Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT) Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert. Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT) Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert. System errors: ============= Error: (10/11/2014 11:10:25 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE) Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC} Error: (10/11/2014 11:10:25 PM) (Source: DCOM) (EventID: 10010) (User: SPEEDIE) Description: {3EB3C877-1F16-487C-9050-104DBCD66683} Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE) Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE) Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE) Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE) Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE) Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE) Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE) Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030} Error: (10/11/2014 11:10:09 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE) Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030} Microsoft Office Sessions: ========================= Error: (10/11/2014 11:50:17 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (10/11/2014 11:49:22 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe Error: (10/11/2014 11:42:33 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: ) Description: System-reserviertFalscher Parameter. (0x80070057) Error: (10/11/2014 11:30:59 PM) (Source: SideBySide) (EventID: 78) (User: ) Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Debby\AppData\Local\Temp\IDC2.tmp\ESETSmartInstaller.exe Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT) Description: //./rootselect * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'0x80041033 Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT) Description: $Coreselect * from __TimerEvent__TimerEvent//./root/subscription Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT) Description: $Coreselect * from __TimerEvent__TimerEvent//./root Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT) Description: $Coreselect * from __TimerEvent__TimerEvent//./root/CIMV2 Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT) Description: $Coreselect * from __SystemEvent__SystemEvent//./root/subscription Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT) Description: $Coreselect * from __SystemEvent__SystemEvent//./root ==================== Memory info =========================== Processor: AMD FX(tm)-6300 Six-Core Processor Percentage of memory in use: 17% Total physical RAM: 16341.68 MB Available physical RAM: 13490.45 MB Total Pagefile: 18773.68 MB Available Pagefile: 15196.08 MB Total Virtual: 131072 MB Available Virtual: 131071.79 MB ==================== Drives ================================ Drive c: (Windows) (Fixed) (Total:79.66 GB) (Free:38.24 GB) NTFS Drive d: (Programme) (Fixed) (Total:35 GB) (Free:27.11 GB) NTFS Drive e: (Ohne Titel CD) (CDROM) (Total:0.05 GB) (Free:0 GB) UDF Drive f: (Games) (Fixed) (Total:117.88 GB) (Free:4.03 GB) NTFS Drive g: (Daten) (Fixed) (Total:200 GB) (Free:131.69 GB) NTFS Drive w: (WIN8_1_ENG) (Removable) (Total:14.71 GB) (Free:0.07 GB) FAT32 ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 71E68881) Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=79.7 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=35 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=117.9 GB) - (Type=OF Extended) ======================================================== Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C70725C5) Partition: GPT Partition Type. ======================================================== Disk: 2 (MBR Code: Windows 7 or 8) (Size: 14.7 GB) (Disk ID: 00000000) Partition: GPT Partition Type. ==================== End Of Log ============================ Geändert von Brento (12.10.2014 um 01:21 Uhr) Grund: Tippfehler |
12.10.2014, 06:20 | #2 |
/// the machine /// TB-Ausbilder | Windows 8.1 remote zugriff mit selbständiger Tastatureingabe hi,
__________________Downloade dir bitte TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ |
12.10.2014, 15:31 | #3 |
| Windows 8.1 remote zugriff mit selbständiger Tastatureingabe Keine Funde, das hier ist der Bericht:
__________________Code:
ATTFilter 11:36:56.0449 0x1204 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58 11:37:03.0781 0x1204 ============================================================ 11:37:03.0781 0x1204 Current date / time: 2014/10/12 11:37:03.0781 11:37:03.0781 0x1204 SystemInfo: 11:37:03.0781 0x1204 11:37:03.0781 0x1204 OS Version: 6.3.9600 ServicePack: 0.0 11:37:03.0781 0x1204 Product type: Workstation 11:37:03.0781 0x1204 ComputerName: SPEEDIE 11:37:03.0781 0x1204 UserName: Debby 11:37:03.0781 0x1204 Windows directory: C:\WINDOWS 11:37:03.0781 0x1204 System windows directory: C:\WINDOWS 11:37:03.0781 0x1204 Running under WOW64 11:37:03.0781 0x1204 Processor architecture: Intel x64 11:37:03.0781 0x1204 Number of processors: 6 11:37:03.0781 0x1204 Page size: 0x1000 11:37:03.0781 0x1204 Boot type: Normal boot 11:37:03.0781 0x1204 ============================================================ 11:37:03.0924 0x1204 KLMD registered as C:\WINDOWS\system32\drivers\13897379.sys 11:37:03.0991 0x1204 System UUID: {310F67FB-1992-AA6C-1AA1-A336C98BF7FD} 11:37:04.0356 0x1204 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:37:04.0356 0x1204 Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040 11:37:04.0361 0x1204 Drive \Device\Harddisk2\DR2 - Size: 0x3AE800000 ( 14.73 Gb ), SectorSize: 0x200, Cylinders: 0x782, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W' 11:37:04.0363 0x1204 ============================================================ 11:37:04.0363 0x1204 \Device\Harddisk0\DR0: 11:37:04.0363 0x1204 MBR partitions: 11:37:04.0363 0x1204 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000 11:37:04.0363 0x1204 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x9F50800 11:37:04.0363 0x1204 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA000000, BlocksNum 0x4600000 11:37:04.0363 0x1204 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0xEBC4800 11:37:04.0363 0x1204 \Device\Harddisk1\DR1: 11:37:04.0373 0x1204 GPT partitions: 11:37:04.0373 0x1204 \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {0E60491C-30D8-4F7C-99CA-438CFAC707BA}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000 11:37:04.0373 0x1204 \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0AC10E29-6A95-49D0-A1C6-2E42433AD0A3}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x19000000 11:37:04.0373 0x1204 \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A9A36451-E7AB-4C54-868C-42CEA42C22EB}, Name: Basic data partition, StartLBA 0x19040800, BlocksNum 0x5B6C5800 11:37:04.0373 0x1204 MBR partitions: 11:37:04.0373 0x1204 \Device\Harddisk2\DR2: 11:37:04.0374 0x1204 MBR partitions: 11:37:04.0374 0x1204 \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x1D73800 11:37:04.0374 0x1204 ============================================================ 11:37:04.0375 0x1204 C: <-> \Device\Harddisk0\DR0\Partition2 11:37:04.0375 0x1204 D: <-> \Device\Harddisk0\DR0\Partition3 11:37:04.0376 0x1204 F: <-> \Device\Harddisk0\DR0\Partition4 11:37:04.0411 0x1204 G: <-> \Device\Harddisk1\DR1\Partition2 11:37:04.0411 0x1204 ============================================================ 11:37:04.0411 0x1204 Initialize success 11:37:04.0411 0x1204 ============================================================ 11:38:01.0925 0x1318 ============================================================ 11:38:01.0926 0x1318 Scan started 11:38:01.0926 0x1318 Mode: Manual; SigCheck; TDLFS; 11:38:01.0926 0x1318 ============================================================ 11:38:01.0926 0x1318 KSN ping started 11:38:04.0271 0x1318 KSN ping finished: true 11:38:04.0607 0x1318 ================ Scan system memory ======================== 11:38:04.0607 0x1318 System memory - ok 11:38:04.0607 0x1318 ================ Scan services ============================= 11:38:04.0644 0x1318 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\WINDOWS\System32\drivers\1394ohci.sys 11:38:04.0713 0x1318 1394ohci - ok 11:38:04.0725 0x1318 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\WINDOWS\system32\drivers\3ware.sys 11:38:04.0742 0x1318 3ware - ok 11:38:04.0747 0x1318 [ D27A8B7BB0E15DFBFC6B4E774EE17AD9, CBAD45B3FFFD30C34AF918009F699B65F89043D0799FC25D2472381912F86F93 ] A2DDA D:\EMISOFTEMERGENCYKIT\BIN\a2ddax64.sys 11:38:04.0767 0x1318 A2DDA - ok 11:38:04.0786 0x1318 [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI C:\WINDOWS\system32\drivers\ACPI.sys 11:38:04.0815 0x1318 ACPI - ok 11:38:04.0822 0x1318 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\WINDOWS\system32\Drivers\acpiex.sys 11:38:04.0839 0x1318 acpiex - ok 11:38:04.0844 0x1318 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\WINDOWS\System32\drivers\acpipagr.sys 11:38:04.0857 0x1318 acpipagr - ok 11:38:04.0862 0x1318 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\WINDOWS\System32\drivers\acpipmi.sys 11:38:04.0875 0x1318 AcpiPmi - ok 11:38:04.0880 0x1318 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\WINDOWS\System32\drivers\acpitime.sys 11:38:04.0893 0x1318 acpitime - ok 11:38:04.0922 0x1318 [ 7736CDCCA38519FD637C82638A06B4FF, 9F6FD63A28BE387AD83707398DC67D88117E5517F8B7499315CE372F90F2B9B8 ] AcrSch2Svc C:\Program Files (x86)\Common Files \Acronis\Schedule2\schedul2.exe 11:38:04.0963 0x1318 AcrSch2Svc - ok 11:38:04.0970 0x1318 [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe 11:38:04.0982 0x1318 Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 ) 11:38:07.0397 0x1318 Detect skipped due to KSN trusted 11:38:07.0397 0x1318 Adobe LM Service - ok 11:38:07.0404 0x1318 [ 41D15EAD554396BF35B7C5246AD47A28, 456835B33E95D083CD0076F06B591D63FB969025940A5CFD87CAB37C658B6855 ] Adobe Version Cue CS2 d:\CS2.0\Adobe Version Cue CS2\bin \VersionCueCS2.exe 11:38:07.0416 0x1318 Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 ) 11:38:09.0855 0x1318 Detect skipped due to KSN trusted 11:38:09.0856 0x1318 Adobe Version Cue CS2 - ok 11:38:09.0861 0x1318 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe \ARM\1.0\armsvc.exe 11:38:09.0873 0x1318 AdobeARMservice - ok 11:38:09.0893 0x1318 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\WINDOWS\system32\drivers\ADP80XX.SYS 11:38:09.0926 0x1318 ADP80XX - ok 11:38:09.0936 0x1318 [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc C:\WINDOWS\System32\aelupsvc.dll 11:38:09.0955 0x1318 AeLookupSvc - ok 11:38:09.0968 0x1318 [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp C:\WINDOWS\system32\DRIVERS\afcdp.sys 11:38:09.0987 0x1318 afcdp - ok 11:38:10.0065 0x1318 [ 