| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Entfernen von DHL-TrojanerWindows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
12.03.2015, 22:04
| #16 |
| /// Winkelfunktion /// TB-Süch-Tiger™   |  Entfernen von DHL-Trojaner Log bitte posten!
__________________ Logfiles bitte immer in CODE-Tags posten  |
|
12.03.2015, 22:35
| #17 |
 | Entfernen von DHL-Trojaner Okay, zu lang ich muss aufteilen. Los gehts...
__________________Code:
ATTFilter 21:57:08.0259 0x1b14 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
21:57:16.0871 0x1b14 ============================================================
21:57:16.0871 0x1b14 Current date / time: 2015/03/12 21:57:16.0871
21:57:16.0871 0x1b14 SystemInfo:
21:57:16.0871 0x1b14
21:57:16.0871 0x1b14 OS Version: 6.1.7601 ServicePack: 1.0
21:57:16.0871 0x1b14 Product type: Workstation
21:57:16.0871 0x1b14 ComputerName: MARIE-HP
21:57:16.0871 0x1b14 UserName: Marie
21:57:16.0871 0x1b14 Windows directory: C:\windows
21:57:16.0871 0x1b14 System windows directory: C:\windows
21:57:16.0871 0x1b14 Running under WOW64
21:57:16.0871 0x1b14 Processor architecture: Intel x64
21:57:16.0871 0x1b14 Number of processors: 4
21:57:16.0871 0x1b14 Page size: 0x1000
21:57:16.0871 0x1b14 Boot type: Normal boot
21:57:16.0871 0x1b14 ============================================================
21:57:18.0286 0x1b14 KLMD registered as C:\windows\system32\drivers\55096766.sys
21:57:19.0180 0x1b14 System UUID: {C4BD1107-7323-6813-8990-15EB444988F8}
21:57:20.0581 0x1b14 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
21:57:20.0584 0x1b14 ============================================================
21:57:20.0584 0x1b14 \Device\Harddisk0\DR0:
21:57:20.0584 0x1b14 MBR partitions:
21:57:20.0584 0x1b14 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
21:57:20.0584 0x1b14 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x54695000
21:57:20.0584 0x1b14 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x5472B800, BlocksNum 0x2A19800
21:57:20.0584 0x1b14 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x57145000, BlocksNum 0x3FD800
21:57:20.0584 0x1b14 ============================================================
21:57:20.0620 0x1b14 C: <-> \Device\Harddisk0\DR0\Partition2
21:57:20.0762 0x1b14 E: <-> \Device\Harddisk0\DR0\Partition4
21:57:20.0802 0x1b14 G: <-> \Device\Harddisk0\DR0\Partition3
21:57:20.0826 0x1b14 ============================================================
21:57:20.0826 0x1b14 Initialize success
21:57:20.0826 0x1b14 ============================================================
21:57:23.0953 0x0964 ============================================================
21:57:23.0953 0x0964 Scan started
21:57:23.0953 0x0964 Mode: Manual;
21:57:23.0953 0x0964 ============================================================
21:57:23.0953 0x0964 KSN ping started
21:57:26.0721 0x0964 KSN ping finished: true
21:57:30.0587 0x0964 ================ Scan system memory ========================
21:57:30.0587 0x0964 System memory - ok
21:57:30.0588 0x0964 ================ Scan services =============================
21:57:31.0389 0x0964 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:57:31.0407 0x0964 1394ohci - ok
21:57:31.0459 0x0964 [ 955EB2514DBEB55D755D8CC4B32A6B55, 3A4E63EA9E14C62B4B29CF9CC3CAB64F9CE92DBE2DF04940F47240387E85A81E ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
21:57:31.0461 0x0964 Accelerometer - ok
21:57:31.0587 0x0964 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
21:57:31.0613 0x0964 ACDaemon - ok
21:57:31.0674 0x0964 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:57:31.0694 0x0964 ACPI - ok
21:57:31.0720 0x0964 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:57:31.0722 0x0964 AcpiPmi - ok
21:57:32.0079 0x0964 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:57:32.0096 0x0964 AdobeFlashPlayerUpdateSvc - ok
21:57:32.0142 0x0964 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
21:57:32.0160 0x0964 adp94xx - ok
21:57:32.0194 0x0964 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
21:57:32.0202 0x0964 adpahci - ok
21:57:32.0242 0x0964 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
21:57:32.0247 0x0964 adpu320 - ok
21:57:32.0276 0x0964 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:57:32.0278 0x0964 AeLookupSvc - ok
21:57:32.0334 0x0964 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\windows\syswow64\drivers\Afc.sys
21:57:32.0348 0x0964 Afc - ok
21:57:32.0434 0x0964 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
21:57:32.0450 0x0964 AFD - ok
21:57:32.0485 0x0964 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
21:57:32.0499 0x0964 agp440 - ok
21:57:32.0532 0x0964 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
21:57:32.0535 0x0964 ALG - ok
21:57:32.0573 0x0964 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
21:57:32.0575 0x0964 aliide - ok
21:57:32.0602 0x0964 [ FD643267EF0F11B31F337CE5435F27FA, 45CA709967657354397E4151FADB6D9FDDD49EAC8B94BAADC0FEF7EBE939996E ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
21:57:32.0629 0x0964 AMD External Events Utility - ok
21:57:32.0646 0x0964 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
21:57:32.0658 0x0964 amdide - ok
21:57:32.0687 0x0964 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
21:57:32.0689 0x0964 AmdK8 - ok
21:57:33.0850 0x0964 [ F401C6B2CD4BA25797CDC678AD6A9305, 170D8CFC412649C544E3ACB4213772F0B64549CADBB23CEE2A4F6E43A555B734 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
21:57:34.0174 0x0964 amdkmdag - ok
21:57:34.0234 0x0964 [ 26F537ABC367D8A89DF02FB149E517A5, 068E1C3320AF3D57DC3AA99A86849C5664C93F2952013C6EB98F4DE261630DB3 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
21:57:34.0241 0x0964 amdkmdap - ok
21:57:34.0265 0x0964 [ FFCB1F4FEAC8AB77887031F8AD0D7C06, 59C95E0B6560A0A5B90090152814A996CBDE11DD461328BDB3ECD4F8D6BFA8E5 ] amdkmpfd C:\windows\system32\DRIVERS\amdkmpfd.sys
21:57:34.0266 0x0964 amdkmpfd - ok
21:57:34.0297 0x0964 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
21:57:34.0302 0x0964 AmdPPM - ok
21:57:34.0333 0x0964 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
21:57:34.0339 0x0964 amdsata - ok
21:57:34.0360 0x0964 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
21:57:34.0369 0x0964 amdsbs - ok
21:57:34.0386 0x0964 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
21:57:34.0388 0x0964 amdxata - ok
21:57:34.0498 0x0964 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:57:34.0528 0x0964 AntiVirSchedulerService - ok
21:57:34.0602 0x0964 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:57:34.0617 0x0964 AntiVirService - ok
21:57:34.0662 0x0964 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\windows\system32\drivers\appid.sys
21:57:34.0665 0x0964 AppID - ok
21:57:34.0684 0x0964 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:57:34.0686 0x0964 AppIDSvc - ok
21:57:34.0727 0x0964 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
21:57:34.0730 0x0964 Appinfo - ok
21:57:34.0801 0x0964 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
21:57:34.0816 0x0964 arc - ok
21:57:34.0835 0x0964 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
21:57:34.0842 0x0964 arcsas - ok
21:57:34.0880 0x0964 [ DA63270378BAA19446F6DA23FEEB75D6, 1D1CD8B6950E2824BFDBE46DDF03AA94866AEDFB613FE15D1DD9AD707B0112E2 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
21:57:34.0882 0x0964 ARCVCAM - ok
21:57:35.0087 0x0964 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:57:35.0101 0x0964 aspnet_state - ok
21:57:35.0131 0x0964 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:57:35.0135 0x0964 AsyncMac - ok
21:57:35.0177 0x0964 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
21:57:35.0180 0x0964 atapi - ok
21:57:35.0225 0x0964 [ 65DD42A358451920A703EEEC1AB4995B, 7690EFB12E928ECF3D3D3155F7D1F7A8FEEE742212ABE5319166EA8DB5601884 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
21:57:35.0248 0x0964 AthBTPort - ok
21:57:35.0316 0x0964 [ 18BDDA150B814F6EC8477499470F76CE, FD78EFC593288FE4F41ADBEBFF0DAB00C0DF0D3802BBD7B41DCCBFF8C5BF5525 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
21:57:35.0327 0x0964 AtherosSvc - ok
21:57:35.0510 0x0964 [ 7D1F8D9F85029F6F581AADBFFA97F2DE, B905A3F7396A50749B7ADA5D81A490EA4E37DA3CA9CD75CBCF830D0B228BFB69 ] athr C:\windows\system32\DRIVERS\athrx.sys
21:57:35.0666 0x0964 athr - ok
21:57:35.0902 0x0964 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:57:35.0943 0x0964 AudioEndpointBuilder - ok
21:57:35.0962 0x0964 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
21:57:35.0973 0x0964 AudioSrv - ok
21:57:36.0030 0x0964 [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
21:57:36.0037 0x0964 avgntflt - ok
21:57:36.0102 0x0964 [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
21:57:36.0109 0x0964 avipbb - ok
21:57:36.0225 0x0964 [ ABDAEBEB09E98D13D765A0C57F3FAF88, F9E5F9A13E983BEAF32FA53736FB188280AAA44740696DFB95B8C10E8FEA466D ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
21:57:36.0232 0x0964 Avira.OE.ServiceHost - ok
21:57:36.0257 0x0964 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
21:57:36.0259 0x0964 avkmgr - ok
21:57:36.0289 0x0964 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
21:57:36.0295 0x0964 AxInstSV - ok
21:57:36.0350 0x0964 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
21:57:36.0369 0x0964 b06bdrv - ok
21:57:36.0393 0x0964 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:57:36.0410 0x0964 b57nd60a - ok
21:57:36.0446 0x0964 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
21:57:36.0449 0x0964 BDESVC - ok
21:57:36.0476 0x0964 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
21:57:36.0478 0x0964 Beep - ok
21:57:36.0546 0x0964 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
21:57:36.0588 0x0964 BFE - ok
21:57:36.0635 0x0964 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\system32\qmgr.dll
21:57:36.0676 0x0964 BITS - ok
Code:
ATTFilter 21:57:36.0740 0x0964 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
21:57:36.0750 0x0964 blbdrive - ok
21:57:36.0762 0x0964 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:57:36.0765 0x0964 bowser - ok
21:57:36.0789 0x0964 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
21:57:36.0790 0x0964 BrFiltLo - ok
21:57:36.0799 0x0964 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
21:57:36.0800 0x0964 BrFiltUp - ok
21:57:36.0847 0x0964 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
21:57:36.0850 0x0964 BridgeMP - ok
21:57:36.0890 0x0964 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
21:57:36.0894 0x0964 Browser - ok
21:57:36.0910 0x0964 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:57:36.0916 0x0964 Brserid - ok
21:57:36.0933 0x0964 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:57:36.0935 0x0964 BrSerWdm - ok
21:57:36.0955 0x0964 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:57:36.0956 0x0964 BrUsbMdm - ok
21:57:36.0966 0x0964 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:57:36.0967 0x0964 BrUsbSer - ok
21:57:37.0007 0x0964 [ 84CB2D06BBAD7ADBE28483D38E0388BC, C7D94BA6053DE4719E396AB22300E923297C84D10ECADE1591DC21B3EB1B1716 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
21:57:37.0015 0x0964 BTATH_A2DP - ok
21:57:37.0029 0x0964 [ 13076306110021CC96B2C49B359BE2C5, B7410A036579FC67A1196D40FCC83F823A77D133D32A33D7FD9A020E4C5263A0 ] btath_avdt C:\windows\system32\drivers\btath_avdt.sys
21:57:37.0032 0x0964 btath_avdt - ok
21:57:37.0066 0x0964 [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS C:\windows\system32\DRIVERS\btath_bus.sys
21:57:37.0067 0x0964 BTATH_BUS - ok
21:57:37.0097 0x0964 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\windows\system32\DRIVERS\btath_hcrp.sys
21:57:37.0101 0x0964 BTATH_HCRP - ok
21:57:37.0120 0x0964 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
21:57:37.0122 0x0964 BTATH_LWFLT - ok
21:57:37.0140 0x0964 [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP C:\windows\system32\DRIVERS\btath_rcp.sys
21:57:37.0143 0x0964 BTATH_RCP - ok
21:57:37.0225 0x0964 [ CFB35D65B55E510E1A94DB6BEC0EA328, 58BA9512A625D9C4ABEE181E4886EAD065DD47AC81357DC1B603F6B52D952819 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
21:57:37.0248 0x0964 BtFilter - ok
21:57:37.0289 0x0964 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
21:57:37.0290 0x0964 BthEnum - ok
21:57:37.0312 0x0964 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
21:57:37.0315 0x0964 BTHMODEM - ok
21:57:37.0341 0x0964 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
21:57:37.0343 0x0964 BthPan - ok
21:57:37.0391 0x0964 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
21:57:37.0404 0x0964 BTHPORT - ok
21:57:37.0439 0x0964 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
21:57:37.0442 0x0964 bthserv - ok
21:57:37.0460 0x0964 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
21:57:37.0462 0x0964 BTHUSB - ok
21:57:37.0493 0x0964 catchme - ok
21:57:37.0509 0x0964 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
21:57:37.0512 0x0964 cdfs - ok
21:57:37.0557 0x0964 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
21:57:37.0562 0x0964 cdrom - ok
21:57:37.0594 0x0964 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
21:57:37.0597 0x0964 CertPropSvc - ok
21:57:37.0621 0x0964 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
21:57:37.0624 0x0964 circlass - ok
21:57:37.0662 0x0964 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
21:57:37.0672 0x0964 CLFS - ok
21:57:37.0806 0x0964 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
21:57:37.0962 0x0964 clr_optimization_v2.0.50727_32 - ok
21:57:38.0039 0x0964 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
21:57:38.0106 0x0964 clr_optimization_v2.0.50727_64 - ok
21:57:38.0197 0x0964 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
21:57:38.0399 0x0964 clr_optimization_v4.0.30319_32 - ok
21:57:38.0436 0x0964 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
21:57:38.0548 0x0964 clr_optimization_v4.0.30319_64 - ok
21:57:38.0582 0x0964 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\drivers\CmBatt.sys
21:57:38.0585 0x0964 CmBatt - ok
21:57:38.0614 0x0964 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
21:57:38.0618 0x0964 cmdide - ok
21:57:38.0683 0x0964 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\windows\system32\Drivers\cng.sys
21:57:38.0711 0x0964 CNG - ok
21:57:38.0735 0x0964 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys
21:57:38.0738 0x0964 Compbatt - ok
21:57:38.0765 0x0964 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
21:57:38.0768 0x0964 CompositeBus - ok
21:57:38.0784 0x0964 COMSysApp - ok
21:57:39.0281 0x0964 [ AC0A3766C1E6DF7FA3960A04FF4526B6, 3C85631D0E56123E400847206B6FDBD40D3EA253B595512C6493CFD8530B3BD1 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
21:57:39.0301 0x0964 cphs - ok
21:57:39.0338 0x0964 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
21:57:39.0340 0x0964 crcdisk - ok
21:57:39.0387 0x0964 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\windows\system32\cryptsvc.dll
21:57:39.0391 0x0964 CryptSvc - ok
21:57:39.0426 0x0964 [ D3FAC3926974F22F91E4C9E053DAD07F, 3FC6BA1ADAD70E914A32B2D0EA14D9EE125863F0375BC55B675C474786A90726 ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
21:57:39.0428 0x0964 DAMDrv - ok
21:57:39.0475 0x0964 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
21:57:39.0486 0x0964 DcomLaunch - ok
21:57:39.0515 0x0964 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
21:57:39.0522 0x0964 defragsvc - ok
21:57:39.0557 0x0964 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
21:57:39.0560 0x0964 DfsC - ok
21:57:39.0609 0x0964 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
21:57:39.0617 0x0964 Dhcp - ok
21:57:39.0640 0x0964 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
21:57:39.0641 0x0964 discache - ok
21:57:39.0703 0x0964 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
21:57:39.0717 0x0964 Disk - ok
21:57:39.0749 0x0964 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
21:57:39.0761 0x0964 Dnscache - ok
21:57:39.0806 0x0964 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
21:57:39.0823 0x0964 dot3svc - ok
21:57:39.0992 0x0964 [ 47BA566049A337A81ACBFA566EF9E795, 2066E6A0BF5B012F82FE74D21BD712C428BF33175F5E08AAD17B1A6DF53262BF ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
21:57:40.0039 0x0964 DpHost - ok
21:57:40.0076 0x0964 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
21:57:40.0085 0x0964 DPS - ok
21:57:40.0124 0x0964 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
21:57:40.0127 0x0964 drmkaud - ok
21:57:40.0222 0x0964 [ F59E2FE2687A5C30598F9099F318EB73, 80A0B1CC758BD3C4AEAB8E5804120D8A145F918B527F41DEF02A0E4EBE170F37 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
21:57:40.0284 0x0964 DXGKrnl - ok
21:57:40.0326 0x0964 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
21:57:40.0331 0x0964 EapHost - ok
21:57:40.0567 0x0964 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
21:57:40.0693 0x0964 ebdrv - ok
21:57:40.0746 0x0964 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS C:\windows\System32\lsass.exe
21:57:40.0748 0x0964 EFS - ok
21:57:40.0834 0x0964 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
21:57:40.0899 0x0964 ehRecvr - ok
21:57:40.0950 0x0964 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
21:57:40.0965 0x0964 ehSched - ok
21:57:41.0038 0x0964 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
21:57:41.0058 0x0964 elxstor - ok
21:57:41.0071 0x0964 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
21:57:41.0073 0x0964 ErrDev - ok
21:57:41.0138 0x0964 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
21:57:41.0159 0x0964 EventSystem - ok
21:57:41.0181 0x0964 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
21:57:41.0188 0x0964 exfat - ok
21:57:41.0212 0x0964 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
21:57:41.0219 0x0964 fastfat - ok
21:57:41.0294 0x0964 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
21:57:41.0331 0x0964 Fax - ok
21:57:41.0354 0x0964 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
21:57:41.0355 0x0964 fdc - ok
21:57:41.0389 0x0964 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
21:57:41.0392 0x0964 fdPHost - ok
21:57:41.0407 0x0964 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
21:57:41.0409 0x0964 FDResPub - ok
21:57:41.0426 0x0964 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
21:57:41.0430 0x0964 FileInfo - ok
21:57:41.0434 0x0964 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
21:57:41.0436 0x0964 Filetrace - ok
21:57:41.0488 0x0964 [ 84E05C54DE5EECC3C6A549A2863D0FBE, E5BA5E3BEF76EC129A956A3C9F6EC0592440128D424CAF79A9A933E91A141D05 ] FLCDLOCK c:\windows\SysWOW64\flcdlock.exe
21:57:41.0505 0x0964 FLCDLOCK - ok
21:57:41.0529 0x0964 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
21:57:41.0530 0x0964 flpydisk - ok
21:57:41.0554 0x0964 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
21:57:41.0559 0x0964 FltMgr - ok
21:57:41.0633 0x0964 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll
21:57:41.0661 0x0964 FontCache - ok
21:57:41.0707 0x0964 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
21:57:41.0710 0x0964 FontCache3.0.0.0 - ok
21:57:41.0728 0x0964 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
21:57:41.0732 0x0964 FsDepends - ok
21:57:41.0766 0x0964 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
21:57:41.0768 0x0964 Fs_Rec - ok
21:57:41.0813 0x0964 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
21:57:41.0826 0x0964 fvevol - ok
21:57:41.0865 0x0964 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
21:57:41.0870 0x0964 gagp30kx - ok
21:57:41.0936 0x0964 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
21:57:41.0972 0x0964 gpsvc - ok
21:57:42.0010 0x0964 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
21:57:42.0024 0x0964 hcw85cir - ok
21:57:42.0072 0x0964 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
21:57:42.0091 0x0964 HdAudAddService - ok
21:57:42.0120 0x0964 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
21:57:42.0125 0x0964 HDAudBus - ok
21:57:42.0147 0x0964 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
21:57:42.0149 0x0964 HidBatt - ok
21:57:42.0166 0x0964 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
21:57:42.0170 0x0964 HidBth - ok
21:57:42.0197 0x0964 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
21:57:42.0200 0x0964 HidIr - ok
21:57:42.0220 0x0964 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\System32\hidserv.dll
21:57:42.0223 0x0964 hidserv - ok
21:57:42.0259 0x0964 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\drivers\hidusb.sys
21:57:42.0261 0x0964 HidUsb - ok
21:57:42.0299 0x0964 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
21:57:42.0304 0x0964 hkmsvc - ok
21:57:42.0328 0x0964 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
21:57:42.0337 0x0964 HomeGroupListener - ok
21:57:42.0390 0x0964 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
21:57:42.0405 0x0964 HomeGroupProvider - ok
21:57:42.0482 0x0964 [ 44AD1D87919994161131D5FB16C5B551, 2548C2421D1D974C5AB7F02CE69E55365DDEDDC535701C38386A9AC7162E03D4 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
21:57:42.0494 0x0964 HP Power Assistant Service - ok
21:57:42.0561 0x0964 [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
21:57:42.0576 0x0964 HP Support Assistant Service - ok
21:57:42.0735 0x0964 [ 4F31EC91C327008968188AEE47B9D934, 39F24EEA63668FF65CD84BBF7F7E404E88D92B3848E6A132DC4334DF360972BF ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
21:57:42.0796 0x0964 hpCMSrv - ok
21:57:42.0821 0x0964 [ 6D12992650D5538D97E7C3751261ACB2, FA403038C25E09D41A6CF1791BACCF4C5CE0576C1037BF1EBD7D1A1E18306D0F ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
21:57:42.0834 0x0964 hpdskflt - ok
21:57:42.0940 0x0964 [ F8951E83F125D6765E815444AA303035, 2BB0C974D4A8A718DED8A7F90992E77C937F6174BD29453A9014F87C031B2AD1 ] HPFSService c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
21:57:42.0955 0x0964 HPFSService - ok
21:57:43.0089 0x0964 [ B27BA47319DE0DFF9CB75013006C389B, AFBE38731342F0CD20E4BF56D970B6755DE50E911DD42A7C001630ED22908006 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
21:57:43.0109 0x0964 hpHotkeyMonitor - ok
21:57:43.0142 0x0964 [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
21:57:43.0143 0x0964 HpqKbFiltr - ok
21:57:43.0284 0x0964 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
21:57:43.0341 0x0964 hpqwmiex - ok
21:57:43.0369 0x0964 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
21:57:43.0372 0x0964 HpSAMD - ok
21:57:43.0394 0x0964 [ CA5BAD272333EA803A03C1FBB076B894, 87C448826E5240C974DCAA99675C10B2BA98F73994CC0E93C301B5D9BE9244D7 ] hpsrv C:\windows\system32\Hpservice.exe
21:57:43.0396 0x0964 hpsrv - ok
21:57:43.0448 0x0964 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys
21:57:43.0476 0x0964 HTTP - ok
21:57:43.0498 0x0964 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
21:57:43.0499 0x0964 hwpolicy - ok
21:57:43.0534 0x0964 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
21:57:43.0537 0x0964 i8042prt - ok
21:57:43.0562 0x0964 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\windows\system32\drivers\iaStor.sys
21:57:43.0571 0x0964 iaStor - ok
21:57:43.0636 0x0964 [ 7DEC78C80C628E9D36883C06C3C07E3C, 79B37C7B2EEC6D4C8E99018A7B0280EC93F99E64FEFC2AF7A5D29236B008C887 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
21:57:43.0649 0x0964 IAStorDataMgrSvc - ok
21:57:43.0729 0x0964 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
21:57:43.0754 0x0964 iaStorV - ok
21:57:43.0827 0x0964 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
21:57:43.0921 0x0964 idsvc - ok
21:57:43.0979 0x0964 IEEtwCollectorService - ok
21:57:44.0859 0x0964 [ 3FB253E8059A1AAC3A8B83A31D094CC5, 4D4988BF7D81FB6D75CDB65E1E42AC72DA76D3F84712AA1A27428A6490E342D0 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
21:57:45.0293 0x0964 igfx - ok
21:57:45.0331 0x0964 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
21:57:45.0333 0x0964 iirsp - ok
21:57:45.0375 0x0964 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
21:57:45.0394 0x0964 IKEEXT - ok
21:57:45.0440 0x0964 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
21:57:45.0447 0x0964 IntcDAud - ok
21:57:45.0524 0x0964 [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
21:57:45.0540 0x0964 Intel(R) Capability Licensing Service Interface - ok
21:57:45.0619 0x0964 [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
21:57:45.0692 0x0964 Intel(R) Capability Licensing Service TCP IP Interface - ok
21:57:45.0764 0x0964 [ A99A2E9242524DBB4A92A5175B6382DB, BFBB7CB66E6518A0777578316A84147E7227A7ECDF3FA2D097888E4CFA56F41A ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
21:57:45.0779 0x0964 Intel(R) ME Service - ok
21:57:45.0841 0x0964 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
21:57:45.0864 0x0964 intelide - ok
Code:
ATTFilter 21:57:46.0574 0x0964 [ 3FB253E8059A1AAC3A8B83A31D094CC5, 4D4988BF7D81FB6D75CDB65E1E42AC72DA76D3F84712AA1A27428A6490E342D0 ] intelkmd C:\windows\system32\DRIVERS\igdpmd64.sys
21:57:46.0997 0x0964 intelkmd - ok
21:57:47.0042 0x0964 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
21:57:47.0044 0x0964 intelppm - ok
21:57:47.0086 0x0964 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
21:57:47.0090 0x0964 IPBusEnum - ok
21:57:47.0110 0x0964 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
21:57:47.0112 0x0964 IpFilterDriver - ok
21:57:47.0153 0x0964 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
21:57:47.0167 0x0964 iphlpsvc - ok
21:57:47.0187 0x0964 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
21:57:47.0207 0x0964 IPMIDRV - ok
21:57:47.0224 0x0964 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
21:57:47.0227 0x0964 IPNAT - ok
21:57:47.0253 0x0964 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
21:57:47.0254 0x0964 IRENUM - ok
21:57:47.0267 0x0964 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
21:57:47.0269 0x0964 isapnp - ok
21:57:47.0297 0x0964 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
21:57:47.0303 0x0964 iScsiPrt - ok
21:57:47.0324 0x0964 [ C8A3C909F0EFF13CAE0C17503B1F5DB2, 48B83C625AD4FFF4B8D92C70FEFDE70354C18193A8DDFE6D716776228FF691D5 ] iusb3hcs C:\windows\system32\DRIVERS\iusb3hcs.sys
21:57:47.0326 0x0964 iusb3hcs - ok
21:57:47.0371 0x0964 [ BB47E889BA2ADB7D1A438F9824F5899B, CE074B540154501C2B77A11BD27996D652BA3C81B7CBD2E8DF2E57B3DF770517 ] iusb3hub C:\windows\system32\DRIVERS\iusb3hub.sys
21:57:47.0395 0x0964 iusb3hub - ok
21:57:47.0467 0x0964 [ 7971B368F36042A0EC31FEA15945187B, E5EDD32316549644708DFD84ECC899C12C5095A16A607ACE0E23A9F49DCCC0BC ] iusb3xhc C:\windows\system32\DRIVERS\iusb3xhc.sys
21:57:47.0489 0x0964 iusb3xhc - ok
21:57:47.0523 0x0964 [ 1EDBBA43C0CDCE4EE210C9BA848C38CA, 9702A5731BE5A314D4B5EBB1A6C43144E380A39325457967144D54A36944C5DE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
21:57:47.0544 0x0964 jhi_service - ok
21:57:47.0603 0x0964 [ 7DABE2B788FF1EB32E38838EC189361E, F891810BFEEA5A94558EA3D22AEE42E3C4D761BB7F7A8C53100F6FF7C65C74AD ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
21:57:47.0614 0x0964 JMCR - ok
21:57:47.0647 0x0964 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
21:57:47.0651 0x0964 kbdclass - ok
21:57:47.0683 0x0964 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
21:57:47.0686 0x0964 kbdhid - ok
21:57:47.0724 0x0964 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso C:\windows\system32\lsass.exe
21:57:47.0727 0x0964 KeyIso - ok
21:57:47.0749 0x0964 [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
21:57:47.0754 0x0964 KSecDD - ok
21:57:47.0776 0x0964 [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
21:57:47.0783 0x0964 KSecPkg - ok
21:57:47.0815 0x0964 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
21:57:47.0817 0x0964 ksthunk - ok
21:57:47.0860 0x0964 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
21:57:47.0878 0x0964 KtmRm - ok
21:57:47.0922 0x0964 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\System32\srvsvc.dll
21:57:47.0936 0x0964 LanmanServer - ok
21:57:47.0973 0x0964 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
21:57:47.0978 0x0964 LanmanWorkstation - ok
21:57:48.0006 0x0964 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
21:57:48.0009 0x0964 lltdio - ok
21:57:48.0037 0x0964 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
21:57:48.0046 0x0964 lltdsvc - ok
21:57:48.0070 0x0964 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
21:57:48.0072 0x0964 lmhosts - ok
21:57:48.0147 0x0964 [ 8B0D2FE92B090C59133EE321BAD58D99, 14B430C7D0F962268238C61353F3D0FBFE677DBC75D97A14969957B61C237C02 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
21:57:48.0163 0x0964 LMS - ok
21:57:48.0184 0x0964 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
21:57:48.0188 0x0964 LSI_FC - ok
21:57:48.0203 0x0964 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
21:57:48.0207 0x0964 LSI_SAS - ok
21:57:48.0237 0x0964 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
21:57:48.0240 0x0964 LSI_SAS2 - ok
21:57:48.0262 0x0964 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
21:57:48.0267 0x0964 LSI_SCSI - ok
21:57:48.0283 0x0964 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
21:57:48.0288 0x0964 luafv - ok
21:57:48.0453 0x0964 [ 4AC90155CD1E2D1FA3B4A15E6145E2B2, 964D25B869A8B5B9793B4B9EB773D048C7345471C628E03D846DA169B2C072D0 ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
21:57:48.0508 0x0964 McAfee Endpoint Encryption Agent - ok
21:57:48.0558 0x0964 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
21:57:48.0568 0x0964 Mcx2Svc - ok
21:57:48.0598 0x0964 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
21:57:48.0600 0x0964 megasas - ok
21:57:48.0627 0x0964 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
21:57:48.0638 0x0964 MegaSR - ok
21:57:48.0668 0x0964 [ D71FD7A4FDB01C554AE144037B688DF1, 74D33303DA559A3A2EB809FC0EC3722D24F7F1A37BC7370680CFEB951BE735AF ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
21:57:48.0672 0x0964 MEIx64 - ok
21:57:48.0701 0x0964 [ BD7328887DB3030F53BC4F6F5DA00F64, AA7309A0EE9B9E48B5C25F28ED35B94FFC175E33F7D441A614781AF627632C08 ] MfeEpeOpal C:\windows\system32\drivers\MfeEpeOpal.sys
21:57:48.0706 0x0964 MfeEpeOpal - ok
21:57:48.0723 0x0964 [ 6D9576338F874C6400995598A25A677A, D8E72893200464DDE4C9E22C9C7EBC4534564D30826846755F140C3AB7AFA9CF ] MfeEpePc C:\windows\system32\drivers\MfeEpePc.sys
21:57:48.0730 0x0964 MfeEpePc - ok
21:57:48.0758 0x0964 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
21:57:48.0760 0x0964 MMCSS - ok
21:57:48.0777 0x0964 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
21:57:48.0779 0x0964 Modem - ok
21:57:48.0806 0x0964 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
21:57:48.0807 0x0964 monitor - ok
21:57:48.0836 0x0964 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
21:57:48.0841 0x0964 mouclass - ok
21:57:48.0869 0x0964 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
21:57:48.0872 0x0964 mouhid - ok
21:57:48.0915 0x0964 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\windows\system32\drivers\mountmgr.sys
21:57:48.0920 0x0964 mountmgr - ok
21:57:48.0975 0x0964 [ 5C5E45DDABEFBC9F564F1D5C83258B8F, E035A76BB12E120ADDE782CC7D781FBB60FFB7E324F3E0ED61BF15DC4703A8DB ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
21:57:48.0985 0x0964 MozillaMaintenance - ok
21:57:49.0007 0x0964 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
21:57:49.0015 0x0964 mpio - ok
21:57:49.0060 0x0964 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
21:57:49.0064 0x0964 mpsdrv - ok
21:57:49.0124 0x0964 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
21:57:49.0142 0x0964 MpsSvc - ok
21:57:49.0175 0x0964 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