3625E0DEAE06134C3B6FD4CC90329912, B2DD2931C9CD6B6C1D8BB26D78ABD095723EBEA82B2DF26DB99605B3E106CD10 ] afcdpsrv C:\Program Files (x86)\Common Files \Acronis\CDP\afcdpsrv.exe 11:38:10.0162 0x1318 afcdpsrv - ok 11:38:10.0184 0x1318 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\WINDOWS\system32\drivers\afd.sys 11:38:10.0214 0x1318 AFD - ok 11:38:10.0222 0x1318 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\WINDOWS\system32\drivers\agp440.sys 11:38:10.0236 0x1318 agp440 - ok 11:38:10.0242 0x1318 [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache C:\WINDOWS\system32\DRIVERS\ahcache.sys 11:38:10.0258 0x1318 ahcache - ok 11:38:10.0264 0x1318 [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG C:\WINDOWS\System32\alg.exe 11:38:10.0285 0x1318 ALG - ok 11:38:10.0294 0x1318 [ E7BDC2E7D885A65031C6B93D5A80B019, B37B05CA81A200A0C303946A21901ED382468761AB8BB8F7F310700A060E813F ] AMD External Events Utility C:\WINDOWS \system32\atiesrxx.exe 11:38:10.0319 0x1318 AMD External Events Utility - ok 11:38:10.0323 0x1318 AMD FUEL Service - ok 11:38:10.0330 0x1318 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\WINDOWS\System32\drivers\amdk8.sys 11:38:10.0347 0x1318 AmdK8 - ok 11:38:10.0352 0x1318 [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd C:\WINDOWS\system32\drivers\amdkmafd.sys 11:38:10.0362 0x1318 amdkmafd - ok 11:38:10.0653 0x1318 [ 342156AF1FED5ED3A5D3FBB3D87F48E8, 119C85492EDCA82731E23A261DE39A72783713B01B89D8FA2F47400EB03C7C57 ] amdkmdag C:\WINDOWS\system32\DRIVERS\atikmdag.sys 11:38:11.0015 0x1318 amdkmdag - ok 11:38:11.0057 0x1318 [ 9DCA2AFEABF1D109FB2C229491C9F293, F020F4FDD29897C656287A2D01D51B4AE45AA604E4291BCE05FB7D994242EC04 ] amdkmdap C:\WINDOWS\system32\DRIVERS\atikmpag.sys 11:38:11.0087 0x1318 amdkmdap - ok 11:38:11.0094 0x1318 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\WINDOWS\System32\drivers\amdppm.sys 11:38:11.0109 0x1318 AmdPPM - ok 11:38:11.0115 0x1318 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\WINDOWS\system32\drivers\amdsata.sys 11:38:11.0130 0x1318 amdsata - ok 11:38:11.0139 0x1318 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\WINDOWS\system32\drivers\amdsbs.sys 11:38:11.0159 0x1318 amdsbs - ok 11:38:11.0164 0x1318 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\WINDOWS\system32\drivers\amdxata.sys 11:38:11.0176 0x1318 amdxata - ok 11:38:11.0194 0x1318 [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService D:\Avira\Avira\AntiVir Desktop \sched.exe 11:38:11.0215 0x1318 AntiVirSchedulerService - ok 11:38:11.0227 0x1318 [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService D:\Avira\Avira\AntiVir Desktop\avguard.exe 11:38:11.0245 0x1318 AntiVirService - ok 11:38:11.0267 0x1318 [ B0BC20ADD485E48DDFC613941CBBCFD0, FCC89EA77B327D5715C3A5816522F78FD4002CC2DAFB30CB075D9C501C5181EE ] AntiVirWebService D:\Avira\Avira\AntiVir Desktop \avwebg7.exe 11:38:11.0303 0x1318 AntiVirWebService - ok 11:38:11.0309 0x1318 [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3 C:\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys 11:38:11.0319 0x1318 AODDriver4.3 - ok 11:38:11.0324 0x1318 [ C65A3C67630A67A97AD26C21173BA61E, 9C66AF6FC15FEA0B0352540C037AD87B4113CE401C10B6A35DE98901E74152DC ] Apowersoft_AudioDevice C:\WINDOWS\system32\drivers \Apowersoft_AudioDevice.sys 11:38:11.0334 0x1318 Apowersoft_AudioDevice - ok 11:38:11.0340 0x1318 [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID C:\WINDOWS\system32\drivers\appid.sys 11:38:11.0356 0x1318 AppID - ok 11:38:11.0362 0x1318 [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc C:\WINDOWS\System32\appidsvc.dll 11:38:11.0376 0x1318 AppIDSvc - ok 11:38:11.0383 0x1318 [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo C:\WINDOWS\System32\appinfo.dll 11:38:11.0394 0x1318 Appinfo - ok 11:38:11.0402 0x1318 [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt C:\WINDOWS\System32\appmgmts.dll 11:38:11.0419 0x1318 AppMgmt - ok 11:38:11.0433 0x1318 [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness C:\WINDOWS\system32\AppReadiness.dll 11:38:11.0461 0x1318 AppReadiness - ok 11:38:11.0490 0x1318 [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc C:\WINDOWS \system32\appxdeploymentserver.dll 11:38:11.0525 0x1318 AppXSvc - ok 11:38:11.0534 0x1318 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\WINDOWS\system32\drivers\arcsas.sys 11:38:11.0550 0x1318 arcsas - ok 11:38:11.0562 0x1318 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\WINDOWS\system32\drivers\atapi.sys 11:38:11.0573 0x1318 atapi - ok 11:38:11.0583 0x1318 [ 517334A411CD079EE9AEF4C2167875A5, 7C6A450BADCA211D553102ABDC06E1F367FBFC359711AF1DC88027B34502B484 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys 11:38:11.0602 0x1318 AtiHDAudioService - ok 11:38:11.0610 0x1318 [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS \System32\AudioEndpointBuilder.dll 11:38:11.0624 0x1318 AudioEndpointBuilder - ok 11:38:11.0644 0x1318 [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv C:\WINDOWS\System32\Audiosrv.dll 11:38:11.0669 0x1318 Audiosrv - ok 11:38:11.0677 0x1318 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\WINDOWS\system32\DRIVERS\avgntflt.sys 11:38:11.0689 0x1318 avgntflt - ok 11:38:11.0696 0x1318 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\WINDOWS\system32\DRIVERS\avipbb.sys 11:38:11.0709 0x1318 avipbb - ok 11:38:11.0716 0x1318 [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira \Avira.OE.ServiceHost.exe 11:38:11.0729 0x1318 Avira.OE.ServiceHost - ok 11:38:11.0734 0x1318 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\WINDOWS\system32\DRIVERS\avkmgr.sys 11:38:11.0744 0x1318 avkmgr - ok 11:38:11.0749 0x1318 [ CFF660F4E0F66724E3B0D921C1A1A880, E029CEB398511489E541FC89673FE9A0C2245577A745CE911BB360A5D772CB86 ] avnetflt C:\WINDOWS\system32\DRIVERS\avnetflt.sys 11:38:11.0760 0x1318 avnetflt - ok 11:38:11.0766 0x1318 [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV C:\WINDOWS\System32\AxInstSV.dll 11:38:11.0782 0x1318 AxInstSV - ok 11:38:11.0796 0x1318 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\WINDOWS\system32\drivers\bxvbda.sys 11:38:11.0824 0x1318 b06bdrv - ok 11:38:11.0830 0x1318 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\WINDOWS\System32\drivers \BasicDisplay.sys 11:38:11.0843 0x1318 BasicDisplay - ok 11:38:11.0848 0x1318 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\WINDOWS\System32\drivers\BasicRender.sys 11:38:11.0861 0x1318 BasicRender - ok 11:38:11.0867 0x1318 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\WINDOWS\System32\drivers\bcmfn2.sys 11:38:11.0876 0x1318 bcmfn2 - ok 11:38:11.0886 0x1318 [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC C:\WINDOWS\System32\bdesvc.dll 11:38:11.0907 0x1318 BDESVC - ok 11:38:11.0912 0x1318 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\WINDOWS\system32\drivers\Beep.sys 11:38:11.0924 0x1318 Beep - ok 11:38:11.0943 0x1318 [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE C:\WINDOWS\System32\bfe.dll 11:38:11.0968 0x1318 BFE - ok 11:38:11.0995 0x1318 [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS C:\WINDOWS\System32\qmgr.dll 11:38:12.0032 0x1318 BITS - ok 11:38:12.0039 0x1318 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\WINDOWS\system32\DRIVERS\bowser.sys 11:38:12.0054 0x1318 bowser - ok 11:38:12.0064 0x1318 [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll 11:38:12.0078 0x1318 BrokerInfrastructure - ok 11:38:12.0085 0x1318 [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser C:\WINDOWS\System32\browser.dll 11:38:12.0097 0x1318 Browser - ok 11:38:12.0102 0x1318 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\WINDOWS\System32\drivers\BthAvrcpTg.sys 11:38:12.0116 0x1318 BthAvrcpTg - ok 11:38:12.0121 0x1318 [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum C:\WINDOWS\System32\drivers\bthhfenum.sys 11:38:12.0137 0x1318 BthHFEnum - ok 11:38:12.0143 0x1318 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\WINDOWS\System32\drivers\BthHFHid.sys 11:38:12.0157 0x1318 bthhfhid - ok 11:38:12.0163 0x1318 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\WINDOWS\System32\drivers\bthmodem.sys 11:38:12.0178 0x1318 BTHMODEM - ok 11:38:12.0187 0x1318 [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv C:\WINDOWS\system32\bthserv.dll 11:38:12.0203 0x1318 bthserv - ok 11:38:12.0209 0x1318 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\WINDOWS\system32\DRIVERS\cdfs.sys 11:38:12.0225 0x1318 cdfs - ok 11:38:12.0234 0x1318 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\WINDOWS\System32\drivers\cdrom.sys 11:38:12.0252 0x1318 cdrom - ok 11:38:12.0260 0x1318 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc C:\WINDOWS\System32\certprop.dll 11:38:12.0283 0x1318 CertPropSvc - ok 11:38:12.0289 0x1318 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\WINDOWS\System32\drivers\circlass.sys 11:38:12.0304 0x1318 circlass - ok 11:38:12.0308 0x1318 [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp D:\EmisoftEmergencyKit\bin\cleanhlp64.sys 11:38:12.0320 0x1318 cleanhlp - ok 11:38:12.0332 0x1318 [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS C:\WINDOWS\system32\drivers\CLFS.sys 11:38:12.0356 0x1318 CLFS - ok 11:38:12.0368 0x1318 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\WINDOWS\System32\drivers\CmBatt.sys 11:38:12.0381 0x1318 CmBatt - ok 11:38:12.0397 0x1318 [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG C:\WINDOWS\system32\Drivers\cng.sys 11:38:12.0430 0x1318 CNG - ok 11:38:12.0438 0x1318 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\WINDOWS\System32\drivers \CompositeBus.sys 11:38:12.0452 0x1318 CompositeBus - ok 11:38:12.0457 0x1318 COMSysApp - ok 11:38:12.0462 0x1318 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\WINDOWS\system32\drivers\condrv.sys 11:38:12.0477 0x1318 condrv - ok 11:38:12.0486 0x1318 [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc C:\WINDOWS\system32\cryptsvc.dll 11:38:12.0505 0x1318 CryptSvc - ok 11:38:12.0521 0x1318 [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC C:\WINDOWS\system32\drivers\csc.sys 11:38:12.0549 0x1318 CSC - ok 11:38:12.0570 0x1318 [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService C:\WINDOWS\System32\cscsvc.dll 11:38:12.0597 0x1318 CscService - ok 11:38:12.0604 0x1318 [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam C:\WINDOWS\system32\drivers\dam.sys 11:38:12.0618 0x1318 dam - ok 11:38:12.0640 0x1318 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch C:\WINDOWS\system32\rpcss.dll 11:38:12.0668 0x1318 DcomLaunch - ok 11:38:12.0683 0x1318 [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc C:\WINDOWS\System32\defragsvc.dll 11:38:12.0707 0x1318 defragsvc - ok 11:38:12.0720 0x1318 [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll 11:38:12.0738 0x1318 