21:57:49.0178 0x0964 MRxDAV - ok
21:57:49.0197 0x0964 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
21:57:49.0201 0x0964 mrxsmb - ok
21:57:49.0224 0x0964 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
21:57:49.0231 0x0964 mrxsmb10 - ok
21:57:49.0252 0x0964 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
21:57:49.0255 0x0964 mrxsmb20 - ok
21:57:49.0283 0x0964 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
21:57:49.0285 0x0964 msahci - ok
21:57:49.0305 0x0964 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
21:57:49.0309 0x0964 msdsm - ok
21:57:49.0321 0x0964 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
21:57:49.0325 0x0964 MSDTC - ok
21:57:49.0346 0x0964 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
21:57:49.0347 0x0964 Msfs - ok
21:57:49.0378 0x0964 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
21:57:49.0380 0x0964 mshidkmdf - ok
21:57:49.0394 0x0964 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
21:57:49.0395 0x0964 msisadrv - ok
21:57:49.0424 0x0964 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
21:57:49.0429 0x0964 MSiSCSI - ok
21:57:49.0431 0x0964 msiserver - ok
21:57:49.0474 0x0964 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
21:57:49.0488 0x0964 MSKSSRV - ok
21:57:49.0526 0x0964 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
21:57:49.0527 0x0964 MSPCLOCK - ok
21:57:49.0543 0x0964 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
21:57:49.0545 0x0964 MSPQM - ok
21:57:49.0579 0x0964 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
21:57:49.0593 0x0964 MsRPC - ok
21:57:49.0605 0x0964 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
21:57:49.0606 0x0964 mssmbios - ok
21:57:49.0629 0x0964 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
21:57:49.0630 0x0964 MSTEE - ok
21:57:49.0645 0x0964 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
21:57:49.0646 0x0964 MTConfig - ok
21:57:49.0664 0x0964 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
21:57:49.0667 0x0964 Mup - ok
21:57:49.0716 0x0964 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
21:57:49.0727 0x0964 napagent - ok
21:57:49.0762 0x0964 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
21:57:49.0769 0x0964 NativeWifiP - ok
21:57:49.0858 0x0964 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
21:57:49.0886 0x0964 NDIS - ok
21:57:49.0914 0x0964 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
21:57:49.0915 0x0964 NdisCap - ok
21:57:49.0942 0x0964 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
21:57:49.0943 0x0964 NdisTapi - ok
21:57:49.0959 0x0964 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
21:57:49.0962 0x0964 Ndisuio - ok
21:57:49.0976 0x0964 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
21:57:49.0981 0x0964 NdisWan - ok
21:57:49.0999 0x0964 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
21:57:50.0002 0x0964 NDProxy - ok
21:57:50.0023 0x0964 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
21:57:50.0025 0x0964 NetBIOS - ok
21:57:50.0043 0x0964 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
21:57:50.0050 0x0964 NetBT - ok
21:57:50.0058 0x0964 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon C:\windows\system32\lsass.exe
21:57:50.0060 0x0964 Netlogon - ok
21:57:50.0101 0x0964 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
21:57:50.0112 0x0964 Netman - ok
21:57:50.0184 0x0964 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:50.0241 0x0964 NetMsmqActivator - ok
21:57:50.0267 0x0964 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:50.0273 0x0964 NetPipeActivator - ok
21:57:50.0315 0x0964 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
21:57:50.0327 0x0964 netprofm - ok
21:57:50.0357 0x0964 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:50.0360 0x0964 NetTcpActivator - ok
21:57:50.0367 0x0964 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
21:57:50.0370 0x0964 NetTcpPortSharing - ok
21:57:50.0417 0x0964 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
21:57:50.0422 0x0964 nfrd960 - ok
21:57:50.0472 0x0964 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
21:57:50.0499 0x0964 NlaSvc - ok
21:57:50.0520 0x0964 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
21:57:50.0524 0x0964 Npfs - ok
21:57:50.0546 0x0964 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
21:57:50.0550 0x0964 nsi - ok
21:57:50.0564 0x0964 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
21:57:50.0566 0x0964 nsiproxy - ok
21:57:50.0665 0x0964 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
21:57:50.0705 0x0964 Ntfs - ok
21:57:50.0725 0x0964 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
21:57:50.0725 0x0964 Null - ok
21:57:50.0755 0x0964 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
21:57:50.0765 0x0964 nvraid - ok
21:57:50.0785 0x0964 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
21:57:50.0795 0x0964 nvstor - ok
21:57:50.0825 0x0964 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
21:57:50.0825 0x0964 nv_agp - ok
21:57:50.0845 0x0964 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
21:57:50.0845 0x0964 ohci1394 - ok
21:57:50.0905 0x0964 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
21:57:50.0915 0x0964 ose - ok
21:57:51.0125 0x0964 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
21:57:51.0305 0x0964 osppsvc - ok
21:57:51.0335 0x0964 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
21:57:51.0345 0x0964 p2pimsvc - ok
21:57:51.0365 0x0964 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
21:57:51.0375 0x0964 p2psvc - ok
21:57:51.0395 0x0964 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
21:57:51.0395 0x0964 Parport - ok
21:57:51.0425 0x0964 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
21:57:51.0435 0x0964 partmgr - ok
21:57:51.0485 0x0964 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\windows\System32\pcasvc.dll
21:57:51.0495 0x0964 PcaSvc - ok
21:57:51.0525 0x0964 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
21:57:51.0535 0x0964 pci - ok
21:57:51.0565 0x0964 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
21:57:51.0575 0x0964 pciide - ok
21:57:51.0615 0x0964 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
21:57:51.0625 0x0964 pcmcia - ok
21:57:51.0655 0x0964 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
21:57:51.0655 0x0964 pcw - ok
21:57:51.0685 0x0964 pdfcDispatcher - ok
21:57:51.0725 0x0964 [ BAF3216DDAA12E66EBBB31760E02BC14, 668AE32CAF8E64F225DA9515F564469ED3F0B8D23A35C2E0B09CD1ECBFD0050C ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
21:57:51.0735 0x0964 PdiService - ok
21:57:51.0785 0x0964 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\windows\system32\drivers\peauth.sys
21:57:51.0805 0x0964 PEAUTH - ok
21:57:51.0895 0x0964 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
21:57:51.0895 0x0964 PerfHost - ok
21:57:51.0995 0x0964 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
21:57:52.0035 0x0964 pla - ok
21:57:52.0085 0x0964 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
21:57:52.0095 0x0964 PlugPlay - ok
21:57:52.0105 0x0964 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
21:57:52.0105 0x0964 PNRPAutoReg - ok
21:57:52.0125 0x0964 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
21:57:52.0125 0x0964 PNRPsvc - ok
21:57:52.0175 0x0964 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
21:57:52.0185 0x0964 PolicyAgent - ok
21:57:52.0195 0x0964 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\windows\system32\umpo.dll
21:57:52.0205 0x0964 Power - ok
21:57:52.0235 0x0964 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
21:57:52.0245 0x0964 PptpMiniport - ok
21:57:52.0255 0x0964 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
21:57:52.0265 0x0964 Processor - ok
21:57:52.0315 0x0964 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
21:57:52.0325 0x0964 ProfSvc - ok
21:57:52.0345 0x0964 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\windows\system32\lsass.exe
21:57:52.0345 0x0964 ProtectedStorage - ok
21:57:52.0365 0x0964 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
21:57:52.0375 0x0964 Psched - ok
21:57:52.0435 0x0964 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
21:57:52.0465 0x0964 ql2300 - ok
21:57:52.0485 0x0964 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
21:57:52.0485 0x0964 ql40xx - ok
21:57:52.0505 0x0964 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
21:57:52.0515 0x0964 QWAVE - ok
21:57:52.0525 0x0964 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
21:57:52.0535 0x0964 QWAVEdrv - ok
21:57:52.0545 0x0964 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
21:57:52.0545 0x0964 RasAcd - ok
21:57:52.0585 0x0964 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
21:57:52.0585 0x0964 RasAgileVpn - ok
21:57:52.0605 0x0964 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
21:57:52.0605 0x0964 RasAuto - ok
21:57:52.0625 0x0964 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
21:57:52.0625 0x0964 Rasl2tp - ok
21:57:52.0645 0x0964 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
21:57:52.0645 0x0964 RasMan - ok
21:57:52.0665 0x0964 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
21:57:52.0665 0x0964 RasPppoe - ok
21:57:52.0695 0x0964 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
21:57:52.0705 0x0964 RasSstp - ok
21:57:52.0725 0x0964 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
21:57:52.0725 0x0964 rdbss - ok
Code:
ATTFilter 21:57:52.0745 0x0964 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
21:57:52.0745 0x0964 rdpbus - ok
21:57:52.0765 0x0964 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
21:57:52.0765 0x0964 RDPCDD - ok
21:57:52.0795 0x0964 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
21:57:52.0795 0x0964 RDPENCDD - ok
21:57:52.0805 0x0964 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
21:57:52.0805 0x0964 RDPREFMP - ok
21:57:52.0855 0x0964 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
21:57:52.0875 0x0964 RDPWD - ok
21:57:52.0905 0x0964 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
21:57:52.0915 0x0964 rdyboost - ok
21:57:52.0955 0x0964 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
21:57:52.0955 0x0964 RemoteAccess - ok
21:57:52.0995 0x0964 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
21:57:53.0005 0x0964 RemoteRegistry - ok
21:57:53.0035 0x0964 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
21:57:53.0045 0x0964 RFCOMM - ok
21:57:53.0085 0x0964 [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\windows\system32\Drivers\RimUsb_AMD64.sys
21:57:53.0085 0x0964 RimUsb - ok
21:57:53.0125 0x0964 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
21:57:53.0135 0x0964 RpcEptMapper - ok
21:57:53.0165 0x0964 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
21:57:53.0165 0x0964 RpcLocator - ok
21:57:53.0215 0x0964 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
21:57:53.0235 0x0964 RpcSs - ok
21:57:53.0265 0x0964 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
21:57:53.0275 0x0964 rspndr - ok
21:57:53.0325 0x0964 [ 1BE36AB59242A109697870F16A8E0EF8, CAC949D97EEFA0CE5E89084D0950B6E331145870355367803530D0DED4962F2E ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
21:57:53.0335 0x0964 RTL8167 - ok
21:57:53.0355 0x0964 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs C:\windows\system32\lsass.exe
21:57:53.0355 0x0964 SamSs - ok
21:57:53.0375 0x0964 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
21:57:53.0375 0x0964 sbp2port - ok
21:57:53.0435 0x0964 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
21:57:53.0445 0x0964 SCardSvr - ok
21:57:53.0455 0x0964 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
21:57:53.0455 0x0964 scfilter - ok
21:57:53.0535 0x0964 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
21:57:53.0565 0x0964 Schedule - ok
21:57:53.0575 0x0964 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
21:57:53.0585 0x0964 SCPolicySvc - ok
21:57:53.0605 0x0964 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
21:57:53.0615 0x0964 sdbus - ok
21:57:53.0645 0x0964 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
21:57:53.0645 0x0964 SDRSVC - ok
21:57:53.0675 0x0964 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
21:57:53.0675 0x0964 secdrv - ok
21:57:53.0695 0x0964 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
21:57:53.0705 0x0964 seclogon - ok
21:57:53.0715 0x0964 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\system32\sens.dll
21:57:53.0715 0x0964 SENS - ok
21:57:53.0745 0x0964 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
21:57:53.0745 0x0964 SensrSvc - ok
21:57:53.0755 0x0964 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys
21:57:53.0765 0x0964 Serenum - ok
21:57:53.0785 0x0964 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
21:57:53.0785 0x0964 Serial - ok
21:57:53.0825 0x0964 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
21:57:53.0825 0x0964 sermouse - ok
21:57:53.0855 0x0964 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
21:57:53.0855 0x0964 SessionEnv - ok
21:57:53.0875 0x0964 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
21:57:53.0875 0x0964 sffdisk - ok
21:57:53.0885 0x0964 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
21:57:53.0885 0x0964 sffp_mmc - ok
21:57:53.0915 0x0964 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
21:57:53.0915 0x0964 sffp_sd - ok
21:57:53.0925 0x0964 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
21:57:53.0925 0x0964 sfloppy - ok
21:57:53.0975 0x0964 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
21:57:53.0995 0x0964 SharedAccess - ok
21:57:54.0025 0x0964 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
21:57:54.0045 0x0964 ShellHWDetection - ok
21:57:54.0065 0x0964 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
21:57:54.0065 0x0964 SiSRaid2 - ok
21:57:54.0085 0x0964 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
21:57:54.0095 0x0964 SiSRaid4 - ok
21:57:54.0125 0x0964 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
21:57:54.0125 0x0964 Smb - ok
21:57:54.0155 0x0964 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
21:57:54.0165 0x0964 SNMPTRAP - ok
21:57:54.0225 0x0964 [ 80B683DF156771E30D33E01AF09ABE3C, 950496EAF8BF1AEDDF1B0555E9BA605DF7F9E9E3EA2D7BDEF7A0083B859F0D93 ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
21:57:54.0265 0x0964 SNP2UVC - ok
21:57:54.0285 0x0964 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
21:57:54.0285 0x0964 spldr - ok
21:57:54.0315 0x0964 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
21:57:54.0325 0x0964 Spooler - ok
21:57:54.0495 0x0964 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
21:57:54.0615 0x0964 sppsvc - ok
21:57:54.0645 0x0964 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
21:57:54.0655 0x0964 sppuinotify - ok
21:57:54.0685 0x0964 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
21:57:54.0695 0x0964 srv - ok
21:57:54.0715 0x0964 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
21:57:54.0725 0x0964 srv2 - ok
21:57:54.0745 0x0964 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
21:57:54.0745 0x0964 srvnet - ok
21:57:54.0775 0x0964 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
21:57:54.0775 0x0964 SSDPSRV - ok
21:57:54.0785 0x0964 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
21:57:54.0785 0x0964 SstpSvc - ok
21:57:54.0865 0x0964 [ 634C0CDC3F63AED52982A15C21FA9939, 9163A562EC5B5E5BAF962AA2390E125A609C5EE50D980593D9209E6DEBD7C994 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
21:57:54.0885 0x0964 STacSV - ok
21:57:54.0905 0x0964 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
21:57:54.0905 0x0964 stexstor - ok
21:57:54.0945 0x0964 [ 54A0E8D8118455AB2BF4B42DA46ECC02, E4BBE2354B5E1BB9FE36BCDB5393801B3F882F144BED1E98A8ADB68FC50028BE ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
21:57:54.0955 0x0964 STHDA - ok
21:57:55.0035 0x0964 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
21:57:55.0055 0x0964 stisvc - ok
21:57:55.0075 0x0964 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
21:57:55.0075 0x0964 swenum - ok
21:57:55.0125 0x0964 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
21:57:55.0135 0x0964 swprv - ok
21:57:55.0215 0x0964 [ 2CD7E4392A5E98FA1281B22F62A48E04, 6C0B0436C4BC2B083CEA0E22726A8855AF5FFD63FB9EF32CD82960AA9BEE0BE6 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
21:57:55.0225 0x0964 SynTP - ok
21:57:55.0355 0x0964 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
21:57:55.0405 0x0964 SysMain - ok
21:57:55.0435 0x0964 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
21:57:55.0445 0x0964 TabletInputService - ok
21:57:55.0465 0x0964 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
21:57:55.0475 0x0964 TapiSrv - ok
21:57:55.0505 0x0964 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
21:57:55.0505 0x0964 TBS - ok
21:57:55.0605 0x0964 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
21:57:55.0645 0x0964 Tcpip - ok
21:57:55.0805 0x0964 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
21:57:55.0835 0x0964 TCPIP6 - ok
21:57:55.0855 0x0964 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
21:57:55.0865 0x0964 tcpipreg - ok
21:57:55.0895 0x0964 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
21:57:55.0895 0x0964 TDPIPE - ok
21:57:55.0905 0x0964 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
21:57:55.0905 0x0964 TDTCP - ok
21:57:55.0955 0x0964 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\windows\system32\DRIVERS\tdx.sys
21:57:55.0955 0x0964 tdx - ok
21:57:55.0975 0x0964 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
21:57:55.0975 0x0964 TermDD - ok
21:57:56.0025 0x0964 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
21:57:56.0035 0x0964 TermService - ok
21:57:56.0065 0x0964 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
21:57:56.0065 0x0964 Themes - ok
21:57:56.0085 0x0964 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
21:57:56.0095 0x0964 THREADORDER - ok
21:57:56.0125 0x0964 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
21:57:56.0135 0x0964 TrkWks - ok
21:57:56.0195 0x0964 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
21:57:56.0205 0x0964 TrustedInstaller - ok
21:57:56.0255 0x0964 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
21:57:56.0255 0x0964 tssecsrv - ok
21:57:56.0295 0x0964 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
21:57:56.0295 0x0964 TsUsbFlt - ok
21:57:56.0305 0x0964 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
21:57:56.0315 0x0964 TsUsbGD - ok
21:57:56.0345 0x0964 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
21:57:56.0355 0x0964 tunnel - ok
21:57:56.0375 0x0964 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
21:57:56.0385 0x0964 uagp35 - ok
21:57:56.0465 0x0964 [ F0458A5ABFC8C269798D398F664666A8, 04102C73360F8B4E81E84D099ADD90F77CE0A785ED7FE9F767045F451118FD7E ] uArcCapture C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
21:57:56.0485 0x0964 uArcCapture - ok
21:57:56.0515 0x0964 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
21:57:56.0525 0x0964 udfs - ok
21:57:56.0555 0x0964 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
21:57:56.0555 0x0964 UI0Detect - ok
21:57:56.0585 0x0964 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
21:57:56.0585 0x0964 uliagpkx - ok
21:57:56.0605 0x0964 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
21:57:56.0605 0x0964 umbus - ok
21:57:56.0635 0x0964 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys
21:57:56.0635 0x0964 UmPass - ok
21:57:56.0765 0x0964 [ D8A54623FFFB5A882645910EA165AE44, 527968E3C2CC67AFB4CC908584D4A7E40FDD76CBF2F2D9756BB17DA647A0DC73 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
21:57:56.0775 0x0964 UNS - ok
21:57:56.0815 0x0964 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
21:57:56.0825 0x0964 upnphost - ok
21:57:56.0875 0x0964 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
21:57:56.0885 0x0964 usbaudio - ok
21:57:56.0925 0x0964 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
21:57:56.0935 0x0964 usbccgp - ok
21:57:56.0965 0x0964 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
21:57:56.0975 0x0964 usbcir - ok
21:57:56.0995 0x0964 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\drivers\usbehci.sys
21:57:56.0995 0x0964 usbehci - ok
21:57:57.0045 0x0964 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
21:57:57.0055 0x0964 usbhub - ok
21:57:57.0085 0x0964 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys
21:57:57.0085 0x0964 usbohci - ok
21:57:57.0105 0x0964 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
21:57:57.0105 0x0964 usbprint - ok
21:57:57.0125 0x0964 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\drivers\usbscan.sys
21:57:57.0125 0x0964 usbscan - ok
21:57:57.0175 0x0964 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
21:57:57.0185 0x0964 USBSTOR - ok
21:57:57.0205 0x0964 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
21:57:57.0205 0x0964 usbuhci - ok
21:57:57.0265 0x0964 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
21:57:57.0285 0x0964 usbvideo - ok
21:57:57.0295 0x0964 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
21:57:57.0305 0x0964 UxSms - ok
21:57:57.0325 0x0964 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc C:\windows\system32\lsass.exe
21:57:57.0325 0x0964 VaultSvc - ok
21:57:57.0475 0x0964 [ EF3BD2119454883B0D5463AD5327DD10, 3A9BE7DFAFA11F6DDD0E2BC9AF461CD14EE2C9480551661D8BF4BB6F348C34A6 ] vcsFPService C:\windows\system32\vcsFPService.exe
21:57:57.0525 0x0964 vcsFPService - ok
21:57:57.0545 0x0964 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
21:57:57.0545 0x0964 vdrvroot - ok
21:57:57.0575 0x0964 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
21:57:57.0595 0x0964 vds - ok
21:57:57.0635 0x0964 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
21:57:57.0635 0x0964 vga - ok
21:57:57.0645 0x0964 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
21:57:57.0645 0x0964 VgaSave - ok
21:57:57.0675 0x0964 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
21:57:57.0685 0x0964 vhdmp - ok
21:57:57.0715 0x0964 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
21:57:57.0715 0x0964 viaide - ok
21:57:57.0745 0x0964 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
21:57:57.0755 0x0964 volmgr - ok
21:57:57.0775 0x0964 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
21:57:57.0785 0x0964 volmgrx - ok
21:57:57.0795 0x0964 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\windows\system32\drivers\volsnap.sys
21:57:57.0805 0x0964 volsnap - ok
21:57:57.0835 0x0964 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
21:57:57.0845 0x0964 vsmraid - ok
21:57:57.0935 0x0964 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
21:57:57.0975 0x0964 VSS - ok
21:57:57.0995 0x0964 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
21:57:57.0995 0x0964 vwifibus - ok
21:57:58.0015 0x0964 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
21:57:58.0015 0x0964 vwififlt - ok
21:57:58.0035 0x0964 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
21:57:58.0035 0x0964 vwifimp - ok
21:57:58.0055 0x0964 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
21:57:58.0065 0x0964 W32Time - ok
21:57:58.0085 0x0964 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
21:57:58.0085 0x0964 WacomPen - ok
21:57:58.0105 0x0964 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
21:57:58.0115 0x0964 WANARP - ok
21:57:58.0115 0x0964 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
21:57:58.0115 0x0964 Wanarpv6 - ok
21:57:58.0205 0x0964 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
21:57:58.0235 0x0964 wbengine - ok
21:57:58.0255 0x0964 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
21:57:58.0255 0x0964 WbioSrvc - ok
21:57:58.0285 0x0964 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
21:57:58.0295 0x0964 wcncsvc - ok
21:57:58.0315 0x0964 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
21:57:58.0315 0x0964 WcsPlugInService - ok
21:57:58.0325 0x0964 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
21:57:58.0335 0x0964 Wd - ok
21:57:58.0375 0x0964 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
21:57:58.0385 0x0964 Wdf01000 - ok
21:57:58.0415 0x0964 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
21:57:58.0415 0x0964 WdiServiceHost - ok
21:57:58.0425 0x0964 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
21:57:58.0425 0x0964 WdiSystemHost - ok
21:57:58.0455 0x0964 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
21:57:58.0465 0x0964 WebClient - ok
21:57:58.0495 0x0964 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
21:57:58.0495 0x0964 Wecsvc - ok
21:57:58.0515 0x0964 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
21:57:58.0515 0x0964 wercplsupport - ok
21:57:58.0545 0x0964 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
21:57:58.0545 0x0964 WerSvc - ok
21:57:58.0565 0x0964 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
21:57:58.0565 0x0964 WfpLwf - ok
21:57:58.0585 0x0964 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
21:57:58.0595 0x0964 WIMMount - ok
21:57:58.0615 0x0964 WinDefend - ok
21:57:58.0625 0x0964 WinHttpAutoProxySvc - ok
21:57:58.0665 0x0964 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
21:57:58.0685 0x0964 Winmgmt - ok
21:57:58.0815 0x0964 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
21:57:58.0855 0x0964 WinRM - ok
21:57:58.0915 0x0964 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
21:57:58.0915 0x0964 WinUsb - ok
21:57:58.0995 0x0964 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
21:57:59.0015 0x0964 Wlansvc - ok
21:57:59.0035 0x0964 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
21:57:59.0035 0x0964 WmiAcpi - ok
21:57:59.0055 0x0964 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
21:57:59.0065 0x0964 wmiApSrv - ok
21:57:59.0085 0x0964 WMPNetworkSvc - ok
21:57:59.0115 0x0964 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
21:57:59.0115 0x0964 WPCSvc - ok
21:57:59.0135 0x0964 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
21:57:59.0145 0x0964 WPDBusEnum - ok
21:57:59.0155 0x0964 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
21:57:59.0155 0x0964 ws2ifsl - ok
21:57:59.0175 0x0964 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\system32\wscsvc.dll
21:57:59.0185 0x0964 wscsvc - ok
|
|
12.03.2015, 22:36
| #18 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Entfernen von DHL-TrojanerZitat:
__________________ |
|
12.03.2015, 22:41
| #19 |
| | Entfernen von DHL-TrojanerCode:
ATTFilter 21:57:59.0185 0x0964 WSearch - ok
21:57:59.0305 0x0964 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\windows\system32\wuaueng.dll
21:57:59.0355 0x0964 wuauserv - ok
21:57:59.0375 0x0964 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
21:57:59.0375 0x0964 WudfPf - ok
21:57:59.0405 0x0964 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
21:57:59.0415 0x0964 WUDFRd - ok
21:57:59.0445 0x0964 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
21:57:59.0455 0x0964 wudfsvc - ok
21:57:59.0505 0x0964 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
21:57:59.0525 0x0964 WwanSvc - ok
21:57:59.0585 0x0964 [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
21:57:59.0605 0x0964 ZAtheros Bt and Wlan Coex Agent - ok
21:57:59.0675 0x0964 ================ Scan global ===============================
21:57:59.0725 0x0964 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
21:57:59.0785 0x0964 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
21:57:59.0815 0x0964 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
21:57:59.0845 0x0964 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
21:57:59.0915 0x0964 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
21:57:59.0935 0x0964 [ Global ] - ok
21:57:59.0935 0x0964 ================ Scan MBR ==================================
21:57:59.0945 0x0964 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
21:58:00.0245 0x0964 \Device\Harddisk0\DR0 - ok
21:58:00.0255 0x0964 ================ Scan VBR ==================================
21:58:00.0255 0x0964 [ 7483B61AF2C7F57A08478194764A48C6 ] \Device\Harddisk0\DR0\Partition1
21:58:00.0255 0x0964 \Device\Harddisk0\DR0\Partition1 - ok
21:58:00.0265 0x0964 [ FCDA7C700101CACD3A9694962C192E6B ] \Device\Harddisk0\DR0\Partition2
21:58:00.0275 0x0964 \Device\Harddisk0\DR0\Partition2 - ok
21:58:00.0295 0x0964 [ 77D46616234AE235CE2D09F2CAF49725 ] \Device\Harddisk0\DR0\Partition3
21:58:00.0295 0x0964 \Device\Harddisk0\DR0\Partition3 - ok
21:58:00.0315 0x0964 [ CE784E420FC6DE9E73462A1837D08E18 ] \Device\Harddisk0\DR0\Partition4
21:58:00.0315 0x0964 \Device\Harddisk0\DR0\Partition4 - ok
21:58:00.0315 0x0964 ================ Scan generic autorun ======================
21:58:00.0355 0x0964 [ A03EEBDBF578C1EC6466D2B43A1D9D61, 8EE05ED1918217387969B252C70542337AD3CA2906F233EF19D6C7596709C802 ] C:\windows\system32\igfxtray.exe
21:58:00.0375 0x0964 IgfxTray - ok
21:58:00.0405 0x0964 [ 786DC0218FF551D3FF8F314760E6644F, E31FD56AC6B2A525076119CCD5AA6B574BBAE30E73CD06A723B999AD3D99C993 ] C:\windows\system32\hkcmd.exe
21:58:00.0415 0x0964 HotKeysCmds - ok
21:58:00.0445 0x0964 [ EAACFFA3DDC8F7372537D58A117BDA9A, 7A0BE7EDD12D523BB3A56B3CC9993340CF84CEB4E2C51104DC205A94559D8E8D ] C:\windows\system32\igfxpers.exe
21:58:00.0455 0x0964 Persistence - ok
21:58:00.0545 0x0964 [ BD4FA01BE032F4A5B1B332A80F102F11, A62581D1DADCA288996AE154134D2185A02A8E393B412F634F6F9C6F27ECDB9F ] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe
21:58:00.0555 0x0964 HPPowerAssistant - ok
21:58:00.0575 0x0964 MfeEpePcMonitor - ok
21:58:00.0675 0x0964 [ FEDB6110D3E0A7EFE6996F93CD8C48E7, 719F6B648AE9841B03C8FB9FC9D0CB1233FDD3030FBD3C420C3E8CEB59A12214 ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
21:58:00.0685 0x0964 CanonSolutionMenu - ok
21:58:00.0805 0x0964 [ B28AD85B8C199CB573621FCE54D7E19C, 42FFD67529592C5F349936C175E0C40E4E116E20B041042AB1E05FF164AEDD17 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
21:58:00.0845 0x0964 CanonMyPrinter - ok
21:58:00.0955 0x0964 [ 9D8D9550FCF2CCBA9A29ECD56902A0E6, 18686175B502DC6951CD5EF6B728EB0C5D9B3298E84A47F7C4648BD104E48D6D ] C:\Program Files\IDT\WDM\sttray64.exe
21:58:00.0995 0x0964 SysTrayApp - ok
21:58:00.0995 0x0964 SynTPEnh - ok
21:58:01.0025 0x0964 [ 049998505AF00B693D9E9C9AB5C11A8F, E54A061608C2AF47B1B834F075ACCA5554A0633174501783872C877C606284E6 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
21:58:01.0025 0x0964 IAStorIcon - ok
21:58:01.0095 0x0964 [ BDDAFDB5F9517DFE97AD3750CF343819, 4DA9A1FE099CE2EF9F3BA2F30B391B2720806BB815D79CE7C0BEC101399B37FE ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
21:58:01.0105 0x0964 USB3MON - ok
21:58:01.0215 0x0964 [ 36095700352B45C3583ED71D2C1C4CBA, 45ADF18FDF3B17540D1393329C94D24383554E0B9FCCC4D9F1230748F24AC841 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
21:58:01.0295 0x0964 StartCCC - ok
21:58:01.0295 0x0964 AMD AVT - ok
21:58:01.0395 0x0964 [ 53AB059637ABB53D51EDCF52789D0847, 058F7B405639615246B2D18DC454A12E89F29FF241C512D87F866AD561BE6784 ] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
21:58:01.0485 0x0964 DTRun - ok
21:58:01.0905 0x0964 [ 1E9BE983BB86FC938AEC57091BFAA477, 3E6EEEE111500A6A112C745FA83A267E8FFBE739B7F59DEDC7F8606CCDDC3CA0 ] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
21:58:02.0275 0x0964 File Sanitizer - ok
21:58:02.0375 0x0964 [ 085F30DB0B38903940A4141E675BDC08, 3ABFB79C850D2B1976DB4DEF69AA031C4E18B5E240316908DDD16DEA4050365A ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
21:58:02.0395 0x0964 avgnt - ok
21:58:02.0425 0x0964 [ D63797E8E7781EE1500A810CB6194FA6, 5C96DA00B98F0776E6174EBB7D4D6DB634838E130D8581E11811831D2C57B119 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
21:58:02.0435 0x0964 SunJavaUpdateSched - ok