DeviceAssociationService - ok 11:38:12.0745 0x1318 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall C:\WINDOWS\system32\umpnpmgr.dll 11:38:12.0765 0x1318 DeviceInstall - ok 11:38:12.0774 0x1318 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\WINDOWS\system32\Drivers\dfsc.sys 11:38:12.0790 0x1318 Dfsc - ok 11:38:12.0801 0x1318 [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp C:\WINDOWS\system32\dhcpcore.dll 11:38:12.0823 0x1318 Dhcp - ok 11:38:12.0830 0x1318 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\WINDOWS\system32\drivers\disk.sys 11:38:12.0846 0x1318 disk - ok 11:38:12.0851 0x1318 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\WINDOWS\System32\drivers\dmvsc.sys 11:38:12.0863 0x1318 dmvsc - ok 11:38:12.0873 0x1318 [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll 11:38:12.0891 0x1318 Dnscache - ok 11:38:12.0900 0x1318 [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc C:\WINDOWS\System32\dot3svc.dll 11:38:12.0923 0x1318 dot3svc - ok 11:38:12.0931 0x1318 [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS C:\WINDOWS\system32\dps.dll 11:38:12.0955 0x1318 DPS - ok 11:38:12.0960 0x1318 [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys 11:38:12.0971 0x1318 drmkaud - ok 11:38:12.0979 0x1318 [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc C:\WINDOWS\System32\DeviceSetupManager.dll 11:38:13.0000 0x1318 DsmSvc - ok 11:38:13.0034 0x1318 [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl C:\WINDOWS\System32\drivers\dxgkrnl.sys 11:38:13.0091 0x1318 DXGKrnl - ok 11:38:13.0100 0x1318 [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost C:\WINDOWS\System32\eapsvc.dll 11:38:13.0120 0x1318 Eaphost - ok 11:38:13.0192 0x1318 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\WINDOWS\system32\drivers\evbda.sys 11:38:13.0299 0x1318 ebdrv - ok 11:38:13.0311 0x1318 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS C:\WINDOWS\System32\lsass.exe 11:38:13.0326 0x1318 EFS - ok 11:38:13.0332 0x1318 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\WINDOWS\system32\drivers\EhStorClass.sys 11:38:13.0348 0x1318 EhStorClass - ok 11:38:13.0356 0x1318 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\WINDOWS\system32\drivers \EhStorTcgDrv.sys 11:38:13.0375 0x1318 EhStorTcgDrv - ok 11:38:13.0379 0x1318 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\WINDOWS\System32\drivers\errdev.sys 11:38:13.0392 0x1318 ErrDev - ok 11:38:13.0408 0x1318 [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem C:\WINDOWS\system32\es.dll 11:38:13.0429 0x1318 EventSystem - ok 11:38:13.0438 0x1318 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\WINDOWS\system32\drivers\exfat.sys 11:38:13.0462 0x1318 exfat - ok 11:38:13.0470 0x1318 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\WINDOWS\system32\drivers\fastfat.sys 11:38:13.0492 0x1318 fastfat - ok 11:38:13.0509 0x1318 [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax C:\WINDOWS\system32\fxssvc.exe 11:38:13.0540 0x1318 Fax - ok 11:38:13.0547 0x1318 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\WINDOWS\System32\drivers\fdc.sys 11:38:13.0561 0x1318 fdc - ok 11:38:13.0566 0x1318 [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost C:\WINDOWS\system32\fdPHost.dll 11:38:13.0585 0x1318 fdPHost - ok 11:38:13.0590 0x1318 [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub C:\WINDOWS\system32\fdrespub.dll 11:38:13.0609 0x1318 FDResPub - ok 11:38:13.0615 0x1318 [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc C:\WINDOWS\system32\fhsvc.dll 11:38:13.0632 0x1318 fhsvc - ok 11:38:13.0638 0x1318 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\WINDOWS\system32\drivers\fileinfo.sys 11:38:13.0653 0x1318 FileInfo - ok 11:38:13.0658 0x1318 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\WINDOWS\system32\drivers\filetrace.sys 11:38:13.0677 0x1318 Filetrace - ok 11:38:13.0683 0x1318 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\WINDOWS\System32\drivers\flpydisk.sys 11:38:13.0696 0x1318 flpydisk - ok 11:38:13.0708 0x1318 [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys 11:38:13.0733 0x1318 FltMgr - ok 11:38:13.0741 0x1318 [ C06AF3D1E7CA6868A6A3064CE6907C4A, A1A357CF99291E1611A4380BF8866B5B594637C186B5FD1EFDF052D4EB69FAB9 ] fltsrv C:\WINDOWS\system32\DRIVERS\fltsrv.sys 11:38:13.0754 0x1318 fltsrv - ok 11:38:13.0784 0x1318 [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache C:\WINDOWS\system32\FntCache.dll 11:38:13.0823 0x1318 FontCache - ok 11:38:13.0831 0x1318 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net \Framework64\v3.0\WPF\PresentationFontCache.exe 11:38:13.0862 0x1318 FontCache3.0.0.0 - ok 11:38:13.0868 0x1318 [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends C:\WINDOWS\system32\drivers\FsDepends.sys 11:38:13.0881 0x1318 FsDepends - ok 11:38:13.0886 0x1318 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys 11:38:13.0898 0x1318 Fs_Rec - ok 11:38:13.0915 0x1318 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\WINDOWS\system32\DRIVERS\fvevol.sys 11:38:13.0946 0x1318 fvevol - ok 11:38:13.0953 0x1318 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\WINDOWS\System32\drivers\fxppm.sys 11:38:13.0966 0x1318 FxPPM - ok 11:38:13.0972 0x1318 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\WINDOWS\system32\drivers\gagp30kx.sys 11:38:13.0987 0x1318 gagp30kx - ok 11:38:13.0991 0x1318 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\WINDOWS\System32\drivers \vmgencounter.sys 11:38:14.0003 0x1318 gencounter - ok 11:38:14.0010 0x1318 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\WINDOWS\system32\Drivers\msgpioclx.sys 11:38:14.0028 0x1318 GPIOClx0101 - ok 11:38:14.0058 0x1318 [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc C:\WINDOWS\System32\gpsvc.dll 11:38:14.0097 0x1318 gpsvc - ok 11:38:14.0105 0x1318 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update \GoogleUpdate.exe 11:38:14.0120 0x1318 gupdate - ok 11:38:14.0125 0x1318 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update \GoogleUpdate.exe 11:38:14.0133 0x1318 gupdatem - ok 11:38:14.0148 0x1318 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys 11:38:14.0173 0x1318 HdAudAddService - ok 11:38:14.0180 0x1318 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\WINDOWS\System32\drivers\HDAudBus.sys 11:38:14.0196 0x1318 HDAudBus - ok 11:38:14.0201 0x1318 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\WINDOWS\System32\drivers\HidBatt.sys 11:38:14.0214 0x1318 HidBatt - ok 11:38:14.0221 0x1318 [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth C:\WINDOWS\System32\drivers\hidbth.sys 11:38:14.0237 0x1318 HidBth - ok 11:38:14.0243 0x1318 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\WINDOWS\System32\drivers\hidi2c.sys 11:38:14.0258 0x1318 hidi2c - ok 11:38:14.0264 0x1318 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\WINDOWS\System32\drivers\hidir.sys 11:38:14.0280 0x1318 HidIr - ok 11:38:14.0285 0x1318 [ 46BBE8EA221461A65F18A078528F4B2C, C0B0D35E2A6C750E5505156694F41F987AB548449F6C9DB1EEEAF12E5F146AD7 ] hidkmdf C:\WINDOWS\System32\drivers\hidkmdf.sys 11:38:14.0293 0x1318 hidkmdf - ok 11:38:14.0297 0x1318 [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv C:\WINDOWS\system32\hidserv.dll 11:38:14.0312 0x1318 hidserv - ok 11:38:14.0316 0x1318 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\WINDOWS\System32\drivers\hidusb.sys 11:38:14.0330 0x1318 HidUsb - ok 11:38:14.0335 0x1318 [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc C:\WINDOWS\system32\kmsvc.dll 11:38:14.0353 0x1318 hkmsvc - ok 11:38:14.0362 0x1318 [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll 11:38:14.0381 0x1318 HomeGroupListener - ok 11:38:14.0393 0x1318 [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll 11:38:14.0417 0x1318 HomeGroupProvider - ok 11:38:14.0423 0x1318 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\WINDOWS\system32\drivers\HpSAMD.sys 11:38:14.0437 0x1318 HpSAMD - ok 11:38:14.0459 0x1318 [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP C:\WINDOWS\system32\drivers\HTTP.sys 11:38:14.0501 0x1318 HTTP - ok 11:38:14.0507 0x1318 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\WINDOWS\system32\drivers\hwpolicy.sys 11:38:14.0518 0x1318 hwpolicy - ok 11:38:14.0522 0x1318 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\WINDOWS\System32\drivers\hyperkbd.sys 11:38:14.0534 0x1318 hyperkbd - ok 11:38:14.0538 0x1318 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\WINDOWS\system32\DRIVERS\HyperVideo.sys 11:38:14.0550 0x1318 HyperVideo - ok 11:38:14.0557 0x1318 [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt C:\WINDOWS\System32\drivers\i8042prt.sys 11:38:14.0573 0x1318 i8042prt - ok 11:38:14.0577 0x1318 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\WINDOWS\System32\drivers \iaLPSSi_GPIO.sys 11:38:14.0588 0x1318 iaLPSSi_GPIO - ok 11:38:14.0594 0x1318 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys 11:38:14.0607 0x1318 iaLPSSi_I2C - ok 11:38:14.0623 0x1318 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\WINDOWS\system32\drivers\iaStorAV.sys 11:38:14.0649 0x1318 iaStorAV - ok 11:38:14.0662 0x1318 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\WINDOWS\system32\drivers\iaStorV.sys 11:38:14.0685 0x1318 iaStorV - ok 11:38:14.0689 0x1318 IEEtwCollectorService - ok 11:38:14.0715 0x1318 [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT C:\WINDOWS\System32\ikeext.dll 11:38:14.0755 0x1318 IKEEXT - ok 11:38:14.0841 0x1318 [ 8524178B895E4BC04776B319DA3A70EC, A635EADF6E8BD985B730F2737E8DA36AC71E8FEB759787ECB24D955176622AD2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers \RTKVHD64.sys 11:38:14.0942 0x1318 IntcAzAudAddService - ok 11:38:14.0953 0x1318 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\WINDOWS\system32\drivers\intelide.sys 11:38:14.0964 0x1318 intelide - ok 11:38:14.0969 0x1318 [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep C:\WINDOWS\system32\drivers\intelpep.sys 11:38:14.0981 0x1318 intelpep - ok 11:38:14.0988 0x1318 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\WINDOWS\System32\drivers\intelppm.sys 11:38:15.0004 0x1318 intelppm - ok 11:38:15.0010 0x1318 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 11:38:15.0026 0x1318 IpFilterDriver - ok 11:38:15.0048 0x1318 [ 1670A274ED1A815311BA33CD27B0D0E8, 28378D3908DCFA2C0E8FCF83E5AFEF643C89BBB285FA0F1692FE576AEA2F4E45 ] iphlpsvc C:\WINDOWS\System32\iphlpsvc.dll 11:38:15.0077 0x1318 iphlpsvc - ok 11:38:15.0084 0x1318 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\WINDOWS\System32\drivers\IPMIDrv.sys 11:38:15.0099 0x1318 IPMIDRV - ok 11:38:15.0107 0x1318 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\WINDOWS\system32\drivers\ipnat.sys 11:38:15.0123 0x1318 IPNAT - ok 11:38:15.0128 0x1318 