21:58:02.0505 0x0964 [ 48B7ABBD880C8F9993B452BA44ECA93C, 521AB8E7DB4E5BFDFE0D019BF5CDCC71D22DC684B5F6B9AC49502C3EFFE08EEB ] C:\Program Files (x86)\PDF Complete\pdfsty.exe
21:58:02.0525 0x0964 PDF Complete - ok
21:58:02.0575 0x0964 [ 55A7C3EC45396563B7A2D0ED4DA83A37, 48A4CFD404D12ABF4EA3CAE186CA02B5FBD2C15A9119F07A784127E676016A26 ] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
21:58:02.0585 0x0964 HPConnectionManager - ok
21:58:02.0655 0x0964 [ F4D12D87E678ACFA2FC710BB3DA9F8DB, 4B751D1CB7E472E875D795D02A65571F9F116ADB62D298F3364CC8AA7F069BFC ] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
21:58:02.0665 0x0964 QLBController - ok
21:58:02.0765 0x0964 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
21:58:02.0795 0x0964 Sidebar - ok
21:58:02.0795 0x0964 Waiting for KSN requests completion. In queue: 100
21:58:03.0795 0x0964 Waiting for KSN requests completion. In queue: 100
21:58:04.0795 0x0964 Waiting for KSN requests completion. In queue: 100
21:58:05.0905 0x0964 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.650 ), 0x40000 ( disabled : updated )
21:58:05.0995 0x0964 Win FW state via NFP2: enabled
21:58:08.0725 0x0964 ============================================================
21:58:08.0725 0x0964 Scan finished
21:58:08.0725 0x0964 ============================================================
21:58:08.0735 0x16f0 Detected object count: 0
21:58:08.0735 0x16f0 Actual detected object count: 0
21:58:29.0055 0x0d54 ============================================================
21:58:29.0055 0x0d54 Scan started
21:58:29.0055 0x0d54 Mode: Manual;
21:58:29.0055 0x0d54 ============================================================
21:58:29.0055 0x0d54 KSN ping started
21:58:31.0765 0x0d54 KSN ping finished: true
21:58:32.0085 0x0d54 ================ Scan system memory ========================
21:58:32.0085 0x0d54 System memory - ok
21:58:32.0085 0x0d54 ================ Scan services =============================
21:58:32.0235 0x0d54 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
21:58:32.0245 0x0d54 1394ohci - ok
21:58:32.0285 0x0d54 [ 955EB2514DBEB55D755D8CC4B32A6B55, 3A4E63EA9E14C62B4B29CF9CC3CAB64F9CE92DBE2DF04940F47240387E85A81E ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
21:58:32.0285 0x0d54 Accelerometer - ok
21:58:32.0365 0x0d54 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
21:58:32.0365 0x0d54 ACDaemon - ok
21:58:32.0425 0x0d54 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
21:58:32.0445 0x0d54 ACPI - ok
21:58:32.0465 0x0d54 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
21:58:32.0465 0x0d54 AcpiPmi - ok
21:58:32.0575 0x0d54 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
21:58:32.0595 0x0d54 AdobeFlashPlayerUpdateSvc - ok
21:58:32.0625 0x0d54 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
21:58:32.0635 0x0d54 adp94xx - ok
21:58:32.0655 0x0d54 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
21:58:32.0665 0x0d54 adpahci - ok
21:58:32.0695 0x0d54 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
21:58:32.0695 0x0d54 adpu320 - ok
21:58:32.0715 0x0d54 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
21:58:32.0715 0x0d54 AeLookupSvc - ok
21:58:32.0765 0x0d54 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\windows\syswow64\drivers\Afc.sys
21:58:32.0765 0x0d54 Afc - ok
21:58:32.0815 0x0d54 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
21:58:32.0835 0x0d54 AFD - ok
21:58:32.0845 0x0d54 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
21:58:32.0855 0x0d54 agp440 - ok
21:58:32.0875 0x0d54 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
21:58:32.0875 0x0d54 ALG - ok
21:58:32.0905 0x0d54 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
21:58:32.0905 0x0d54 aliide - ok
21:58:32.0945 0x0d54 [ FD643267EF0F11B31F337CE5435F27FA, 45CA709967657354397E4151FADB6D9FDDD49EAC8B94BAADC0FEF7EBE939996E ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
21:58:32.0955 0x0d54 AMD External Events Utility - ok
21:58:32.0965 0x0d54 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
21:58:32.0965 0x0d54 amdide - ok
21:58:32.0995 0x0d54 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
21:58:32.0995 0x0d54 AmdK8 - ok
21:58:33.0335 0x0d54 [ F401C6B2CD4BA25797CDC678AD6A9305, 170D8CFC412649C544E3ACB4213772F0B64549CADBB23CEE2A4F6E43A555B734 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
21:58:33.0505 0x0d54 amdkmdag - ok
21:58:33.0545 0x0d54 [ 26F537ABC367D8A89DF02FB149E517A5, 068E1C3320AF3D57DC3AA99A86849C5664C93F2952013C6EB98F4DE261630DB3 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
21:58:33.0545 0x0d54 amdkmdap - ok
21:58:33.0575 0x0d54 [ FFCB1F4FEAC8AB77887031F8AD0D7C06, 59C95E0B6560A0A5B90090152814A996CBDE11DD461328BDB3ECD4F8D6BFA8E5 ] amdkmpfd C:\windows\system32\DRIVERS\amdkmpfd.sys
21:58:33.0575 0x0d54 amdkmpfd - ok
21:58:33.0595 0x0d54 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
21:58:33.0595 0x0d54 AmdPPM - ok
21:58:33.0635 0x0d54 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
21:58:33.0635 0x0d54 amdsata - ok
21:58:33.0675 0x0d54 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
21:58:33.0675 0x0d54 amdsbs - ok
21:58:33.0695 0x0d54 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
21:58:33.0695 0x0d54 amdxata - ok
21:58:33.0775 0x0d54 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
21:58:33.0795 0x0d54 AntiVirSchedulerService - ok
21:58:33.0835 0x0d54 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
21:58:33.0845 0x0d54 AntiVirService - ok
21:58:33.0885 0x0d54 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\windows\system32\drivers\appid.sys
21:58:33.0885 0x0d54 AppID - ok
21:58:33.0905 0x0d54 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\windows\System32\appidsvc.dll
21:58:33.0905 0x0d54 AppIDSvc - ok
21:58:33.0935 0x0d54 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
21:58:33.0935 0x0d54 Appinfo - ok
21:58:33.0965 0x0d54 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
21:58:33.0965 0x0d54 arc - ok
21:58:33.0985 0x0d54 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
21:58:33.0985 0x0d54 arcsas - ok
21:58:34.0025 0x0d54 [ DA63270378BAA19446F6DA23FEEB75D6, 1D1CD8B6950E2824BFDBE46DDF03AA94866AEDFB613FE15D1DD9AD707B0112E2 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
21:58:34.0025 0x0d54 ARCVCAM - ok
21:58:34.0125 0x0d54 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
21:58:34.0135 0x0d54 aspnet_state - ok
21:58:34.0155 0x0d54 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
21:58:34.0155 0x0d54 AsyncMac - ok
21:58:34.0175 0x0d54 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
21:58:34.0175 0x0d54 atapi - ok
21:58:34.0215 0x0d54 [ 65DD42A358451920A703EEEC1AB4995B, 7690EFB12E928ECF3D3D3155F7D1F7A8FEEE742212ABE5319166EA8DB5601884 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
21:58:34.0215 0x0d54 AthBTPort - ok
21:58:34.0285 0x0d54 [ 18BDDA150B814F6EC8477499470F76CE, FD78EFC593288FE4F41ADBEBFF0DAB00C0DF0D3802BBD7B41DCCBFF8C5BF5525 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
21:58:34.0305 0x0d54 AtherosSvc - ok
21:58:34.0455 0x0d54 [ 7D1F8D9F85029F6F581AADBFFA97F2DE, B905A3F7396A50749B7ADA5D81A490EA4E37DA3CA9CD75CBCF830D0B228BFB69 ] athr C:\windows\system32\DRIVERS\athrx.sys
21:58:34.0515 0x0d54 athr - ok
21:58:34.0565 0x0d54 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
21:58:34.0575 0x0d54 AudioEndpointBuilder - ok
21:58:34.0595 0x0d54 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
21:58:34.0605 0x0d54 AudioSrv - ok
21:58:34.0635 0x0d54 [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
21:58:34.0635 0x0d54 avgntflt - ok
21:58:34.0665 0x0d54 [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
21:58:34.0665 0x0d54 avipbb - ok
21:58:34.0715 0x0d54 [ ABDAEBEB09E98D13D765A0C57F3FAF88, F9E5F9A13E983BEAF32FA53736FB188280AAA44740696DFB95B8C10E8FEA466D ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
21:58:34.0725 0x0d54 Avira.OE.ServiceHost - ok
21:58:34.0745 0x0d54 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
21:58:34.0745 0x0d54 avkmgr - ok
21:58:34.0775 0x0d54 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
21:58:34.0785 0x0d54 AxInstSV - ok
21:58:34.0825 0x0d54 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
21:58:34.0845 0x0d54 b06bdrv - ok
21:58:34.0855 0x0d54 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
21:58:34.0865 0x0d54 b57nd60a - ok
21:58:34.0885 0x0d54 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
21:58:34.0885 0x0d54 BDESVC - ok
21:58:34.0895 0x0d54 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
21:58:34.0895 0x0d54 Beep - ok
21:58:34.0925 0x0d54 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
21:58:34.0935 0x0d54 BFE - ok
21:58:34.0985 0x0d54 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\system32\qmgr.dll
21:58:34.0995 0x0d54 BITS - ok
21:58:35.0025 0x0d54 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
21:58:35.0025 0x0d54 blbdrive - ok
21:58:35.0035 0x0d54 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
21:58:35.0035 0x0d54 bowser - ok
21:58:35.0055 0x0d54 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
21:58:35.0055 0x0d54 BrFiltLo - ok
21:58:35.0065 0x0d54 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
21:58:35.0065 0x0d54 BrFiltUp - ok
21:58:35.0105 0x0d54 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
21:58:35.0105 0x0d54 BridgeMP - ok
21:58:35.0135 0x0d54 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
21:58:35.0135 0x0d54 Browser - ok
21:58:35.0155 0x0d54 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
21:58:35.0155 0x0d54 Brserid - ok
21:58:35.0175 0x0d54 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
21:58:35.0175 0x0d54 BrSerWdm - ok
21:58:35.0185 0x0d54 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
21:58:35.0185 0x0d54 BrUsbMdm - ok
21:58:35.0195 0x0d54 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
21:58:35.0195 0x0d54 BrUsbSer - ok
21:58:35.0225 0x0d54 [ 84CB2D06BBAD7ADBE28483D38E0388BC, C7D94BA6053DE4719E396AB22300E923297C84D10ECADE1591DC21B3EB1B1716 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
21:58:35.0235 0x0d54 BTATH_A2DP - ok
21:58:35.0245 0x0d54 [ 13076306110021CC96B2C49B359BE2C5, B7410A036579FC67A1196D40FCC83F823A77D133D32A33D7FD9A020E4C5263A0 ] btath_avdt C:\windows\system32\drivers\btath_avdt.sys
21:58:35.0255 0x0d54 btath_avdt - ok
21:58:35.0275 0x0d54 [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS C:\windows\system32\DRIVERS\btath_bus.sys
21:58:35.0275 0x0d54 BTATH_BUS - ok
21:58:35.0295 0x0d54 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\windows\system32\DRIVERS\btath_hcrp.sys
21:58:35.0305 0x0d54 BTATH_HCRP - ok
21:58:35.0325 0x0d54 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
21:58:35.0335 0x0d54 BTATH_LWFLT - ok
21:58:35.0345 0x0d54 [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP C:\windows\system32\DRIVERS\btath_rcp.sys
21:58:35.0355 0x0d54 BTATH_RCP - ok
21:58:35.0395 0x0d54 [ CFB35D65B55E510E1A94DB6BEC0EA328, 58BA9512A625D9C4ABEE181E4886EAD065DD47AC81357DC1B603F6B52D952819 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
21:58:35.0405 0x0d54 BtFilter - ok
21:58:35.0415 0x0d54 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
21:58:35.0425 0x0d54 BthEnum - ok
21:58:35.0435 0x0d54 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
21:58:35.0435 0x0d54 BTHMODEM - ok
21:58:35.0465 0x0d54 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
21:58:35.0465 0x0d54 BthPan - ok
21:58:35.0495 0x0d54 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
21:58:35.0505 0x0d54 BTHPORT - ok
21:58:35.0525 0x0d54 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
21:58:35.0525 0x0d54 bthserv - ok
21:58:35.0535 0x0d54 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
21:58:35.0535 0x0d54 BTHUSB - ok
21:58:35.0535 0x0d54 catchme - ok
schon gesehen, wer lesen kann... okay, ich machs nochmal. |
|
12.03.2015, 22:43
| #20 |
| | Entfernen von DHL-Trojaner Hoffe, passt jetzt Code:
ATTFilter 22:38:05.0887 0x1498 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
22:38:09.0917 0x1498 ============================================================
22:38:09.0917 0x1498 Current date / time: 2015/03/12 22:38:09.0917
22:38:09.0917 0x1498 SystemInfo:
22:38:09.0917 0x1498
22:38:09.0917 0x1498 OS Version: 6.1.7601 ServicePack: 1.0
22:38:09.0917 0x1498 Product type: Workstation
22:38:09.0917 0x1498 ComputerName: MARIE-HP
22:38:09.0917 0x1498 UserName: Marie
22:38:09.0917 0x1498 Windows directory: C:\windows
22:38:09.0917 0x1498 System windows directory: C:\windows
22:38:09.0917 0x1498 Running under WOW64
22:38:09.0917 0x1498 Processor architecture: Intel x64
22:38:09.0917 0x1498 Number of processors: 4
22:38:09.0917 0x1498 Page size: 0x1000
22:38:09.0917 0x1498 Boot type: Normal boot
22:38:09.0917 0x1498 ============================================================
22:38:10.0397 0x1498 KLMD registered as C:\windows\system32\drivers\36881637.sys
22:38:11.0797 0x1498 System UUID: {C4BD1107-7323-6813-8990-15EB444988F8}
22:38:12.0657 0x1498 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
22:38:12.0667 0x1498 ============================================================
22:38:12.0667 0x1498 \Device\Harddisk0\DR0:
22:38:12.0667 0x1498 MBR partitions:
22:38:12.0667 0x1498 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x96000
22:38:12.0667 0x1498 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x96800, BlocksNum 0x54695000
22:38:12.0667 0x1498 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x5472B800, BlocksNum 0x2A19800
22:38:12.0667 0x1498 \Device\Harddisk0\DR0\Partition4: MBR, Type 0xC, StartLBA 0x57145000, BlocksNum 0x3FD800
22:38:12.0667 0x1498 ============================================================
22:38:12.0717 0x1498 C: <-> \Device\Harddisk0\DR0\Partition2
22:38:12.0747 0x1498 E: <-> \Device\Harddisk0\DR0\Partition4
22:38:12.0857 0x1498 G: <-> \Device\Harddisk0\DR0\Partition3
22:38:12.0857 0x1498 ============================================================
22:38:12.0857 0x1498 Initialize success
22:38:12.0857 0x1498 ============================================================
22:41:53.0599 0x0bf0 ============================================================
22:41:53.0599 0x0bf0 Scan started
22:41:53.0599 0x0bf0 Mode: Manual; SigCheck; TDLFS;
22:41:53.0599 0x0bf0 ============================================================
22:41:53.0599 0x0bf0 KSN ping started
22:41:56.0289 0x0bf0 KSN ping finished: true
22:41:56.0919 0x0bf0 ================ Scan system memory ========================
22:41:56.0919 0x0bf0 System memory - ok
22:41:56.0919 0x0bf0 ================ Scan services =============================
22:41:57.0089 0x0bf0 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
22:41:57.0159 0x0bf0 1394ohci - ok
22:41:57.0199 0x0bf0 [ 955EB2514DBEB55D755D8CC4B32A6B55, 3A4E63EA9E14C62B4B29CF9CC3CAB64F9CE92DBE2DF04940F47240387E85A81E ] Accelerometer C:\windows\system32\DRIVERS\Accelerometer.sys
22:41:57.0229 0x0bf0 Accelerometer - ok
22:41:57.0319 0x0bf0 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
22:41:57.0349 0x0bf0 ACDaemon - ok
22:41:57.0399 0x0bf0 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
22:41:57.0419 0x0bf0 ACPI - ok
22:41:57.0439 0x0bf0 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
22:41:57.0509 0x0bf0 AcpiPmi - ok
22:41:57.0659 0x0bf0 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
22:41:57.0689 0x0bf0 AdobeFlashPlayerUpdateSvc - ok
22:41:57.0719 0x0bf0 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
22:41:57.0739 0x0bf0 adp94xx - ok
22:41:57.0779 0x0bf0 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
22:41:57.0789 0x0bf0 adpahci - ok
22:41:57.0829 0x0bf0 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
22:41:57.0839 0x0bf0 adpu320 - ok
22:41:57.0859 0x0bf0 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
22:41:57.0969 0x0bf0 AeLookupSvc - ok
22:41:58.0019 0x0bf0 [ 6CCD1135320109D6B219F1A6E04AD9F6, B97D4DF46DF0EFC106BD3E248C70809F3F47DF3FD1CA039A0A3923E1FA05A969 ] Afc C:\windows\syswow64\drivers\Afc.sys
22:41:58.0039 0x0bf0 Afc - ok
22:41:58.0109 0x0bf0 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\windows\system32\drivers\afd.sys
22:41:58.0159 0x0bf0 AFD - ok
22:41:58.0189 0x0bf0 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
22:41:58.0199 0x0bf0 agp440 - ok
22:41:58.0239 0x0bf0 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
22:41:58.0279 0x0bf0 ALG - ok
22:41:58.0319 0x0bf0 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
22:41:58.0339 0x0bf0 aliide - ok
22:41:58.0369 0x0bf0 [ FD643267EF0F11B31F337CE5435F27FA, 45CA709967657354397E4151FADB6D9FDDD49EAC8B94BAADC0FEF7EBE939996E ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
22:41:58.0469 0x0bf0 AMD External Events Utility - ok
22:41:58.0509 0x0bf0 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
22:41:58.0519 0x0bf0 amdide - ok
22:41:58.0549 0x0bf0 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
22:41:58.0579 0x0bf0 AmdK8 - ok
22:41:58.0919 0x0bf0 [ F401C6B2CD4BA25797CDC678AD6A9305, 170D8CFC412649C544E3ACB4213772F0B64549CADBB23CEE2A4F6E43A555B734 ] amdkmdag C:\windows\system32\DRIVERS\atikmdag.sys
22:41:59.0179 0x0bf0 amdkmdag - ok
22:41:59.0229 0x0bf0 [ 26F537ABC367D8A89DF02FB149E517A5, 068E1C3320AF3D57DC3AA99A86849C5664C93F2952013C6EB98F4DE261630DB3 ] amdkmdap C:\windows\system32\DRIVERS\atikmpag.sys
22:41:59.0249 0x0bf0 amdkmdap - ok
22:41:59.0269 0x0bf0 [ FFCB1F4FEAC8AB77887031F8AD0D7C06, 59C95E0B6560A0A5B90090152814A996CBDE11DD461328BDB3ECD4F8D6BFA8E5 ] amdkmpfd C:\windows\system32\DRIVERS\amdkmpfd.sys
22:41:59.0279 0x0bf0 amdkmpfd - ok
22:41:59.0289 0x0bf0 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
22:41:59.0319 0x0bf0 AmdPPM - ok
22:41:59.0349 0x0bf0 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
22:41:59.0359 0x0bf0 amdsata - ok
22:41:59.0369 0x0bf0 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
22:41:59.0389 0x0bf0 amdsbs - ok
22:41:59.0399 0x0bf0 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
22:41:59.0409 0x0bf0 amdxata - ok
22:41:59.0509 0x0bf0 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
22:41:59.0539 0x0bf0 AntiVirSchedulerService - ok
22:41:59.0609 0x0bf0 [ 963F57EDF1A5C72AC66173F3B7CB329B, 0934361B0A55F4C082D70F264FAB5D36BAC482C135275AE552D442E64B3D5C1D ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
22:41:59.0629 0x0bf0 AntiVirService - ok
22:41:59.0679 0x0bf0 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\windows\system32\drivers\appid.sys
22:41:59.0699 0x0bf0 AppID - ok
22:41:59.0709 0x0bf0 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\windows\System32\appidsvc.dll
22:41:59.0719 0x0bf0 AppIDSvc - ok
22:41:59.0769 0x0bf0 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\windows\System32\appinfo.dll
22:41:59.0819 0x0bf0 Appinfo - ok
22:41:59.0869 0x0bf0 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
22:41:59.0879 0x0bf0 arc - ok
22:41:59.0889 0x0bf0 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
22:41:59.0899 0x0bf0 arcsas - ok
22:41:59.0969 0x0bf0 [ DA63270378BAA19446F6DA23FEEB75D6, 1D1CD8B6950E2824BFDBE46DDF03AA94866AEDFB613FE15D1DD9AD707B0112E2 ] ARCVCAM C:\windows\system32\DRIVERS\ArcSoftVCapture.sys
22:41:59.0989 0x0bf0 ARCVCAM - ok
22:42:00.0089 0x0bf0 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
22:42:00.0129 0x0bf0 aspnet_state - ok
22:42:00.0159 0x0bf0 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
22:42:00.0209 0x0bf0 AsyncMac - ok
22:42:00.0229 0x0bf0 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
22:42:00.0239 0x0bf0 atapi - ok
22:42:00.0259 0x0bf0 [ 65DD42A358451920A703EEEC1AB4995B, 7690EFB12E928ECF3D3D3155F7D1F7A8FEEE742212ABE5319166EA8DB5601884 ] AthBTPort C:\windows\system32\DRIVERS\btath_flt.sys
22:42:00.0279 0x0bf0 AthBTPort - ok
22:42:00.0359 0x0bf0 [ 18BDDA150B814F6EC8477499470F76CE, FD78EFC593288FE4F41ADBEBFF0DAB00C0DF0D3802BBD7B41DCCBFF8C5BF5525 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
22:42:00.0409 0x0bf0 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
22:42:03.0099 0x0bf0 Detect skipped due to KSN trusted
22:42:03.0099 0x0bf0 AtherosSvc - ok
22:42:03.0289 0x0bf0 [ 7D1F8D9F85029F6F581AADBFFA97F2DE, B905A3F7396A50749B7ADA5D81A490EA4E37DA3CA9CD75CBCF830D0B228BFB69 ] athr C:\windows\system32\DRIVERS\athrx.sys
22:42:03.0419 0x0bf0 athr - ok
22:42:03.0539 0x0bf0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
22:42:03.0589 0x0bf0 AudioEndpointBuilder - ok
22:42:03.0599 0x0bf0 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\windows\System32\Audiosrv.dll
22:42:03.0629 0x0bf0 AudioSrv - ok
22:42:03.0679 0x0bf0 [ 00BF66D168E1A7AA7E1C9F458BBA0B34, 3D3C42E87B3649819EED685D93417D61EB84FE39B3F4D4943721AE74026DE11B ] avgntflt C:\windows\system32\DRIVERS\avgntflt.sys
22:42:03.0709 0x0bf0 avgntflt - ok
22:42:03.0779 0x0bf0 [ 055D318220DD4593F2A8C8FF83707D36, 93566931D019D4D4C35C3E2E4E9BAF87BEF863E1B40B2B03ED87EF5C28F908DE ] avipbb C:\windows\system32\DRIVERS\avipbb.sys
22:42:03.0799 0x0bf0 avipbb - ok
22:42:03.0879 0x0bf0 [ ABDAEBEB09E98D13D765A0C57F3FAF88, F9E5F9A13E983BEAF32FA53736FB188280AAA44740696DFB95B8C10E8FEA466D ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
22:42:03.0899 0x0bf0 Avira.OE.ServiceHost - ok
22:42:03.0929 0x0bf0 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\windows\system32\DRIVERS\avkmgr.sys
22:42:03.0939 0x0bf0 avkmgr - ok
22:42:03.0969 0x0bf0 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
22:42:04.0039 0x0bf0 AxInstSV - ok
22:42:04.0089 0x0bf0 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
22:42:04.0119 0x0bf0 b06bdrv - ok
22:42:04.0149 0x0bf0 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
22:42:04.0179 0x0bf0 b57nd60a - ok
22:42:04.0209 0x0bf0 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
22:42:04.0239 0x0bf0 BDESVC - ok
22:42:04.0269 0x0bf0 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
22:42:04.0339 0x0bf0 Beep - ok
22:42:04.0389 0x0bf0 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
22:42:04.0439 0x0bf0 BFE - ok
22:42:04.0479 0x0bf0 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\system32\qmgr.dll
22:42:04.0669 0x0bf0 BITS - ok
22:42:04.0709 0x0bf0 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\drivers\blbdrive.sys
22:42:04.0739 0x0bf0 blbdrive - ok
22:42:04.0769 0x0bf0 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
22:42:04.0809 0x0bf0 bowser - ok
22:42:04.0829 0x0bf0 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
22:42:04.0849 0x0bf0 BrFiltLo - ok
22:42:04.0859 0x0bf0 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
22:42:04.0889 0x0bf0 BrFiltUp - ok
22:42:04.0919 0x0bf0 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\windows\system32\DRIVERS\bridge.sys
22:42:04.0959 0x0bf0 BridgeMP - ok
22:42:04.0999 0x0bf0 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
22:42:05.0039 0x0bf0 Browser - ok
22:42:05.0079 0x0bf0 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
22:42:05.0129 0x0bf0 Brserid - ok
22:42:05.0149 0x0bf0 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
22:42:05.0179 0x0bf0 BrSerWdm - ok
22:42:05.0209 0x0bf0 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
22:42:05.0239 0x0bf0 BrUsbMdm - ok
22:42:05.0249 0x0bf0 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
22:42:05.0269 0x0bf0 BrUsbSer - ok
22:42:05.0319 0x0bf0 [ 84CB2D06BBAD7ADBE28483D38E0388BC, C7D94BA6053DE4719E396AB22300E923297C84D10ECADE1591DC21B3EB1B1716 ] BTATH_A2DP C:\windows\system32\drivers\btath_a2dp.sys
22:42:05.0339 0x0bf0 BTATH_A2DP - ok
22:42:05.0359 0x0bf0 [ 13076306110021CC96B2C49B359BE2C5, B7410A036579FC67A1196D40FCC83F823A77D133D32A33D7FD9A020E4C5263A0 ] btath_avdt C:\windows\system32\drivers\btath_avdt.sys
22:42:05.0369 0x0bf0 btath_avdt - ok
22:42:05.0409 0x0bf0 [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS C:\windows\system32\DRIVERS\btath_bus.sys
22:42:05.0409 0x0bf0 BTATH_BUS - ok
22:42:05.0439 0x0bf0 [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP C:\windows\system32\DRIVERS\btath_hcrp.sys
22:42:05.0449 0x0bf0 BTATH_HCRP - ok
22:42:05.0459 0x0bf0 [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT C:\windows\system32\DRIVERS\btath_lwflt.sys
22:42:05.0469 0x0bf0 BTATH_LWFLT - ok
22:42:05.0479 0x0bf0 [ 859A116D748FBA603AF94C251DC5CF97, D64061721BE01F86386C4B0168B166C6AD076630B2229036E1D368D877389D46 ] BTATH_RCP C:\windows\system32\DRIVERS\btath_rcp.sys
22:42:05.0489 0x0bf0 BTATH_RCP - ok
22:42:05.0539 0x0bf0 [ CFB35D65B55E510E1A94DB6BEC0EA328, 58BA9512A625D9C4ABEE181E4886EAD065DD47AC81357DC1B603F6B52D952819 ] BtFilter C:\windows\system32\DRIVERS\btfilter.sys
22:42:05.0559 0x0bf0 BtFilter - ok
22:42:05.0579 0x0bf0 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\windows\system32\DRIVERS\BthEnum.sys
22:42:05.0609 0x0bf0 BthEnum - ok
22:42:05.0629 0x0bf0 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
22:42:05.0659 0x0bf0 BTHMODEM - ok
22:42:05.0689 0x0bf0 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\windows\system32\DRIVERS\bthpan.sys
22:42:05.0709 0x0bf0 BthPan - ok
22:42:05.0759 0x0bf0 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\windows\system32\Drivers\BTHport.sys
22:42:05.0809 0x0bf0 BTHPORT - ok
22:42:05.0859 0x0bf0 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
22:42:05.0879 0x0bf0 bthserv - ok
22:42:05.0899 0x0bf0 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\windows\system32\Drivers\BTHUSB.sys
22:42:05.0919 0x0bf0 BTHUSB - ok
22:42:05.0959 0x0bf0 catchme - ok
22:42:05.0989 0x0bf0 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
22:42:06.0059 0x0bf0 cdfs - ok
22:42:06.0099 0x0bf0 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
22:42:06.0109 0x0bf0 cdrom - ok
22:42:06.0259 0x0bf0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
22:42:06.0339 0x0bf0 CertPropSvc - ok
22:42:06.0359 0x0bf0 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
22:42:06.0389 0x0bf0 circlass - ok
22:42:06.0419 0x0bf0 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
22:42:06.0439 0x0bf0 CLFS - ok
22:42:06.0499 0x0bf0 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
22:42:06.0529 0x0bf0 clr_optimization_v2.0.50727_32 - ok
22:42:06.0589 0x0bf0 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
22:42:06.0619 0x0bf0 clr_optimization_v2.0.50727_64 - ok
22:42:06.0679 0x0bf0 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
22:42:06.0709 0x0bf0 clr_optimization_v4.0.30319_32 - ok
22:42:06.0739 0x0bf0 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
22:42:06.0759 0x0bf0 clr_optimization_v4.0.30319_64 - ok
22:42:06.0779 0x0bf0 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\drivers\CmBatt.sys
22:42:06.0799 0x0bf0 CmBatt - ok
22:42:06.0819 0x0bf0 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
22:42:06.0829 0x0bf0 cmdide - ok
22:42:06.0879 0x0bf0 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\windows\system32\Drivers\cng.sys
22:42:06.0919 0x0bf0 CNG - ok
22:42:06.0939 0x0bf0 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys
22:42:06.0949 0x0bf0 Compbatt - ok
22:42:06.0969 0x0bf0 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
22:42:06.0999 0x0bf0 CompositeBus - ok
22:42:07.0019 0x0bf0 COMSysApp - ok
22:42:07.0119 0x0bf0 [ AC0A3766C1E6DF7FA3960A04FF4526B6, 3C85631D0E56123E400847206B6FDBD40D3EA253B595512C6493CFD8530B3BD1 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
22:42:07.0139 0x0bf0 cphs - ok
22:42:07.0169 0x0bf0 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
22:42:07.0179 0x0bf0 crcdisk - ok
22:42:07.0229 0x0bf0 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\windows\system32\cryptsvc.dll
22:42:07.0279 0x0bf0 CryptSvc - ok
22:42:07.0309 0x0bf0 [ D3FAC3926974F22F91E4C9E053DAD07F, 3FC6BA1ADAD70E914A32B2D0EA14D9EE125863F0375BC55B675C474786A90726 ] DAMDrv C:\windows\system32\DRIVERS\DAMDrv64.sys
22:42:07.0319 0x0bf0 DAMDrv - ok
22:42:07.0369 0x0bf0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
22:42:07.0429 0x0bf0 DcomLaunch - ok
22:42:07.0469 0x0bf0 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
22:42:07.0499 0x0bf0 defragsvc - ok
22:42:07.0519 0x0bf0 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
22:42:07.0549 0x0bf0 DfsC - ok
22:42:07.0589 0x0bf0 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
22:42:07.0619 0x0bf0 Dhcp - ok
22:42:07.0639 0x0bf0 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
22:42:07.0679 0x0bf0 discache - ok
22:42:07.0729 0x0bf0 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
22:42:07.0759 0x0bf0 Disk - ok
22:42:07.0779 0x0bf0 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
22:42:07.0829 0x0bf0 Dnscache - ok
22:42:07.0859 0x0bf0 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
22:42:07.0899 0x0bf0 dot3svc - ok
22:42:08.0009 0x0bf0 [ 47BA566049A337A81ACBFA566EF9E795, 2066E6A0BF5B012F82FE74D21BD712C428BF33175F5E08AAD17B1A6DF53262BF ] DpHost C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
22:42:08.0049 0x0bf0 DpHost - ok
22:42:08.0079 0x0bf0 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
22:42:08.0119 0x0bf0 DPS - ok
22:42:08.0149 0x0bf0 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
22:42:08.0189 0x0bf0 drmkaud - ok
22:42:08.0269 0x0bf0 [ F59E2FE2687A5C30598F9099F318EB73, 80A0B1CC758BD3C4AEAB8E5804120D8A145F918B527F41DEF02A0E4EBE170F37 ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
22:42:08.0289 0x0bf0 DXGKrnl - ok
22:42:08.0329 0x0bf0 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
22:42:08.0389 0x0bf0 EapHost - ok
22:42:08.0529 0x0bf0 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
22:42:08.0609 0x0bf0 ebdrv - ok
22:42:08.0659 0x0bf0 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS C:\windows\System32\lsass.exe
22:42:08.0699 0x0bf0 EFS - ok
22:42:08.0789 0x0bf0 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
22:42:08.0829 0x0bf0 ehRecvr - ok
22:42:08.0849 0x0bf0 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
22:42:08.0879 0x0bf0 ehSched - ok
22:42:08.0959 0x0bf0 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
22:42:08.0979 0x0bf0 elxstor - ok
22:42:08.0999 0x0bf0 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
22:42:09.0019 0x0bf0 ErrDev - ok
22:42:09.0089 0x0bf0 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
22:42:09.0169 0x0bf0 EventSystem - ok
22:42:09.0199 0x0bf0 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
22:42:09.0229 0x0bf0 exfat - ok
22:42:09.0259 0x0bf0 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
22:42:09.0289 0x0bf0 fastfat - ok
22:42:09.0339 0x0bf0 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
22:42:09.0389 0x0bf0 Fax - ok
22:42:09.0399 0x0bf0 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
22:42:09.0429 0x0bf0 fdc - ok
22:42:09.0459 0x0bf0 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
22:42:09.0509 0x0bf0 fdPHost - ok
22:42:09.0519 0x0bf0 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
22:42:09.0549 0x0bf0 FDResPub - ok
22:42:09.0579 0x0bf0 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
22:42:09.0589 0x0bf0 FileInfo - ok
22:42:09.0589 0x0bf0 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
22:42:09.0629 0x0bf0 Filetrace - ok
22:42:09.0679 0x0bf0 [ 84E05C54DE5EECC3C6A549A2863D0FBE, E5BA5E3BEF76EC129A956A3C9F6EC0592440128D424CAF79A9A933E91A141D05 ] FLCDLOCK c:\windows\SysWOW64\flcdlock.exe
22:42:09.0689 0x0bf0 FLCDLOCK - ok
22:42:09.0719 0x0bf0 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
22:42:09.0769 0x0bf0 flpydisk - ok
22:42:09.0799 0x0bf0 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
22:42:09.0829 0x0bf0 FltMgr - ok
22:42:09.0889 0x0bf0 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\windows\system32\FntCache.dll
22:42:09.0939 0x0bf0 FontCache - ok
22:42:09.0969 0x0bf0 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