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\WINDOWS\system32\drivers\irenum.sys 11:38:15.0142 0x1318 IRENUM - ok 11:38:15.0147 0x1318 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\WINDOWS\system32\drivers\isapnp.sys 11:38:15.0159 0x1318 isapnp - ok 11:38:15.0170 0x1318 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\WINDOWS\System32\drivers\msiscsi.sys 11:38:15.0193 0x1318 iScsiPrt - ok 11:38:15.0199 0x1318 [ FDA8DF17AB481E5E0D98230BF9988F17, D2F74A6B86231F3FF636968FEEB2202E739C82ACD55BFD6AD2916B4ABB1D140D ] jnprTdi_731_26369 C:\Windows\system32\Drivers \jnprTdi_731_26369.sys 11:38:15.0211 0x1318 jnprTdi_731_26369 - ok 11:38:15.0216 0x1318 [ 43389A5F75966CB4715253F1B3EAD392, 68C61701DAC97EB21AFDD9457A71417C474F9EE0B0CEE6859B694266E601803C ] JnprVaMgr C:\WINDOWS\system32\DRIVERS\jnprvamgr.sys 11:38:15.0226 0x1318 JnprVaMgr - ok 11:38:15.0233 0x1318 [ 31208EC624250CE2FFC04C55A2F8C68D, 2BB2373DDA49EEF3F4D7F4F5F344FDC819BA4FDB5CFB9F64D6DF1FF0A031D48B ] JuniperAccessService C:\Program Files (x86)\Common Files \Juniper Networks\JUNS\dsAccessService.exe 11:38:15.0246 0x1318 JuniperAccessService - ok 11:38:15.0252 0x1318 [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass C:\WINDOWS\System32\drivers\kbdclass.sys 11:38:15.0266 0x1318 kbdclass - ok 11:38:15.0271 0x1318 [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid C:\WINDOWS\System32\drivers\kbdhid.sys 11:38:15.0283 0x1318 kbdhid - ok 11:38:15.0288 0x1318 [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr C:\WINDOWS\system32\drivers\kbldfltr.sys 11:38:15.0300 0x1318 kbldfltr - ok 11:38:15.0305 0x1318 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\WINDOWS\system32\DRIVERS\kdnic.sys 11:38:15.0316 0x1318 kdnic - ok 11:38:15.0321 0x1318 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso C:\WINDOWS\system32\lsass.exe 11:38:15.0330 0x1318 KeyIso - ok 11:38:15.0336 0x1318 [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD C:\WINDOWS\system32\Drivers\ksecdd.sys 11:38:15.0351 0x1318 KSecDD - ok 11:38:15.0359 0x1318 [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg C:\WINDOWS\system32\Drivers\ksecpkg.sys 11:38:15.0378 0x1318 KSecPkg - ok 11:38:15.0382 0x1318 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\WINDOWS\system32\drivers\ksthunk.sys 11:38:15.0396 0x1318 ksthunk - ok 11:38:15.0407 0x1318 [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm C:\WINDOWS\system32\msdtckrm.dll 11:38:15.0429 0x1318 KtmRm - ok 11:38:15.0439 0x1318 [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer C:\WINDOWS\system32\srvsvc.dll 11:38:15.0459 0x1318 LanmanServer - ok 11:38:15.0469 0x1318 [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll 11:38:15.0489 0x1318 LanmanWorkstation - ok 11:38:15.0504 0x1318 [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc C:\WINDOWS \System32\GeofenceMonitorService.dll 11:38:15.0529 0x1318 lfsvc - ok 11:38:15.0534 0x1318 [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum C:\WINDOWS\system32\drivers\LGBusEnum.sys 11:38:15.0543 0x1318 LGBusEnum - ok 11:38:15.0548 0x1318 [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys 11:38:15.0559 0x1318 LGSHidFilt - ok 11:38:15.0563 0x1318 [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid C:\WINDOWS\system32\drivers\LGVirHid.sys 11:38:15.0571 0x1318 LGVirHid - ok 11:38:15.0576 0x1318 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\WINDOWS\system32\DRIVERS\lltdio.sys 11:38:15.0592 0x1318 lltdio - ok 11:38:15.0601 0x1318 [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc C:\WINDOWS\System32\lltdsvc.dll 11:38:15.0624 0x1318 lltdsvc - ok 11:38:15.0629 0x1318 [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts C:\WINDOWS\System32\lmhsvc.dll 11:38:15.0641 0x1318 lmhosts - ok 11:38:15.0649 0x1318 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\WINDOWS\system32\drivers\lsi_sas.sys 11:38:15.0666 0x1318 LSI_SAS - ok 11:38:15.0672 0x1318 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\WINDOWS\system32\drivers\lsi_sas2.sys 11:38:15.0689 0x1318 LSI_SAS2 - ok 11:38:15.0695 0x1318 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\WINDOWS\system32\drivers\lsi_sas3.sys 11:38:15.0710 0x1318 LSI_SAS3 - ok 11:38:15.0716 0x1318 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\WINDOWS\system32\drivers\lsi_sss.sys 11:38:15.0731 0x1318 LSI_SSS - ok 11:38:15.0750 0x1318 [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM C:\WINDOWS\System32\lsm.dll 11:38:15.0777 0x1318 LSM - ok 11:38:15.0786 0x1318 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\WINDOWS\system32\drivers\luafv.sys 11:38:15.0803 0x1318 luafv - ok 11:38:15.0808 0x1318 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\WINDOWS\system32\drivers\MBfilt64.sys 11:38:15.0818 0x1318 MBfilt - ok 11:38:15.0824 0x1318 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\WINDOWS\system32\drivers\megasas.sys 11:38:15.0838 0x1318 megasas - ok 11:38:15.0855 0x1318 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\WINDOWS\system32\drivers\megasr.sys 11:38:15.0884 0x1318 megasr - ok 11:38:15.0891 0x1318 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS C:\WINDOWS\system32\mmcss.dll 11:38:15.0907 0x1318 MMCSS - ok 11:38:15.0912 0x1318 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\WINDOWS\system32\drivers\modem.sys 11:38:15.0928 0x1318 Modem - ok 11:38:15.0936 0x1318 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\WINDOWS\System32\drivers\monitor.sys 11:38:15.0948 0x1318 monitor - ok 11:38:15.0955 0x1318 [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\WINDOWS\System32\drivers\MijXfilt.sys 11:38:15.0984 0x1318 MotioninJoyXFilter - ok 11:38:15.0991 0x1318 [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass C:\WINDOWS\System32\drivers\mouclass.sys 11:38:16.0006 0x1318 mouclass - ok 11:38:16.0011 0x1318 [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid C:\WINDOWS\System32\drivers\mouhid.sys 11:38:16.0025 0x1318 mouhid - ok 11:38:16.0032 0x1318 [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr C:\WINDOWS\system32\drivers\mountmgr.sys 11:38:16.0050 0x1318 mountmgr - ok 11:38:16.0056 0x1318 [ 8A7C8F4C713E70D73946833D76B77035, 75D07F56B8F7D50E85F6576427E8DAA3A27384F53AC31753B6213CBD011C1DEF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe 11:38:16.0071 0x1318 MozillaMaintenance - ok 11:38:16.0077 0x1318 [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv C:\WINDOWS\system32\drivers\mpsdrv.sys 11:38:16.0095 0x1318 mpsdrv - ok 11:38:16.0116 0x1318 [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc C:\WINDOWS\system32\mpssvc.dll 11:38:16.0154 0x1318 MpsSvc - ok 11:38:16.0163 0x1318 [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV C:\WINDOWS\system32\drivers\mrxdav.sys 11:38:16.0182 0x1318 MRxDAV - ok 11:38:16.0195 0x1318 [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 11:38:16.0212 0x1318 mrxsmb - ok 11:38:16.0223 0x1318 [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10 C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys 11:38:16.0245 0x1318 mrxsmb10 - ok 11:38:16.0254 0x1318 [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20 C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys 11:38:16.0273 0x1318 mrxsmb20 - ok 11:38:16.0280 0x1318 [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge C:\WINDOWS\system32\DRIVERS\bridge.sys 11:38:16.0298 0x1318 MsBridge - ok 11:38:16.0310 0x1318 [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC C:\WINDOWS\System32\msdtc.exe 11:38:16.0336 0x1318 MSDTC - ok 11:38:16.0343 0x1318 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys 11:38:16.0356 0x1318 Msfs - ok 11:38:16.0361 0x1318 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\WINDOWS\System32\drivers\msgpiowin32.sys 11:38:16.0374 0x1318 msgpiowin32 - ok 11:38:16.0378 0x1318 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\WINDOWS\System32\drivers\mshidkmdf.sys 11:38:16.0389 0x1318 mshidkmdf - ok 11:38:16.0393 0x1318 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\WINDOWS\System32\drivers\mshidumdf.sys 11:38:16.0404 0x1318 mshidumdf - ok 11:38:16.0409 0x1318 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\WINDOWS\system32\drivers\msisadrv.sys 11:38:16.0419 0x1318 msisadrv - ok 11:38:16.0426 0x1318 [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI C:\WINDOWS\system32\iscsiexe.dll 11:38:16.0443 0x1318 MSiSCSI - ok 11:38:16.0447 0x1318 msiserver - ok 11:38:16.0453 0x1318 [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll 11:38:16.0469 0x1318 MsKeyboardFilter - ok 11:38:16.0473 0x1318 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys 11:38:16.0485 0x1318 MSKSSRV - ok 11:38:16.0490 0x1318 [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp C:\WINDOWS\system32\DRIVERS\mslldp.sys 11:38:16.0506 0x1318 MsLldp - ok 11:38:16.0510 0x1318 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys 11:38:16.0521 0x1318 MSPCLOCK - ok 11:38:16.0525 0x1318 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys 11:38:16.0536 0x1318 MSPQM - ok 11:38:16.0547 0x1318 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\WINDOWS\system32\drivers\MsRPC.sys 11:38:16.0569 0x1318 MsRPC - ok 11:38:16.0576 0x1318 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\WINDOWS\System32\drivers\mssmbios.sys 11:38:16.0588 0x1318 mssmbios - ok 11:38:16.0592 0x1318 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\WINDOWS\system32\drivers\MSTEE.sys 11:38:16.0604 0x1318 MSTEE - ok 11:38:16.0608 0x1318 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\WINDOWS\System32\drivers\MTConfig.sys 11:38:16.0620 0x1318 MTConfig - ok 11:38:16.0625 0x1318 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\WINDOWS\system32\Drivers\mup.sys 11:38:16.0639 0x1318 Mup - ok 11:38:16.0644 0x1318 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\WINDOWS\system32\drivers\mvumis.sys 11:38:16.0658 0x1318 mvumis - ok 11:38:16.0671 0x1318 [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent C:\WINDOWS\system32\qagentRT.dll 11:38:16.0693 0x1318 napagent - ok 11:38:16.0706 0x1318 [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP C:\WINDOWS\system32\DRIVERS\nwifi.sys 11:38:16.0730 0x1318 NativeWifiP - ok 11:38:16.0738 0x1318 [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc C:\WINDOWS\System32\ncasvc.dll 11:38:16.0757 0x1318 NcaSvc - ok 11:38:16.0764 0x1318 [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService C:\WINDOWS\System32\ncbservice.dll 11:38:16.0781 0x1318 NcbService - ok 11:38:16.0786 0x1318 [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup C:\WINDOWS\System32\NcdAutoSetup.dll 11:38:16.0812 0x1318 NcdAutoSetup - ok 11:38:16.0836 0x1318 [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS C:\WINDOWS\system32\drivers\ndis.sys 11:38:16.0882 0x1318 NDIS - ok 11:38:16.0888 0x1318 [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap C:\WINDOWS\system32\DRIVERS\ndiscap.sys 11:38:16.0904 0x1318 NdisCap - ok 11:38:16.0910 0x1318 [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform C:\WINDOWS\system32\DRIVERS \NdisImPlatform.sys 11:38:16.0926 0x1318 NdisImPlatform - ok 11:38:16.0930 0x1318 [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys 11:38:16.0945 0x1318 NdisTapi - ok 11:38:16.0950 0x1318 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys 11:38:16.0964 0x1318 Ndisuio - ok 11:38:16.0968 0x1318 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\WINDOWS\System32\drivers \NdisVirtualBus.sys 11:38:16.0982 0x1318 NdisVirtualBus - ok 11:38:16.0990 0x1318 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys 11:38:17.0011 0x1318 NdisWan - ok 11:38:17.0018 0x1318 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\WINDOWS\system32\DRIVERS\ndiswan.sys 11:38:17.0033 0x1318 NdisWanLegacy - ok 11:38:17.0039 0x1318 [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys 11:38:17.0055 0x1318 NDProxy - ok 11:38:17.0061 0x1318 [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu C:\WINDOWS\system32\drivers\Ndu.sys 11:38:17.0079 0x1318 Ndu - ok 11:38:17.0084 0x1318 [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys 11:38:17.0099 0x1318 NetBIOS - ok 11:38:17.0109 0x1318 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys 11:38:17.0130 0x1318 NetBT - ok 11:38:17.0135 0x1318 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon C:\WINDOWS\system32\lsass.exe 11:38:17.0145 0x1318 Netlogon - ok 11:38:17.0154 0x1318 [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman C:\WINDOWS\System32\netman.dll 11:38:17.0176 0x1318 Netman - ok 11:38:17.0191 0x1318 [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm C:\WINDOWS\System32\netprofmsvc.dll 11:38:17.0214 0x1318 netprofm - ok 11:38:17.0223 0x1318 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET \Framework64\v4.0.30319\SMSvcHost.exe 11:38:17.0239 0x1318 NetTcpPortSharing - ok 11:38:17.0245 0x1318 [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc C:\WINDOWS\system32\DRIVERS\netvsc63.sys 11:38:17.0260 0x1318 netvsc - ok 11:38:17.0272 0x1318 [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc C:\WINDOWS\System32\nlasvc.dll 11:38:17.0297 0x1318 NlaSvc - ok 11:38:17.0302 0x1318 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys 11:38:17.0316 0x1318 Npfs - ok 11:38:17.0322 0x1318 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\WINDOWS\System32\drivers\npsvctrig.sys 11:38:17.0336 0x1318 npsvctrig - ok 11:38:17.0341 0x1318 [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi C:\WINDOWS\system32\nsisvc.dll 11:38:17.0359 0x1318 nsi - ok 11:38:17.0368 0x1318 [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy C:\WINDOWS\system32\drivers\nsiproxy.sys 11:38:17.0382 0x1318 nsiproxy - ok 11:38:17.0425 0x1318 [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys 11:38:17.0494 0x1318 Ntfs - ok 11:38:17.0510 0x1318 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\WINDOWS\system32\drivers\Null.sys 11:38:17.0527 0x1318 Null - ok 11:38:17.0533 0x1318 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\WINDOWS\system32\drivers\nvraid.sys 11:38:17.0550 0x1318 nvraid - ok 11:38:17.0557 0x1318 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\WINDOWS\system32\drivers\nvstor.sys 11:38:17.0574 0x1318 nvstor - ok 11:38:17.0580 0x1318 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\WINDOWS\system32\drivers\nv_agp.sys 11:38:17.0597 0x1318 nv_agp - ok 11:38:17.0608 0x1318 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc C:\WINDOWS\system32\pnrpsvc.dll 11:38:17.0630 0x1318 p2pimsvc - ok 11:38:17.0644 0x1318 [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc C:\WINDOWS\system32\p2psvc.dll 11:38:17.0664 0x1318 p2psvc - ok 11:38:17.0672 0x1318 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\WINDOWS\System32\drivers\parport.sys 11:38:17.0690 0x1318 Parport - ok 11:38:17.0696 0x1318 [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr C:\WINDOWS\system32\drivers\partmgr.sys 11:38:17.0714 0x1318 partmgr - ok 11:38:17.0728 0x1318 [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc C:\WINDOWS\System32\pcasvc.dll 11:38:17.0754 0x1318 PcaSvc - ok 11:38:17.0767 0x1318 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\WINDOWS\system32\drivers\pci.sys 11:38:17.0790 0x1318 pci - ok 11:38:17.0795 0x1318 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\WINDOWS\system32\drivers\pciide.sys 11:38:17.0806 0x1318 pciide - ok 11:38:17.0814 0x1318 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\WINDOWS\system32\drivers\pcmcia.sys 11:38:17.0831 0x1318 pcmcia - ok 11:38:17.0836 0x1318 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\WINDOWS\system32\drivers\pcw.sys 11:38:17.0849 0x1318 pcw - ok 11:38:17.0856 0x1318 [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc C:\WINDOWS\system32\drivers\pdc.sys 11:38:17.0871 0x1318 pdc - ok 11:38:17.0889 0x1318 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\WINDOWS\system32\drivers\peauth.sys 11:38:17.0922 0x1318 PEAUTH - ok 11:38:17.0972 0x1318 [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc C:\WINDOWS\system32\peerdistsvc.dll 11:38:18.0040 0x1318 PeerDistSvc - ok 11:38:18.0061 0x1318 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\WINDOWS\SysWow64\perfhost.exe 11:38:18.0075 0x1318 PerfHost - ok 11:38:18.0113 0x1318 [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla C:\WINDOWS\system32\pla.dll 11:38:18.0169 0x1318 pla - ok 11:38:18.0178 0x1318 [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay C:\WINDOWS\system32\umpnpmgr.dll 11:38:18.0192 0x1318 PlugPlay - ok 11:38:18.0197 0x1318 [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg C:\WINDOWS\system32\pnrpauto.dll 11:38:18.0213 0x1318 PNRPAutoReg - ok 11:38:18.0226 0x1318 [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc C:\WINDOWS\system32\pnrpsvc.dll 11:38:18.0242 0x1318 PNRPsvc - ok 11:38:18.0255 0x1318 [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent C:\WINDOWS\System32\ipsecsvc.dll 11:38:18.0275 0x1318 PolicyAgent - ok 11:38:18.0283 0x1318 [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power C:\WINDOWS\system32\umpo.dll 11:38:18.0300 0x1318 Power - ok 11:38:18.0366 0x1318 [ C0B3AD50136FE57C2548BD75CAC49DA2, B5661CE7631C5D1B1C50F36EE66AF6DF2E9E69DA1D9BA7C852E74D206F72D8DB ] PrintNotify C:\WINDOWS\system32\spool\drivers \x64\3\PrintConfig.dll 11:38:18.0452 0x1318 PrintNotify - ok 11:38:18.0465 0x1318 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\WINDOWS\System32\drivers\processr.sys 11:38:18.0482 0x1318 Processor - ok 11:38:18.0491 0x1318 [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc C:\WINDOWS\system32\profsvc.dll 11:38:18.0506 0x1318 ProfSvc - ok 11:38:18.0513 0x1318 [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched C:\WINDOWS\system32\DRIVERS\pacer.sys 11:38:18.0533 0x1318 Psched - ok 11:38:18.0544 0x1318 [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE C:\WINDOWS\system32\qwave.dll 11:38:18.0570 0x1318 QWAVE - ok 11:38:18.0576 0x1318 [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv C:\WINDOWS\system32\drivers\qwavedrv.sys 11:38:18.0593 0x1318 QWAVEdrv - ok 11:38:18.0597 0x1318 [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys 11:38:18.0612 0x1318 RasAcd - ok 11:38:18.0619 0x1318 [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto C:\WINDOWS\System32\rasauto.dll 11:38:18.0638 0x1318 RasAuto - ok 11:38:18.0653 0x1318 [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan C:\WINDOWS\System32\rasmans.dll 11:38:18.0682 0x1318 RasMan - ok 11:38:18.0689 0x1318 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys 11:38:18.0707 0x1318 RasPppoe - ok 11:38:18.0719 0x1318 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys 11:38:18.0745 0x1318 rdbss - ok 11:38:18.0752 0x1318 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\WINDOWS\System32\drivers\rdpbus.sys 11:38:18.0765 0x1318 rdpbus - ok 11:38:18.0773 0x1318 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\WINDOWS\system32\drivers\rdpdr.sys 11:38:18.0792 0x1318 RDPDR - ok 11:38:18.0800 0x1318 [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers \rdpvideominiport.sys 11:38:18.0813 0x1318 RdpVideoMiniport - ok 11:38:18.0822 0x1318 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\WINDOWS\system32\drivers\rdyboost.sys 11:38:18.0845 0x1318 rdyboost - ok 11:38:18.0868 0x1318 [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS C:\WINDOWS\system32\drivers\ReFS.sys 11:38:18.0909 0x1318 ReFS - ok 11:38:18.0921 0x1318 [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll 11:38:18.0943 0x1318 RemoteAccess - ok 11:38:18.0951 0x1318 [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll 11:38:18.0974 0x1318 RemoteRegistry - ok 11:38:18.0980 0x1318 [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper C:\WINDOWS\System32\RpcEpMap.dll 11:38:18.0997 0x1318 RpcEptMapper - ok 11:38:19.0002 0x1318 [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator C:\WINDOWS\system32\locator.exe 11:38:19.0015 0x1318 RpcLocator - ok 11:38:19.0034 0x1318 [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs C:\WINDOWS\system32\rpcss.dll 11:38:19.0061 0x1318 RpcSs - ok 11:38:19.0068 0x1318 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\WINDOWS\system32\DRIVERS\rspndr.sys 11:38:19.0086 0x1318 rspndr - ok 11:38:19.0103 0x1318 [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168 C:\WINDOWS\system32\DRIVERS\Rt630x64.sys 11:38:19.0130 0x1318 RTL8168 - ok 11:38:19.0136 0x1318 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\WINDOWS\System32\drivers\vms3cap.sys 11:38:19.0149 0x1318 s3cap - ok 11:38:19.0155 0x1318 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs C:\WINDOWS\system32\lsass.exe 11:38:19.0165 0x1318 SamSs - ok 11:38:19.0173 0x1318 [ B136E29C89CD7234DEC1A4104E5D30CC, 59B534D928EA77B904380679C701EC56A964E5039F69ED1A7372A95E215A9144 ] Samsung UPD Service2 C:\Windows\System32\SUPDSvc2.exe 11:38:19.0196 0x1318 Samsung UPD Service2 - ok 11:38:19.0204 0x1318 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\WINDOWS\system32\drivers\sbp2port.sys 11:38:19.0222 0x1318 sbp2port - ok 11:38:19.0230 0x1318 [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr C:\WINDOWS\System32\SCardSvr.dll 11:38:19.0252 0x1318 SCardSvr - ok 11:38:19.0260 0x1318 [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum C:\WINDOWS\System32\ScDeviceEnum.dll 11:38:19.0280 0x1318 ScDeviceEnum - ok 11:38:19.0285 0x1318 [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter C:\WINDOWS\system32\DRIVERS\scfilter.sys 11:38:19.0302 0x1318 scfilter - ok 11:38:19.0331 0x1318 [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule C:\WINDOWS\system32\schedsvc.dll 11:38:19.0371 0x1318 Schedule - ok 11:38:19.0381 