22:42:09.0979 0x0bf0 FontCache3.0.0.0 - ok
22:42:09.0999 0x0bf0 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
22:42:10.0009 0x0bf0 FsDepends - ok
22:42:10.0039 0x0bf0 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
22:42:10.0049 0x0bf0 Fs_Rec - ok
22:42:10.0079 0x0bf0 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
22:42:10.0099 0x0bf0 fvevol - ok
22:42:10.0129 0x0bf0 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
22:42:10.0139 0x0bf0 gagp30kx - ok
22:42:10.0169 0x0bf0 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
22:42:10.0209 0x0bf0 gpsvc - ok
22:42:10.0229 0x0bf0 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
22:42:10.0279 0x0bf0 hcw85cir - ok
22:42:10.0319 0x0bf0 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
22:42:10.0389 0x0bf0 HdAudAddService - ok
22:42:10.0429 0x0bf0 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
22:42:10.0479 0x0bf0 HDAudBus - ok
22:42:10.0509 0x0bf0 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
22:42:10.0539 0x0bf0 HidBatt - ok
22:42:10.0559 0x0bf0 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
22:42:10.0599 0x0bf0 HidBth - ok
22:42:10.0639 0x0bf0 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
22:42:10.0659 0x0bf0 HidIr - ok
22:42:10.0679 0x0bf0 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\System32\hidserv.dll
22:42:10.0709 0x0bf0 hidserv - ok
22:42:10.0739 0x0bf0 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\drivers\hidusb.sys
22:42:10.0769 0x0bf0 HidUsb - ok
22:42:10.0809 0x0bf0 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
22:42:10.0849 0x0bf0 hkmsvc - ok
22:42:10.0879 0x0bf0 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
22:42:10.0909 0x0bf0 HomeGroupListener - ok
22:42:10.0929 0x0bf0 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
22:42:10.0959 0x0bf0 HomeGroupProvider - ok
22:42:11.0009 0x0bf0 [ 44AD1D87919994161131D5FB16C5B551, 2548C2421D1D974C5AB7F02CE69E55365DDEDDC535701C38386A9AC7162E03D4 ] HP Power Assistant Service C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
22:42:11.0039 0x0bf0 HP Power Assistant Service - ok
22:42:11.0109 0x0bf0 [ 2A8B93A01621E100A578E83C768AFA2C, 6637D260AF180D1F200D219796FCE6D524FC6BF57C0CEEF9E1B3616E85865AD1 ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
22:42:11.0149 0x0bf0 HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
22:42:13.0859 0x0bf0 Detect skipped due to KSN trusted
22:42:13.0859 0x0bf0 HP Support Assistant Service - ok
22:42:14.0039 0x0bf0 [ 4F31EC91C327008968188AEE47B9D934, 39F24EEA63668FF65CD84BBF7F7E404E88D92B3848E6A132DC4334DF360972BF ] hpCMSrv C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
22:42:14.0079 0x0bf0 hpCMSrv - ok
22:42:14.0109 0x0bf0 [ 6D12992650D5538D97E7C3751261ACB2, FA403038C25E09D41A6CF1791BACCF4C5CE0576C1037BF1EBD7D1A1E18306D0F ] hpdskflt C:\windows\system32\DRIVERS\hpdskflt.sys
22:42:14.0109 0x0bf0 hpdskflt - ok
22:42:14.0209 0x0bf0 [ F8951E83F125D6765E815444AA303035, 2BB0C974D4A8A718DED8A7F90992E77C937F6174BD29453A9014F87C031B2AD1 ] HPFSService c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
22:42:14.0239 0x0bf0 HPFSService - ok
22:42:14.0359 0x0bf0 [ B27BA47319DE0DFF9CB75013006C389B, AFBE38731342F0CD20E4BF56D970B6755DE50E911DD42A7C001630ED22908006 ] hpHotkeyMonitor C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
22:42:14.0389 0x0bf0 hpHotkeyMonitor - ok
22:42:14.0419 0x0bf0 [ B98EE5D4535A685634B90F7E04DE0DF7, E37D26EF83B70E84742498D2F53037F83BE13F0E01484D85A20C872F1F02ADDA ] HpqKbFiltr C:\windows\system32\DRIVERS\HpqKbFiltr.sys
22:42:14.0419 0x0bf0 HpqKbFiltr - ok
22:42:14.0529 0x0bf0 [ D2946D9F020AE76E9CEF9B4A6DF838C0, C29CE594879385DA12B8EAA90B258905827B613839CCD820DE49215B68676995 ] hpqwmiex C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
22:42:14.0559 0x0bf0 hpqwmiex - ok
22:42:14.0589 0x0bf0 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
22:42:14.0599 0x0bf0 HpSAMD - ok
22:42:14.0619 0x0bf0 [ CA5BAD272333EA803A03C1FBB076B894, 87C448826E5240C974DCAA99675C10B2BA98F73994CC0E93C301B5D9BE9244D7 ] hpsrv C:\windows\system32\Hpservice.exe
22:42:14.0629 0x0bf0 hpsrv - ok
22:42:14.0679 0x0bf0 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys
22:42:14.0739 0x0bf0 HTTP - ok
22:42:14.0749 0x0bf0 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
22:42:14.0759 0x0bf0 hwpolicy - ok
22:42:14.0799 0x0bf0 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
22:42:14.0809 0x0bf0 i8042prt - ok
22:42:14.0839 0x0bf0 [ D1753C06EE17E29352B065EACF3F10D0, 4DD4C991FAA3CCF99DF8DC9F8F5DEEDEECD55977F0C3AA8C404DEFD21E32A62B ] iaStor C:\windows\system32\drivers\iaStor.sys
22:42:14.0849 0x0bf0 iaStor - ok
22:42:14.0919 0x0bf0 [ 7DEC78C80C628E9D36883C06C3C07E3C, 79B37C7B2EEC6D4C8E99018A7B0280EC93F99E64FEFC2AF7A5D29236B008C887 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
22:42:14.0939 0x0bf0 IAStorDataMgrSvc - ok
22:42:14.0989 0x0bf0 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
22:42:15.0009 0x0bf0 iaStorV - ok
22:42:15.0109 0x0bf0 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
22:42:15.0139 0x0bf0 idsvc - ok
22:42:15.0199 0x0bf0 IEEtwCollectorService - ok
22:42:15.0659 0x0bf0 [ 3FB253E8059A1AAC3A8B83A31D094CC5, 4D4988BF7D81FB6D75CDB65E1E42AC72DA76D3F84712AA1A27428A6490E342D0 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
22:42:16.0019 0x0bf0 igfx - ok
22:42:16.0059 0x0bf0 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
22:42:16.0069 0x0bf0 iirsp - ok
22:42:16.0119 0x0bf0 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\windows\System32\ikeext.dll
22:42:16.0159 0x0bf0 IKEEXT - ok
22:42:16.0199 0x0bf0 [ 6C9FFFECA9FED31347D211C5D1FFBD2D, 36CF8B847FAED0D978B3169ED550CC958025902CAC1D7D304E2684B2483E72B8 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
22:42:16.0239 0x0bf0 IntcDAud - ok
22:42:16.0339 0x0bf0 [ C6128F2E3DC6156C6F8828F9F1B96010, 612C1191AFB8F69BA5634E8C52BDDE608F57D98FA4C76C5A337676A5F1E8191D ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
22:42:16.0369 0x0bf0 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
22:42:19.0049 0x0bf0 Detect skipped due to KSN trusted
22:42:19.0049 0x0bf0 Intel(R) Capability Licensing Service Interface - ok
22:42:19.0159 0x0bf0 [ 729AB4F0608E95EFF8FDEF23596283E2, 62A2091FF440C65505AB3E38436A86D9B0978BCB9485960EFCE0C5CBC8E06201 ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
22:42:19.0189 0x0bf0 Intel(R) Capability Licensing Service TCP IP Interface - ok
22:42:19.0259 0x0bf0 [ A99A2E9242524DBB4A92A5175B6382DB, BFBB7CB66E6518A0777578316A84147E7227A7ECDF3FA2D097888E4CFA56F41A ] Intel(R) ME Service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
22:42:19.0289 0x0bf0 Intel(R) ME Service - ok
22:42:19.0309 0x0bf0 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
22:42:19.0329 0x0bf0 intelide - ok
22:42:19.0789 0x0bf0 [ 3FB253E8059A1AAC3A8B83A31D094CC5, 4D4988BF7D81FB6D75CDB65E1E42AC72DA76D3F84712AA1A27428A6490E342D0 ] intelkmd C:\windows\system32\DRIVERS\igdpmd64.sys
22:42:20.0089 0x0bf0 intelkmd - ok
22:42:20.0159 0x0bf0 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
22:42:20.0199 0x0bf0 intelppm - ok
22:42:20.0239 0x0bf0 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
22:42:20.0299 0x0bf0 IPBusEnum - ok
22:42:20.0319 0x0bf0 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
22:42:20.0359 0x0bf0 IpFilterDriver - ok
22:42:20.0409 0x0bf0 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\windows\System32\iphlpsvc.dll
22:42:20.0459 0x0bf0 iphlpsvc - ok
22:42:20.0469 0x0bf0 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
22:42:20.0489 0x0bf0 IPMIDRV - ok
22:42:20.0509 0x0bf0 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
22:42:20.0539 0x0bf0 IPNAT - ok
22:42:20.0569 0x0bf0 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
22:42:20.0599 0x0bf0 IRENUM - ok
22:42:20.0619 0x0bf0 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
22:42:20.0629 0x0bf0 isapnp - ok
22:42:20.0659 0x0bf0 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
22:42:20.0669 0x0bf0 iScsiPrt - ok
22:42:20.0699 0x0bf0 [ C8A3C909F0EFF13CAE0C17503B1F5DB2, 48B83C625AD4FFF4B8D92C70FEFDE70354C18193A8DDFE6D716776228FF691D5 ] iusb3hcs C:\windows\system32\DRIVERS\iusb3hcs.sys
22:42:20.0709 0x0bf0 iusb3hcs - ok
22:42:20.0749 0x0bf0 [ BB47E889BA2ADB7D1A438F9824F5899B, CE074B540154501C2B77A11BD27996D652BA3C81B7CBD2E8DF2E57B3DF770517 ] iusb3hub C:\windows\system32\DRIVERS\iusb3hub.sys
22:42:20.0759 0x0bf0 iusb3hub - ok
22:42:20.0839 0x0bf0 [ 7971B368F36042A0EC31FEA15945187B, E5EDD32316549644708DFD84ECC899C12C5095A16A607ACE0E23A9F49DCCC0BC ] iusb3xhc C:\windows\system32\DRIVERS\iusb3xhc.sys
22:42:20.0869 0x0bf0 iusb3xhc - ok
22:42:20.0909 0x0bf0 [ 1EDBBA43C0CDCE4EE210C9BA848C38CA, 9702A5731BE5A314D4B5EBB1A6C43144E380A39325457967144D54A36944C5DE ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
22:42:20.0919 0x0bf0 jhi_service - ok
22:42:20.0969 0x0bf0 [ 7DABE2B788FF1EB32E38838EC189361E, F891810BFEEA5A94558EA3D22AEE42E3C4D761BB7F7A8C53100F6FF7C65C74AD ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
22:42:20.0989 0x0bf0 JMCR - ok
22:42:21.0019 0x0bf0 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
22:42:21.0029 0x0bf0 kbdclass - ok
22:42:21.0049 0x0bf0 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
22:42:21.0059 0x0bf0 kbdhid - ok
22:42:21.0109 0x0bf0 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso C:\windows\system32\lsass.exe
22:42:21.0139 0x0bf0 KeyIso - ok
22:42:21.0169 0x0bf0 [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
22:42:21.0199 0x0bf0 KSecDD - ok
22:42:21.0209 0x0bf0 [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
22:42:21.0219 0x0bf0 KSecPkg - ok
22:42:21.0239 0x0bf0 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
22:42:21.0269 0x0bf0 ksthunk - ok
22:42:21.0299 0x0bf0 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
22:42:21.0349 0x0bf0 KtmRm - ok
22:42:21.0399 0x0bf0 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\System32\srvsvc.dll
22:42:21.0429 0x0bf0 LanmanServer - ok
22:42:21.0449 0x0bf0 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
22:42:21.0479 0x0bf0 LanmanWorkstation - ok
22:42:21.0509 0x0bf0 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
22:42:21.0549 0x0bf0 lltdio - ok
22:42:21.0579 0x0bf0 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
22:42:21.0619 0x0bf0 lltdsvc - ok
22:42:21.0629 0x0bf0 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
22:42:21.0669 0x0bf0 lmhosts - ok
22:42:21.0769 0x0bf0 [ 8B0D2FE92B090C59133EE321BAD58D99, 14B430C7D0F962268238C61353F3D0FBFE677DBC75D97A14969957B61C237C02 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
22:42:21.0799 0x0bf0 LMS - ok
22:42:21.0819 0x0bf0 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
22:42:21.0839 0x0bf0 LSI_FC - ok
22:42:21.0839 0x0bf0 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
22:42:21.0849 0x0bf0 LSI_SAS - ok
22:42:21.0879 0x0bf0 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
22:42:21.0889 0x0bf0 LSI_SAS2 - ok
22:42:21.0909 0x0bf0 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
22:42:21.0919 0x0bf0 LSI_SCSI - ok
22:42:21.0949 0x0bf0 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
22:42:21.0979 0x0bf0 luafv - ok
22:42:22.0099 0x0bf0 [ 4AC90155CD1E2D1FA3B4A15E6145E2B2, 964D25B869A8B5B9793B4B9EB773D048C7345471C628E03D846DA169B2C072D0 ] McAfee Endpoint Encryption Agent C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
22:42:22.0139 0x0bf0 McAfee Endpoint Encryption Agent - detected UnsignedFile.Multi.Generic ( 1 )
22:42:24.0819 0x0bf0 Detect skipped due to KSN trusted
22:42:24.0819 0x0bf0 McAfee Endpoint Encryption Agent - ok
22:42:24.0879 0x0bf0 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
22:42:24.0909 0x0bf0 Mcx2Svc - ok
22:42:24.0939 0x0bf0 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
22:42:24.0949 0x0bf0 megasas - ok
22:42:24.0979 0x0bf0 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
22:42:24.0989 0x0bf0 MegaSR - ok
22:42:25.0019 0x0bf0 [ D71FD7A4FDB01C554AE144037B688DF1, 74D33303DA559A3A2EB809FC0EC3722D24F7F1A37BC7370680CFEB951BE735AF ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
22:42:25.0029 0x0bf0 MEIx64 - ok
22:42:25.0049 0x0bf0 [ BD7328887DB3030F53BC4F6F5DA00F64, AA7309A0EE9B9E48B5C25F28ED35B94FFC175E33F7D441A614781AF627632C08 ] MfeEpeOpal C:\windows\system32\drivers\MfeEpeOpal.sys
22:42:25.0059 0x0bf0 MfeEpeOpal - ok
22:42:25.0069 0x0bf0 [ 6D9576338F874C6400995598A25A677A, D8E72893200464DDE4C9E22C9C7EBC4534564D30826846755F140C3AB7AFA9CF ] MfeEpePc C:\windows\system32\drivers\MfeEpePc.sys
22:42:25.0079 0x0bf0 MfeEpePc - ok
22:42:25.0109 0x0bf0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
22:42:25.0149 0x0bf0 MMCSS - ok
22:42:25.0159 0x0bf0 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
22:42:25.0199 0x0bf0 Modem - ok
22:42:25.0239 0x0bf0 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
22:42:25.0249 0x0bf0 monitor - ok
22:42:25.0299 0x0bf0 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
22:42:25.0309 0x0bf0 mouclass - ok
22:42:25.0329 0x0bf0 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
22:42:25.0349 0x0bf0 mouhid - ok
22:42:25.0399 0x0bf0 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\windows\system32\drivers\mountmgr.sys
22:42:25.0429 0x0bf0 mountmgr - ok
22:42:25.0489 0x0bf0 [ 5C5E45DDABEFBC9F564F1D5C83258B8F, E035A76BB12E120ADDE782CC7D781FBB60FFB7E324F3E0ED61BF15DC4703A8DB ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
22:42:25.0519 0x0bf0 MozillaMaintenance - ok
22:42:25.0549 0x0bf0 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
22:42:25.0569 0x0bf0 mpio - ok
22:42:25.0609 0x0bf0 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
22:42:25.0659 0x0bf0 mpsdrv - ok
22:42:25.0729 0x0bf0 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
22:42:25.0779 0x0bf0 MpsSvc - ok
22:42:25.0819 0x0bf0 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
22:42:25.0869 0x0bf0 MRxDAV - ok
22:42:25.0879 0x0bf0 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
22:42:25.0929 0x0bf0 mrxsmb - ok
22:42:25.0949 0x0bf0 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
22:42:25.0989 0x0bf0 mrxsmb10 - ok
22:42:25.0999 0x0bf0 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
22:42:26.0029 0x0bf0 mrxsmb20 - ok
22:42:26.0059 0x0bf0 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
22:42:26.0069 0x0bf0 msahci - ok
22:42:26.0089 0x0bf0 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
22:42:26.0109 0x0bf0 msdsm - ok
22:42:26.0129 0x0bf0 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
22:42:26.0149 0x0bf0 MSDTC - ok
22:42:26.0179 0x0bf0 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
22:42:26.0209 0x0bf0 Msfs - ok
22:42:26.0229 0x0bf0 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
22:42:26.0269 0x0bf0 mshidkmdf - ok
22:42:26.0269 0x0bf0 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
22:42:26.0279 0x0bf0 msisadrv - ok
22:42:26.0319 0x0bf0 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
22:42:26.0359 0x0bf0 MSiSCSI - ok
22:42:26.0359 0x0bf0 msiserver - ok
22:42:26.0389 0x0bf0 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
22:42:26.0429 0x0bf0 MSKSSRV - ok
22:42:26.0459 0x0bf0 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
22:42:26.0479 0x0bf0 MSPCLOCK - ok
22:42:26.0489 0x0bf0 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
22:42:26.0539 0x0bf0 MSPQM - ok
22:42:26.0559 0x0bf0 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
22:42:26.0569 0x0bf0 MsRPC - ok
22:42:26.0589 0x0bf0 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
22:42:26.0599 0x0bf0 mssmbios - ok
22:42:26.0629 0x0bf0 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
22:42:26.0659 0x0bf0 MSTEE - ok
22:42:26.0669 0x0bf0 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
22:42:26.0679 0x0bf0 MTConfig - ok
22:42:26.0689 0x0bf0 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