0x1318 [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc C:\WINDOWS\System32\certprop.dll 11:38:19.0396 0x1318 SCPolicySvc - ok 11:38:19.0407 0x1318 [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus C:\WINDOWS\System32\drivers\sdbus.sys 11:38:19.0429 0x1318 sdbus - ok 11:38:19.0436 0x1318 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\WINDOWS\System32\drivers\sdstor.sys 11:38:19.0473 0x1318 sdstor - ok 11:38:19.0519 0x1318 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\WINDOWS\system32\drivers\secdrv.sys 11:38:19.0532 0x1318 secdrv - ok 11:38:19.0540 0x1318 [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon C:\WINDOWS\system32\seclogon.dll 11:38:19.0558 0x1318 seclogon - ok 11:38:19.0566 0x1318 [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS C:\WINDOWS\System32\sens.dll 11:38:19.0586 0x1318 SENS - ok 11:38:19.0594 0x1318 [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc C:\WINDOWS\system32\sensrsvc.dll 11:38:19.0612 0x1318 SensrSvc - ok 11:38:19.0618 0x1318 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\WINDOWS\system32\drivers\SerCx.sys 11:38:19.0633 0x1318 SerCx - ok 11:38:19.0640 0x1318 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\WINDOWS\system32\drivers\SerCx2.sys 11:38:19.0656 0x1318 SerCx2 - ok 11:38:19.0661 0x1318 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\WINDOWS\System32\drivers\serenum.sys 11:38:19.0673 0x1318 Serenum - ok 11:38:19.0680 0x1318 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\WINDOWS\System32\drivers\serial.sys 11:38:19.0695 0x1318 Serial - ok 11:38:19.0700 0x1318 [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse C:\WINDOWS\System32\drivers\sermouse.sys 11:38:19.0713 0x1318 sermouse - ok 11:38:19.0728 0x1318 [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv C:\WINDOWS\system32\sessenv.dll 11:38:19.0749 0x1318 SessionEnv - ok 11:38:19.0755 0x1318 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\WINDOWS\System32\drivers\sfloppy.sys 11:38:19.0767 0x1318 sfloppy - ok 11:38:19.0780 0x1318 [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll 11:38:19.0805 0x1318 SharedAccess - ok 11:38:19.0824 0x1318 [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll 11:38:19.0858 0x1318 ShellHWDetection - ok 11:38:19.0864 0x1318 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\WINDOWS\system32\drivers\SiSRaid2.sys 11:38:19.0876 0x1318 SiSRaid2 - ok 11:38:19.0882 0x1318 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\WINDOWS\system32\drivers\sisraid4.sys 11:38:19.0895 0x1318 SiSRaid4 - ok 11:38:19.0900 0x1318 [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost C:\WINDOWS\System32\smphost.dll 11:38:19.0912 0x1318 smphost - ok 11:38:19.0924 0x1318 [ E3E56CAF0472163871B922FC7CBC9654, 1D7208519DB904E1B27F8D5214CA219BD52AB8C1AB64F22F8959DC4E8955AD37 ] snapman C:\WINDOWS\system32\DRIVERS\snapman.sys 11:38:19.0941 0x1318 snapman - ok 11:38:19.0946 0x1318 [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP C:\WINDOWS\System32\snmptrap.exe 11:38:19.0961 0x1318 SNMPTRAP - ok 11:38:19.0975 0x1318 [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport C:\WINDOWS\system32\drivers\spaceport.sys 11:38:19.0998 0x1318 spaceport - ok 11:38:20.0005 0x1318 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\WINDOWS\system32\drivers\SpbCx.sys 11:38:20.0019 0x1318 SpbCx - ok 11:38:20.0038 0x1318 [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler C:\WINDOWS\System32\spoolsv.exe 11:38:20.0071 0x1318 Spooler - ok 11:38:20.0198 0x1318 [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc C:\WINDOWS\system32\sppsvc.exe 11:38:20.0383 0x1318 sppsvc - ok 11:38:20.0405 0x1318 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\WINDOWS\system32\DRIVERS\srv.sys 11:38:20.0428 0x1318 srv - ok 11:38:20.0447 0x1318 [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2 C:\WINDOWS\system32\DRIVERS\srv2.sys 11:38:20.0476 0x1318 srv2 - ok 11:38:20.0488 0x1318 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\WINDOWS\system32\DRIVERS\srvnet.sys 11:38:20.0508 0x1318 srvnet - ok 11:38:20.0517 0x1318 [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll 11:38:20.0534 0x1318 SSDPSRV - ok 11:38:20.0542 0x1318 [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc C:\WINDOWS\system32\sstpsvc.dll 11:38:20.0562 0x1318 SstpSvc - ok 11:38:20.0583 0x1318 [ 1C4DA19038C500059BDF5BD529B43725, E6E88717648327ACAB346492581F0F595CA89DE68DCBBA9F5F560B0276A3CD19 ] Steam Client Service C:\Program Files (x86)\Common Files \Steam\SteamService.exe 11:38:20.0618 0x1318 Steam Client Service - ok 11:38:20.0625 0x1318 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\WINDOWS\system32\drivers\stexstor.sys 11:38:20.0638 0x1318 stexstor - ok 11:38:20.0655 0x1318 [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc C:\WINDOWS\System32\wiaservc.dll 11:38:20.0681 0x1318 stisvc - ok 11:38:20.0689 0x1318 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\WINDOWS\system32\drivers\storahci.sys 11:38:20.0699 0x1318 storahci - ok 11:38:20.0705 0x1318 [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt C:\WINDOWS\system32\DRIVERS\vmstorfl.sys 11:38:20.0719 0x1318 storflt - ok 11:38:20.0726 0x1318 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\WINDOWS\system32\drivers\stornvme.sys 11:38:20.0740 0x1318 stornvme - ok 11:38:20.0745 0x1318 [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc C:\WINDOWS\system32\storsvc.dll 11:38:20.0760 0x1318 StorSvc - ok 11:38:20.0765 0x1318 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\WINDOWS\system32\drivers\storvsc.sys 11:38:20.0781 0x1318 storvsc - ok 11:38:20.0787 0x1318 [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp C:\WINDOWS\System32\drivers\storvsp.sys 11:38:20.0801 0x1318 storvsp - ok 11:38:20.0807 0x1318 [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc C:\WINDOWS\system32\svsvc.dll 11:38:20.0825 0x1318 svsvc - ok 11:38:20.0830 0x1318 [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum C:\WINDOWS\System32\drivers\swenum.sys 11:38:20.0841 0x1318 swenum - ok 11:38:20.0860 0x1318 [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv C:\WINDOWS\System32\swprv.dll 11:38:20.0892 0x1318 swprv - ok 11:38:21.0042 0x1318 [ 0A6013B6C86F3A82243CF7D848FED243, A7842027AA74A92DC0B36F994ABF66AE5566503A66936884079278D082DC4287 ] syncagentsrv C:\Program Files (x86)\Common Files \Acronis\SyncAgent\syncagentsrv.exe 11:38:21.0211 0x1318 syncagentsrv - ok 11:38:21.0252 0x1318 [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain C:\WINDOWS\system32\sysmain.dll 11:38:21.0290 0x1318 SysMain - ok 11:38:21.0303 0x1318 [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS \System32\SystemEventsBrokerServer.dll 11:38:21.0324 0x1318 SystemEventsBroker - ok 11:38:21.0332 0x1318 [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll 11:38:21.0345 0x1318 TabletInputService - ok 11:38:21.0358 0x1318 [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll 11:38:21.0382 0x1318 TapiSrv - ok 11:38:21.0439 0x1318 [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] Tcpip C:\WINDOWS\system32\drivers\tcpip.sys 11:38:21.0523 0x1318 Tcpip - ok 11:38:21.0581 0x1318 [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] TCPIP6 C:\WINDOWS\system32\DRIVERS\tcpip.sys 11:38:21.0652 0x1318 TCPIP6 - ok 11:38:21.0664 0x1318 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\WINDOWS\system32\drivers\tcpipreg.sys 11:38:21.0679 0x1318 tcpipreg - ok 11:38:21.0718 0x1318 [ AC28A6FCA485821499FF018695CEDE16, 8BA6086EB1831FDEDB9E195EA7D5F2FE2B0944E4E0B0CDB41CD06971F7DAC805 ] tdrpman C:\WINDOWS\system32\DRIVERS\tdrpman.sys 11:38:21.0764 0x1318 tdrpman - ok 11:38:21.0774 0x1318 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\WINDOWS\system32\DRIVERS\tdx.sys 11:38:21.0791 0x1318 tdx - ok 11:38:21.0796 0x1318 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\WINDOWS\System32\drivers\terminpt.sys 11:38:21.0811 0x1318 terminpt - ok 11:38:21.0838 0x1318 [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService C:\WINDOWS\System32\termsrv.dll 11:38:21.0878 0x1318 TermService - ok 11:38:21.0885 0x1318 [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes C:\WINDOWS\system32\themeservice.dll 11:38:21.0908 0x1318 Themes - ok 11:38:21.0914 0x1318 [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER C:\WINDOWS\system32\mmcss.dll 11:38:21.0925 0x1318 THREADORDER - ok 11:38:21.0951 0x1318 [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib C:\WINDOWS\system32\DRIVERS\tib.sys 11:38:21.0988 0x1318 tib - ok 11:38:21.0999 0x1318 [ 8C750FE6DE38AF13506B99EC2F519F79, 232D18416E9DE3A676C625280CF172ED180B5AF98C69E5B24CC780D480549E35 ] tib_mounter C:\WINDOWS\system32\DRIVERS\tib_mounter.sys 11:38:22.0016 0x1318 tib_mounter - ok 11:38:22.0026 0x1318 [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker C:\WINDOWS\System32\TimeBrokerServer.dll 11:38:22.0052 0x1318 TimeBroker - ok 11:38:22.0061 0x1318 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\WINDOWS\system32\drivers\tpm.sys 11:38:22.0080 0x1318 TPM - ok 11:38:22.0087 0x1318 [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks C:\WINDOWS\System32\trkwks.dll 11:38:22.0104 0x1318 TrkWks - ok 11:38:22.0109 0x1318 [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe 11:38:22.0125 0x1318 TrustedInstaller - ok 11:38:22.0132 0x1318 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\WINDOWS\system32\drivers\tsusbflt.sys 11:38:22.0147 0x1318 TsUsbFlt - ok 11:38:22.0152 0x1318 [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD C:\WINDOWS\System32\drivers\TsUsbGD.sys 11:38:22.0165 0x1318 TsUsbGD - ok 11:38:22.0173 0x1318 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\WINDOWS\system32\DRIVERS\tunnel.sys 11:38:22.0194 0x1318 tunnel - ok 11:38:22.0200 0x1318 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\WINDOWS\system32\drivers\uagp35.sys 11:38:22.0215 0x1318 uagp35 - ok 11:38:22.0222 0x1318 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\WINDOWS\System32\drivers\uaspstor.sys 11:38:22.0238 0x1318 UASPStor - ok 11:38:22.0247 0x1318 [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000 C:\WINDOWS\System32\drivers\ucx01000.sys 11:38:22.0266 0x1318 UCX01000 - ok 11:38:22.0276 0x1318 [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs C:\WINDOWS\system32\DRIVERS\udfs.sys 11:38:22.0301 0x1318 udfs - ok 11:38:22.0333 0x1318 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\WINDOWS\System32\drivers\UEFI.sys 11:38:22.0360 0x1318 UEFI - ok 11:38:22.0369 0x1318 [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect C:\WINDOWS\system32\UI0Detect.exe 11:38:22.0387 0x1318 UI0Detect - ok 11:38:22.0392 0x1318 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\WINDOWS\system32\drivers\uliagpkx.sys 11:38:22.0406 0x1318 uliagpkx - ok 11:38:22.0411 0x1318 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\WINDOWS\System32\drivers\umbus.sys 11:38:22.0425 0x1318 umbus - ok 11:38:22.0430 0x1318 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\WINDOWS\System32\drivers\umpass.sys 11:38:22.0442 0x1318 UmPass - ok 11:38:22.0452 0x1318 [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService C:\WINDOWS\System32\umrdp.dll 11:38:22.0473 0x1318 UmRdpService - ok 11:38:22.0487 0x1318 [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost C:\WINDOWS\System32\upnphost.dll 11:38:22.0508 0x1318 upnphost - ok 11:38:22.0516 0x1318 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\WINDOWS\System32\drivers\usbccgp.sys 11:38:22.0535 0x1318 usbccgp - ok 11:38:22.0541 0x1318 [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir C:\WINDOWS\System32\drivers\usbcir.sys 11:38:22.0559 0x1318 usbcir - ok 11:38:22.0565 0x1318 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\WINDOWS\System32\drivers\usbehci.sys 11:38:22.0581 0x1318 usbehci - ok 11:38:22.0586 0x1318 [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter C:\WINDOWS\system32\DRIVERS\usbfilter.sys 11:38:22.0596 0x1318 usbfilter - ok 11:38:22.0610 0x1318 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\WINDOWS\System32\drivers\usbhub.sys 11:38:22.0639 0x1318 usbhub - ok 11:38:22.0655 0x1318 [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3 C:\WINDOWS\System32\drivers\UsbHub3.sys 11:38:22.0684 0x1318 USBHUB3 - ok 11:38:22.0691 0x1318 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\WINDOWS\System32\drivers\usbohci.sys 11:38:22.0703 0x1318 usbohci - ok 11:38:22.0708 0x1318 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\WINDOWS\System32\drivers\usbprint.sys 11:38:22.0721 0x1318 usbprint - ok 11:38:22.0730 0x1318 [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR C:\WINDOWS\System32\drivers\USBSTOR.SYS 11:38:22.0747 0x1318 USBSTOR - ok 11:38:22.0753 0x1318 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\WINDOWS\System32\drivers\usbuhci.sys 11:38:22.0765 0x1318 usbuhci - ok 11:38:22.0779 0x1318 [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI C:\WINDOWS\System32\drivers\USBXHCI.SYS 11:38:22.0800 0x1318 USBXHCI - ok 11:38:22.0805 0x1318 [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc C:\WINDOWS\system32\lsass.exe 11:38:22.0815 0x1318 VaultSvc - ok 11:38:22.0820 0x1318 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\WINDOWS\system32\drivers\vdrvroot.sys 11:38:22.0832 0x1318 vdrvroot - ok 11:38:22.0861 0x1318 [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds C:\WINDOWS\System32\vds.exe 11:38:22.0903 0x1318 vds - ok 11:38:22.0912 0x1318 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\WINDOWS\system32\drivers\VerifierExt.sys 11:38:22.0930 0x1318 VerifierExt - ok 11:38:22.0948 0x1318 [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp C:\WINDOWS\System32\drivers\vhdmp.sys 11:38:22.0980 0x1318 vhdmp - ok 11:38:22.0985 0x1318 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\WINDOWS\system32\drivers\viaide.sys 11:38:22.0998 0x1318 viaide - ok 11:38:23.0006 0x1318 [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid C:\WINDOWS\System32\drivers\Vid.sys 11:38:23.0025 0x1318 Vid - ok 11:38:23.0031 0x1318 [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus C:\WINDOWS\system32\drivers\vmbus.sys 11:38:23.0046 0x1318 vmbus - ok 11:38:23.0051 0x1318 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\WINDOWS\System32\drivers\VMBusHID.sys 11:38:23.0062 0x1318 VMBusHID - ok 11:38:23.0069 0x1318 [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr C:\WINDOWS\System32\drivers\vmbusr.sys 11:38:23.0085 0x1318 vmbusr - ok 11:38:23.0099 0x1318 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll 11:38:23.0125 0x1318 vmicguestinterface - ok 11:38:23.0138 0x1318 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat C:\WINDOWS\System32\ICSvc.dll 11:38:23.0158 0x1318 vmicheartbeat - ok 11:38:23.0171 0x1318 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll 11:38:23.0190 0x1318 vmickvpexchange - ok 11:38:23.0205 0x1318 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv C:\WINDOWS\System32\ICSvc.dll 11:38:23.0224 0x1318 vmicrdv - ok 11:38:23.0237 0x1318 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown C:\WINDOWS\System32\ICSvc.dll 11:38:23.0258 0x1318 vmicshutdown - ok 11:38:23.0271 0x1318 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync C:\WINDOWS\System32\ICSvc.dll 11:38:23.0291 0x1318 vmictimesync - ok 11:38:23.0305 0x1318 [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss C:\WINDOWS\System32\ICSvc.dll 11:38:23.0323 0x1318 vmicvss - ok 11:38:23.0330 0x1318 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\WINDOWS\system32\drivers\volmgr.sys 11:38:23.0344 0x1318 volmgr - ok 11:38:23.0356 0x1318 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\WINDOWS\system32\drivers\volmgrx.sys 11:38:23.0379 0x1318 volmgrx - ok 11:38:23.0392 0x1318 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\WINDOWS\system32\drivers\volsnap.sys 11:38:23.0415 0x1318 volsnap - ok 11:38:23.0420 0x1318 [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci C:\WINDOWS\System32\drivers\vpci.sys 11:38:23.0435 0x1318 vpci - ok 11:38:23.0440 0x1318 [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp C:\WINDOWS\System32\drivers\vpcivsp.sys 11:38:23.0454 0x1318 vpcivsp - ok 11:38:23.0461 0x1318 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\WINDOWS\system32\drivers\vsmraid.sys 11:38:23.0478 0x1318 vsmraid - ok 11:38:23.0508 0x1318 [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS C:\WINDOWS\system32\vssvc.exe 11:38:23.0554 0x1318 VSS - ok 11:38:23.0567 0x1318 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\WINDOWS\system32\drivers\vstxraid.sys 11:38:23.0590 0x1318 VSTXRAID - ok 11:38:23.0595 0x1318 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\WINDOWS\System32\drivers\vwifibus.sys 11:38:23.0608 0x1318 vwifibus - ok 11:38:23.0620 0x1318 [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time C:\WINDOWS\system32\w32time.dll 11:38:23.0640 0x1318 W32Time - ok 11:38:23.0646 0x1318 [ FDA15A0510F84FA46452B74529147A15, DAF92C2B733311B767895175E27B671C80DC028EEB477C28E0209C6467E072D1 ] WacHidRouter C:\WINDOWS\System32\drivers \wachidrouter.sys 11:38:23.0657 0x1318 WacHidRouter - ok 11:38:23.0661 0x1318 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\WINDOWS\System32\drivers\wacompen.sys 11:38:23.0674 0x1318 WacomPen - ok 11:38:23.0678 0x1318 [ EABFDBDC9BEDD325F260A3A9FEE5B3F9, 496AD989DA6F500140FCDB88C65CECD4F306D3FBDAACE1D42C5312C1E321B9D1 ] wacomrouterfilter C:\WINDOWS\System32\drivers \wacomrouterfilter.sys 11:38:23.0687 0x1318 wacomrouterfilter - ok 11:38:23.0720 0x1318 [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine C:\WINDOWS\system32\wbengine.exe 11:38:23.0768 0x1318 wbengine - ok 11:38:23.0784 0x1318 [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc C:\WINDOWS\System32\wbiosrvc.dll 11:38:23.0808 0x1318 WbioSrvc - ok 11:38:23.0819 0x1318 [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc C:\WINDOWS\System32\wcmsvc.dll 11:38:23.0842 0x1318 Wcmsvc - ok 11:38:23.0855 0x1318 [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc C:\WINDOWS\System32\wcncsvc.dll 11:38:23.0879 0x1318 wcncsvc - ok 11:38:23.0885 0x1318 [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll 11:38:23.0899 0x1318 WcsPlugInService - ok 11:38:23.0904 0x1318 [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot C:\WINDOWS\system32\drivers\WdBoot.sys 11:38:23.0917 0x1318 WdBoot - ok 11:38:23.0938 0x1318 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\WINDOWS\system32\drivers\Wdf01000.sys 11:38:23.0971 0x1318 Wdf01000 - ok 11:38:23.0981 0x1318 [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter C:\WINDOWS\system32\drivers\WdFilter.sys 11:38:24.0001 0x1318 WdFilter - ok 11:38:24.0007 0x1318 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost C:\WINDOWS\system32\wdi.dll 11:38:24.0023 0x1318 WdiServiceHost - ok 11:38:24.0028 0x1318 [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost C:\WINDOWS\system32\wdi.dll 11:38:24.0043 0x1318 WdiSystemHost - ok 11:38:24.0051 0x1318 [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv C:\WINDOWS\system32\Drivers\WdNisDrv.sys 11:38:24.0067 0x1318 WdNisDrv - ok 11:38:24.0070 0x1318 WdNisSvc - ok 11:38:24.0079 0x1318 [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient C:\WINDOWS\System32\webclnt.dll 11:38:24.0098 0x1318 WebClient - ok 11:38:24.0106 0x1318 [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc C:\WINDOWS\system32\wecsvc.dll 11:38:24.0127 0x1318 Wecsvc - ok 11:38:24.0132 0x1318 [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC C:\WINDOWS\system32\wephostsvc.dll 11:38:24.0174 0x1318 WEPHOSTSVC - ok 11:38:24.0179 0x1318 [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport C:\WINDOWS\System32\wercplsupport.dll 11:38:24.0193 0x1318 wercplsupport - ok 11:38:24.0199 0x1318 [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc C:\WINDOWS\System32\WerSvc.dll 11:38:24.0212 0x1318 WerSvc - ok 11:38:24.0219 0x1318 [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS C:\WINDOWS\system32\DRIVERS\wfplwfs.sys 11:38:24.0236 0x1318 WFPLWFS - ok 11:38:24.0242 0x1318 [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc C:\WINDOWS\System32\wiarpc.dll 11:38:24.0256 0x1318 WiaRpc - ok 11:38:24.0261 0x1318 [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount C:\WINDOWS\system32\drivers\wimmount.sys 11:38:24.0273 0x1318 WIMMount - ok 11:38:24.0276 0x1318 WinDefend - ok 11:38:24.0298 0x1318 [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll 11:38:24.0324 0x1318 WinHttpAutoProxySvc - ok 11:38:24.0335 0x1318 [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll 11:38:24.0350 0x1318 Winmgmt - ok 11:38:24.0403 0x1318 [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM C:\WINDOWS\system32\WsmSvc.dll 11:38:24.0532 0x1318 WinRM - ok 11:38:24.0565 0x1318 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\WINDOWS\system32\DRIVERS\WinUsb.sys 11:38:24.0581 0x1318 WinUsb - ok 11:38:24.0613 0x1318 [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc C:\WINDOWS\System32\wlansvc.dll 11:38:24.0661 0x1318 WlanSvc - ok 11:38:24.0697 0x1318 [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc C:\WINDOWS\system32\wlidsvc.dll 11:38:24.0742 0x1318 wlidsvc - ok 11:38:24.0749 0x1318 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\WINDOWS\System32\drivers\wmiacpi.sys 11:38:24.0760 0x1318 WmiAcpi - ok 11:38:24.0769 0x1318 [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv C:\WINDOWS\system32\wbem\WmiApSrv.exe 11:38:24.0787 0x1318 wmiApSrv - ok 11:38:24.0790 0x1318 WMPNetworkSvc - ok 11:38:24.0798 0x1318 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\WINDOWS\system32\drivers\Wof.sys 11:38:24.0815 0x1318 Wof - ok 11:38:24.0852 0x1318 [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc C:\WINDOWS\system32\workfolderssvc.dll 11:38:24.0903 0x1318 workfolderssvc - ok 11:38:24.0911 0x1318 [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr C:\WINDOWS\system32\DRIVERS\wpcfltr.sys 11:38:24.0925 0x1318 wpcfltr - ok 11:38:24.0930 0x1318 [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc C:\WINDOWS\System32\wpcsvc.dll 11:38:24.0944 0x1318 WPCSvc - ok 11:38:24.0950 0x1318 [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum C:\WINDOWS\system32\wpdbusenum.dll 11:38:24.0966 0x1318 WPDBusEnum - ok 11:38:24.0970 0x1318 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\WINDOWS\system32\drivers\WpdUpFltr.sys 11:38:24.0982 0x1318 WpdUpFltr - ok 11:38:24.0986 0x1318 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\WINDOWS\system32\drivers\ws2ifsl.sys 11:38:25.0001 0x1318 ws2ifsl - ok 11:38:25.0007 0x1318 [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc C:\WINDOWS\System32\wscsvc.dll 11:38:25.0024 0x1318 wscsvc - ok 11:38:25.0029 0x1318 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\WINDOWS\System32\drivers\WSDPrint.sys 11:38:25.0041 0x1318 WSDPrintDevice - ok 11:38:25.0045 0x1318 [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan C:\WINDOWS\System32\drivers\WSDScan.sys 11:38:25.0057 0x1318 WSDScan - ok 11:38:25.0061 0x1318 WSearch - ok 11:38:25.0130 0x1318 [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService C:\WINDOWS\System32\WSService.dll 11:38:25.0246 0x1318 WSService - ok 11:38:25.0267 0x1318 [ FF3F745A22B0C9C2EF1600762E8858A1, A63A66537A5316963825A963F2A9EC2BEB68027EB3A2EF28DC2C936FF194915A ] WTabletServiceCon C:\Program Files\Tablet\Pen \WTabletServiceCon.exe 11:38:25.0289 0x1318 WTabletServiceCon - ok 11:38:25.0355 0x1318 [ D24002EB2F4A8A04897703067E81CC5D, 03806198D26DD7BA3E27EFE0911B49E5B48CAD8A05EC4F56AF45CF1E3FAD6916 ] wuauserv C:\WINDOWS\system32\wuaueng.dll 11:38:25.0437 0x1318 wuauserv - ok 11:38:25.0450 0x1318 [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf C:\WINDOWS\system32\drivers\WudfPf.sys 11:38:25.0465 0x1318 WudfPf - ok 11:38:25.0473 0x1318 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd C:\WINDOWS\System32\drivers\WUDFRd.sys 11:38:25.0492 0x1318 WUDFRd - ok 11:38:25.0498 0x1318 [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc C:\WINDOWS\System32\WUDFSvc.dll 11:38:25.0514 0x1318 wudfsvc - ok 11:38:25.0522 0x1318 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 11:38:25.0535 0x1318 WUDFWpdFs - ok 11:38:25.0542 0x1318 [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp C:\WINDOWS\system32\DRIVERS\WUDFRd.sys 11:38:25.0554 0x1318 WUDFWpdMtp - ok 11:38:25.0568 0x1318 [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc C:\WINDOWS\System32\wwansvc.dll 11:38:25.0598 0x1318 WwanSvc - ok 11:38:25.0606 0x1318 [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21 C:\WINDOWS\System32\drivers\xusb21.sys 11:38:25.0618 0x1318 xusb21 - ok 11:38:25.0622 0x1318 ================ Scan global =============================== 11:38:25.0628 0x1318 [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll 11:38:25.0639 0x1318 [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll 11:38:25.0648 0x1318 [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll 11:38:25.0663 0x1318 [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe 11:38:25.0678 0x1318 [ Global ] - ok 11:38:25.0678 0x1318 ================ Scan MBR ================================== 11:38:25.0680 0x1318 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0 11:38:25.0740 0x1318 \Device\Harddisk0\DR0 - ok 11:38:25.0743 0x1318 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1 11:38:25.0818 0x1318 \Device\Harddisk1\DR1 - ok 11:38:25.0820 0x1318 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2 11:38:25.0883 0x1318 \Device\Harddisk2\DR2 - ok 11:38:25.0883 0x1318 ================ Scan VBR ================================== 11:38:25.0886 0x1318 [ DEE0E776DBB6F59F907ACED6A8E67663 ] \Device\Harddisk0\DR0\Partition1 11:38:25.0887 0x1318 \Device\Harddisk0\DR0\Partition1 - ok 11:38:25.0889 0x1318 [ 087BFFA3A4721D75DC43AC200046DDB2 ] \Device\Harddisk0\DR0\Partition2 11:38:25.0891 0x1318 \Device\Harddisk0\DR0\Partition2 - ok 11:38:25.0893 0x1318 [ 381688CB67F8B8BD3B549A221001CE20 ] \Device\Harddisk0\DR0\Partition3 11:38:25.0894 0x1318 \Device\Harddisk0\DR0\Partition3 - ok 11:38:25.0896 0x1318 [ A08EF720EFE3972576B6CE0F7CBBE509 ] \Device\Harddisk0\DR0\Partition4 11:38:25.0897 0x1318 \Device\Harddisk0\DR0\Partition4 - ok 11:38:25.0900 0x1318 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1 11:38:25.0900 0x1318 \Device\Harddisk1\DR1\Partition1 - ok 11:38:25.0903 0x1318 [ 7877D0273B7E0A40F2B191CC3B779DE6 ] \Device\Harddisk1\DR1\Partition2 11:38:25.0940 0x1318 \Device\Harddisk1\DR1\Partition2 - ok 11:38:25.0943 0x1318 [ 9525E1547D0947D09BBD26AA538844D2 ] \Device\Harddisk1\DR1\Partition3 11:38:25.0943 0x1318 \Device\Harddisk1\DR1\Partition3 - ok 11:38:25.0946 0x1318 [ C6D5AAA77E5957321E4F81DB944DB8B4 ] \Device\Harddisk2\DR2\Partition1 11:38:25.0947 0x1318 \Device\Harddisk2\DR2\Partition1 - ok 11:38:25.0948 0x1318 ================ Scan generic autorun ====================== 11:38:26.0227 0x1318 [ C2A0B14B6E6555CF9D53ECB142465697, 9611506ED174E82516CB1614BFE5730B0BDDE76D58574D0406C1FED873F6308D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe 11:38:26.0531 0x1318 RTHDVCPL - ok 11:38:26.0569 0x1318 [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\WINDOWS\WindowsMobile\wmdc.exe 11:38:26.0593 0x1318 Windows Mobile Device Center - ok 11:38:26.0766 0x1318 [ 1539331FFDB2D977BFF14F5737F5063E, 29C6CDEDA01D406BEE2B6E06CC42491A9EA89E45751D92DB4A2E9C017527B44A ] C:\Program Files\Logitech Gaming Software\LCore.exe 11:38:26.0937 0x1318 Launch LCore - ok 11:38:26.0962 0x1318 [ 5168320D7F4C50B0CA14E79406C1D6B7, D3F18EBBB34AB2B8562F1D39D0C15FA12B9B59341949AC2F7CF9436A3E536D71 ] C:\Program Files (x86)\Common Files\Acronis \Schedule2\schedhlp.exe 11:38:26.0985 0x1318 Acronis Scheduler2 Service - ok 11:38:27.0002 0x1318 [ C6352C29C56077749CEEDD08680D347D, DF520DA9E9F8D34004E497969FC4AB0D9F057EEE5D8A0BBB91C5EBC983011ABD ] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe 11:38:27.0028 0x1318 BambooCore - ok 11:38:27.0054 0x1318 [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM \1.0\AdobeARM.exe 11:38:27.0088 0x1318 Adobe ARM - ok 11:38:27.0133 0x1318 [ E2B81EEDF59A180CCFA1609B9CB2D523, 8AFF688DBB764353004EEE354F3AA4D515D8CFEC6A21A5121351EF510FA6589D ] C:\Program Files (x86)\Common Files\Juniper Networks\JamUI \Pulse.exe 11:38:27.0194 0x1318 JunosPulse - ok 11:38:27.0216 0x1318 [ DAA21DC0AA2E688370D356757892816D, 97EBF3B8A4B8544B6C1379A391AA4079F38EB4D507931249BC1427D961F58F8C ] D:\Avira\Avira\AntiVir Desktop\avgnt.exe 11:38:27.0237 0x1318 avgnt - ok 11:38:27.0254 0x1318 [ B793DDE01D181ED91F333BF10FE2FC50, F9BA0FD8EC0C0E9D7E5969BC9ED0D0322EDFC8E65B11F642A7118B41F5BF197F ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe 11:38:27.0275 0x1318 IJNetworkScannerSelectorEX - ok 11:38:27.0408 0x1318 [ 8512F9B1EBCDAC8E103773CFBF8CE431, 7566261C3AF8C9343564D5076299AE54D2938FD9C9BD69FE10EFF16471DD9945 ] D:\Acronis\TrueImageHome\TrueImageMonitor.exe 11:38:27.0555 0x1318 TrueImageMonitor.exe - ok 11:38:27.0590 0x1318 [ 3CEF82F01A4E5071D60CF45264FC50EB, 3E30C49E6B43EF901DBED56A18B88BE5741A8B9576587891BDED6C7174AC5859 ] C:\Program Files (x86)\Common Files\Acronis\TibMounter \TibMounterMonitor.exe 11:38:27.0628 0x1318 AcronisTibMounterMonitor - ok 11:38:27.0651 0x1318 [ 06BB3578BE06B0980AF9917EC94488EC, 4C66DC5C55E7AC80838D21AA04D194ACE62D70FF0D469FAB910FFE05B1C2A4E7 ] C:\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe 11:38:27.0680 0x1318 StartCCC - ok 11:38:27.0700 0x1318 [ 98FAFD82E4F0674D2D7BB3C8FD141D32, 4F44F6B17E40268B8EE0251E6D913157CA1E7CE4C9D9B434262E74F136453A10 ] d:\CS2.0\Adobe Version Cue CS2\ControlPanel \VersionCueCS2Tray.exe 11:38:27.0721 0x1318 Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 ) 11:38:30.0116 0x1318 Detect skipped due to KSN trusted 11:38:30.0116 0x1318 Adobe Version Cue CS2 - ok 11:38:30.0122 0x1318 [ 845EB283583BD3C89F09636A10114EF3, BCB3002B867052FB381B1E44D31E381200751E1AD3F991EB4233B73E3E034A0E ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe 11:38:30.0136 0x1318 Avira Systray - ok 11:38:30.0222 0x1318 [ 6625AF1A749E4BEDFBC020AADF614B01, 3637086569EF5729951556EF38F76FD3F9DFC672A138CDC56B4E0B5B226317E5 ] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe 11:38:30.0323 0x1318 Pando Media Booster - ok 11:38:30.0368 0x1318 [ E80434BDF3D84D479E937C3436C57B6A, E2C2856D7A869548577123021DFDD41E9996A0A4476860DB3814D3773DBEB146 ] F:\Steam\steam.exe 11:38:30.0422 0x1318 Steam - ok 11:38:30.0428 0x1318 icq - ok 11:38:30.0431 0x1318 Skype - ok 11:38:30.0432 0x1318 Waiting for KSN requests completion. In queue: 163 11:38:31.0433 0x1318 Waiting for KSN requests completion. In queue: 163 11:38:32.0433 0x1318 Waiting for KSN requests completion. In queue: 163 11:38:33.0467 0x1318 AV detected via SS2: Avira Desktop, D:\Avira\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated ) 11:38:33.0478 0x1318 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated ) 11:38:33.0486 0x1318 Win FW state via NFP2: enabled 11:38:35.0833 0x1318 ============================================================ 11:38:35.0833 0x1318 Scan finished 11:38:35.0833 0x1318 ============================================================ 11:38:35.0841 0x1810 Detected object count: 0 11:38:35.0841 0x1810 Actual detected object count: 0 Da das System möglichst bald wieder zur Verfügung stehen soll und ich aber fürs erste nur heute ausreichend Zeit habe mich darum zu kümmern, formatiere ich jetzt das System und installiere Windows neu. Trotzdem vielen Dank für die Hilfe, sollte noch Erkenntnisse über die Art und/oder Quelle der Infektion auftauchen würde ich mich freuen mehr zu erfahren, um das System in Zukunft besser abzusichern. Geändert von Brento (12.10.2014 um 15:32 Uhr) Grund: UPDATE |
13.10.2014, 13:08 | #4 |
/// the machine /// TB-Ausbilder | Windows 8.1 remote zugriff mit selbständiger Tastatureingabe alles klar.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
Themen zu Windows 8.1 remote zugriff mit selbständiger Tastatureingabe |
alternate, antivir, antivirus, association, avgntflt.sys, avira, branding, browser, canon, desktop, error, farbar, firefox, flash player, google, helper, kaspersky, langsam, launch, local\temp, mehrere, mozilla, plug-in, problem, realtek, registry, remote zugriff, rundll, scan, security, software, spielen, start menu, svchost.exe, system, tablet, tastatur, tastatur selbständig, vielen dank, virus, windows, windows 8.1 64bit, windows8.1, zertifikate |