22:42:26.0699 0x0bf0 Mup - ok
22:42:26.0729 0x0bf0 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
22:42:26.0779 0x0bf0 napagent - ok
22:42:26.0809 0x0bf0 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
22:42:26.0839 0x0bf0 NativeWifiP - ok
22:42:26.0899 0x0bf0 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\windows\system32\drivers\ndis.sys
22:42:26.0929 0x0bf0 NDIS - ok
22:42:26.0959 0x0bf0 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
22:42:26.0989 0x0bf0 NdisCap - ok
22:42:27.0019 0x0bf0 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
22:42:27.0059 0x0bf0 NdisTapi - ok
22:42:27.0079 0x0bf0 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
22:42:27.0109 0x0bf0 Ndisuio - ok
22:42:27.0129 0x0bf0 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
22:42:27.0169 0x0bf0 NdisWan - ok
22:42:27.0189 0x0bf0 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
22:42:27.0229 0x0bf0 NDProxy - ok
22:42:27.0249 0x0bf0 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
22:42:27.0279 0x0bf0 NetBIOS - ok
22:42:27.0289 0x0bf0 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
22:42:27.0329 0x0bf0 NetBT - ok
22:42:27.0349 0x0bf0 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon C:\windows\system32\lsass.exe
22:42:27.0359 0x0bf0 Netlogon - ok
22:42:27.0409 0x0bf0 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
22:42:27.0439 0x0bf0 Netman - ok
22:42:27.0509 0x0bf0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:42:27.0539 0x0bf0 NetMsmqActivator - ok
22:42:27.0559 0x0bf0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:42:27.0569 0x0bf0 NetPipeActivator - ok
22:42:27.0609 0x0bf0 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
22:42:27.0639 0x0bf0 netprofm - ok
22:42:27.0669 0x0bf0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:42:27.0679 0x0bf0 NetTcpActivator - ok
22:42:27.0689 0x0bf0 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
22:42:27.0699 0x0bf0 NetTcpPortSharing - ok
22:42:27.0739 0x0bf0 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
22:42:27.0749 0x0bf0 nfrd960 - ok
22:42:27.0789 0x0bf0 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\windows\System32\nlasvc.dll
22:42:27.0819 0x0bf0 NlaSvc - ok
22:42:27.0839 0x0bf0 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
22:42:27.0879 0x0bf0 Npfs - ok
22:42:27.0899 0x0bf0 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
22:42:27.0929 0x0bf0 nsi - ok
22:42:27.0949 0x0bf0 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
22:42:27.0979 0x0bf0 nsiproxy - ok
22:42:28.0089 0x0bf0 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
22:42:28.0129 0x0bf0 Ntfs - ok
22:42:28.0149 0x0bf0 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
22:42:28.0179 0x0bf0 Null - ok
22:42:28.0209 0x0bf0 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
22:42:28.0219 0x0bf0 nvraid - ok
22:42:28.0229 0x0bf0 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
22:42:28.0239 0x0bf0 nvstor - ok
22:42:28.0259 0x0bf0 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
22:42:28.0269 0x0bf0 nv_agp - ok
22:42:28.0279 0x0bf0 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
22:42:28.0309 0x0bf0 ohci1394 - ok
22:42:28.0379 0x0bf0 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:42:28.0399 0x0bf0 ose - ok
22:42:28.0589 0x0bf0 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:42:28.0699 0x0bf0 osppsvc - ok
22:42:28.0729 0x0bf0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
22:42:28.0769 0x0bf0 p2pimsvc - ok
22:42:28.0799 0x0bf0 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
22:42:28.0829 0x0bf0 p2psvc - ok
22:42:28.0839 0x0bf0 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
22:42:28.0859 0x0bf0 Parport - ok
22:42:28.0899 0x0bf0 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
22:42:28.0909 0x0bf0 partmgr - ok
22:42:28.0949 0x0bf0 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\windows\System32\pcasvc.dll
22:42:28.0989 0x0bf0 PcaSvc - ok
22:42:29.0019 0x0bf0 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
22:42:29.0039 0x0bf0 pci - ok
22:42:29.0069 0x0bf0 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
22:42:29.0079 0x0bf0 pciide - ok
22:42:29.0099 0x0bf0 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
22:42:29.0119 0x0bf0 pcmcia - ok
22:42:29.0139 0x0bf0 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
22:42:29.0149 0x0bf0 pcw - ok
22:42:29.0179 0x0bf0 pdfcDispatcher - ok
22:42:29.0219 0x0bf0 [ BAF3216DDAA12E66EBBB31760E02BC14, 668AE32CAF8E64F225DA9515F564469ED3F0B8D23A35C2E0B09CD1ECBFD0050C ] PdiService C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
22:42:29.0229 0x0bf0 PdiService - ok
22:42:29.0299 0x0bf0 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\windows\system32\drivers\peauth.sys
22:42:29.0329 0x0bf0 PEAUTH - ok
22:42:29.0389 0x0bf0 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
22:42:29.0419 0x0bf0 PerfHost - ok
22:42:29.0479 0x0bf0 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
22:42:29.0539 0x0bf0 pla - ok
22:42:29.0619 0x0bf0 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
22:42:29.0659 0x0bf0 PlugPlay - ok
22:42:29.0669 0x0bf0 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
22:42:29.0689 0x0bf0 PNRPAutoReg - ok
22:42:29.0709 0x0bf0 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
22:42:29.0729 0x0bf0 PNRPsvc - ok
22:42:29.0769 0x0bf0 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
22:42:29.0809 0x0bf0 PolicyAgent - ok
22:42:29.0819 0x0bf0 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\windows\system32\umpo.dll
22:42:29.0839 0x0bf0 Power - ok
22:42:29.0869 0x0bf0 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
22:42:29.0909 0x0bf0 PptpMiniport - ok
22:42:29.0929 0x0bf0 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
22:42:29.0939 0x0bf0 Processor - ok
22:42:29.0969 0x0bf0 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\windows\system32\profsvc.dll
22:42:30.0009 0x0bf0 ProfSvc - ok
22:42:30.0019 0x0bf0 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\windows\system32\lsass.exe
22:42:30.0029 0x0bf0 ProtectedStorage - ok
22:42:30.0059 0x0bf0 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
22:42:30.0099 0x0bf0 Psched - ok
22:42:30.0179 0x0bf0 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
22:42:30.0219 0x0bf0 ql2300 - ok
22:42:30.0239 0x0bf0 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
22:42:30.0249 0x0bf0 ql40xx - ok
22:42:30.0269 0x0bf0 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
22:42:30.0289 0x0bf0 QWAVE - ok
22:42:30.0309 0x0bf0 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
22:42:30.0319 0x0bf0 QWAVEdrv - ok
22:42:30.0329 0x0bf0 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
22:42:30.0359 0x0bf0 RasAcd - ok
22:42:30.0399 0x0bf0 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
22:42:30.0419 0x0bf0 RasAgileVpn - ok
22:42:30.0449 0x0bf0 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
22:42:30.0479 0x0bf0 RasAuto - ok
22:42:30.0509 0x0bf0 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
22:42:30.0549 0x0bf0 Rasl2tp - ok
22:42:30.0569 0x0bf0 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
22:42:30.0609 0x0bf0 RasMan - ok
22:42:30.0619 0x0bf0 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
22:42:30.0659 0x0bf0 RasPppoe - ok
22:42:30.0689 0x0bf0 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
22:42:30.0719 0x0bf0 RasSstp - ok
22:42:30.0729 0x0bf0 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
22:42:30.0779 0x0bf0 rdbss - ok
22:42:30.0789 0x0bf0 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
22:42:30.0799 0x0bf0 rdpbus - ok
22:42:30.0819 0x0bf0 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
22:42:30.0839 0x0bf0 RDPCDD - ok
22:42:30.0869 0x0bf0 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
22:42:30.0909 0x0bf0 RDPENCDD - ok
22:42:30.0919 0x0bf0 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
22:42:30.0949 0x0bf0 RDPREFMP - ok
22:42:30.0999 0x0bf0 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\windows\system32\drivers\RDPWD.sys
22:42:31.0049 0x0bf0 RDPWD - ok
22:42:31.0079 0x0bf0 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
22:42:31.0099 0x0bf0 rdyboost - ok
22:42:31.0129 0x0bf0 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
22:42:31.0169 0x0bf0 RemoteAccess - ok
22:42:31.0209 0x0bf0 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
22:42:31.0239 0x0bf0 RemoteRegistry - ok
22:42:31.0289 0x0bf0 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\windows\system32\DRIVERS\rfcomm.sys
22:42:31.0319 0x0bf0 RFCOMM - ok
22:42:31.0349 0x0bf0 [ 7B04C9843921AB1F695FB395422C5360, C9B02BE0384357FD242613C2A12029B45322AF9A795CD69F33500CA7530899A7 ] RimUsb C:\windows\system32\Drivers\RimUsb_AMD64.sys
22:42:31.0369 0x0bf0 RimUsb - ok
22:42:31.0399 0x0bf0 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
22:42:31.0449 0x0bf0 RpcEptMapper - ok
22:42:31.0489 0x0bf0 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
22:42:31.0529 0x0bf0 RpcLocator - ok
22:42:31.0559 0x0bf0 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
22:42:31.0599 0x0bf0 RpcSs - ok
22:42:31.0629 0x0bf0 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
22:42:31.0679 0x0bf0 rspndr - ok
22:42:31.0719 0x0bf0 [ 1BE36AB59242A109697870F16A8E0EF8, CAC949D97EEFA0CE5E89084D0950B6E331145870355367803530D0DED4962F2E ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
22:42:31.0739 0x0bf0 RTL8167 - ok
22:42:31.0749 0x0bf0 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs C:\windows\system32\lsass.exe
22:42:31.0759 0x0bf0 SamSs - ok
22:42:31.0779 0x0bf0 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
22:42:31.0789 0x0bf0 sbp2port - ok
22:42:31.0839 0x0bf0 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
22:42:31.0869 0x0bf0 SCardSvr - ok
22:42:31.0879 0x0bf0 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
22:42:31.0909 0x0bf0 scfilter - ok
22:42:31.0949 0x0bf0 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
22:42:31.0999 0x0bf0 Schedule - ok
22:42:32.0009 0x0bf0 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
22:42:32.0039 0x0bf0 SCPolicySvc - ok
22:42:32.0059 0x0bf0 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\windows\system32\DRIVERS\sdbus.sys
22:42:32.0079 0x0bf0 sdbus - ok
22:42:32.0099 0x0bf0 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
22:42:32.0139 0x0bf0 SDRSVC - ok
22:42:32.0159 0x0bf0 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
22:42:32.0179 0x0bf0 secdrv - ok
22:42:32.0209 0x0bf0 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
22:42:32.0239 0x0bf0 seclogon - ok
22:42:32.0239 0x0bf0 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\system32\sens.dll
22:42:32.0279 0x0bf0 SENS - ok
22:42:32.0299 0x0bf0 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
22:42:32.0319 0x0bf0 SensrSvc - ok
22:42:32.0329 0x0bf0 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys
22:42:32.0339 0x0bf0 Serenum - ok
22:42:32.0349 0x0bf0 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
22:42:32.0369 0x0bf0 Serial - ok
22:42:32.0409 0x0bf0 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
22:42:32.0449 0x0bf0 sermouse - ok
22:42:32.0489 0x0bf0 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
22:42:32.0539 0x0bf0 SessionEnv - ok
22:42:32.0559 0x0bf0 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
22:42:32.0569 0x0bf0 sffdisk - ok
22:42:32.0589 0x0bf0 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
22:42:32.0609 0x0bf0 sffp_mmc - ok
22:42:32.0629 0x0bf0 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
22:42:32.0639 0x0bf0 sffp_sd - ok
22:42:32.0659 0x0bf0 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
22:42:32.0669 0x0bf0 sfloppy - ok
22:42:32.0699 0x0bf0 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
22:42:32.0739 0x0bf0 SharedAccess - ok
22:42:32.0769 0x0bf0 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
22:42:32.0799 0x0bf0 ShellHWDetection - ok
22:42:32.0819 0x0bf0 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
22:42:32.0829 0x0bf0 SiSRaid2 - ok
22:42:32.0839 0x0bf0 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
22:42:32.0849 0x0bf0 SiSRaid4 - ok
22:42:32.0889 0x0bf0 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
22:42:32.0919 0x0bf0 Smb - ok
22:42:32.0949 0x0bf0 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
22:42:32.0959 0x0bf0 SNMPTRAP - ok
22:42:33.0059 0x0bf0 [ 80B683DF156771E30D33E01AF09ABE3C, 950496EAF8BF1AEDDF1B0555E9BA605DF7F9E9E3EA2D7BDEF7A0083B859F0D93 ] SNP2UVC C:\windows\system32\DRIVERS\snp2uvc.sys
22:42:33.0099 0x0bf0 SNP2UVC - ok
22:42:33.0109 0x0bf0 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
22:42:33.0119 0x0bf0 spldr - ok
22:42:33.0159 0x0bf0 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
22:42:33.0179 0x0bf0 Spooler - ok
22:42:33.0339 0x0bf0 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
22:42:33.0429 0x0bf0 sppsvc - ok
22:42:33.0459 0x0bf0 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
22:42:33.0499 0x0bf0 sppuinotify - ok
22:42:33.0529 0x0bf0 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
22:42:33.0549 0x0bf0 srv - ok
22:42:33.0569 0x0bf0 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
22:42:33.0599 0x0bf0 srv2 - ok
22:42:33.0619 0x0bf0 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
22:42:33.0629 0x0bf0 srvnet - ok
22:42:33.0659 0x0bf0 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
22:42:33.0689 0x0bf0 SSDPSRV - ok
22:42:33.0709 0x0bf0 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
22:42:33.0749 0x0bf0 SstpSvc - ok
22:42:33.0829 0x0bf0 [ 634C0CDC3F63AED52982A15C21FA9939, 9163A562EC5B5E5BAF962AA2390E125A609C5EE50D980593D9209E6DEBD7C994 ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
22:42:33.0859 0x0bf0 STacSV - detected UnsignedFile.Multi.Generic ( 1 )
22:42:36.0649 0x0bf0 Detect skipped due to KSN trusted
22:42:36.0649 0x0bf0 STacSV - ok
22:42:36.0689 0x0bf0 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
22:42:36.0719 0x0bf0 stexstor - ok
22:42:36.0789 0x0bf0 [ 54A0E8D8118455AB2BF4B42DA46ECC02, E4BBE2354B5E1BB9FE36BCDB5393801B3F882F144BED1E98A8ADB68FC50028BE ] STHDA C:\windows\system32\DRIVERS\stwrt64.sys
22:42:36.0829 0x0bf0 STHDA - ok
22:42:36.0879 0x0bf0 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
22:42:36.0919 0x0bf0 stisvc - ok
22:42:36.0949 0x0bf0 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
22:42:36.0949 0x0bf0 swenum - ok
22:42:36.0989 0x0bf0 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
22:42:37.0029 0x0bf0 swprv - ok
22:42:37.0109 0x0bf0 [ 2CD7E4392A5E98FA1281B22F62A48E04, 6C0B0436C4BC2B083CEA0E22726A8855AF5FFD63FB9EF32CD82960AA9BEE0BE6 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
22:42:37.0139 0x0bf0 SynTP - ok
22:42:37.0209 0x0bf0 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
22:42:37.0259 0x0bf0 SysMain - ok
22:42:37.0289 0x0bf0 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
22:42:37.0309 0x0bf0 TabletInputService - ok
22:42:37.0329 0x0bf0 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
22:42:37.0359 0x0bf0 TapiSrv - ok
22:42:37.0379 0x0bf0 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
22:42:37.0409 0x0bf0 TBS - ok
22:42:37.0509 0x0bf0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\windows\system32\drivers\tcpip.sys
22:42:37.0559 0x0bf0 Tcpip - ok
22:42:37.0639 0x0bf0 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
22:42:37.0679 0x0bf0 TCPIP6 - ok
22:42:37.0699 0x0bf0 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
22:42:37.0709 0x0bf0 tcpipreg - ok
22:42:37.0739 0x0bf0 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
22:42:37.0769 0x0bf0 TDPIPE - ok
22:42:37.0779 0x0bf0 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
22:42:37.0789 0x0bf0 TDTCP - ok
22:42:37.0829 0x0bf0 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\windows\system32\DRIVERS\tdx.sys
22:42:37.0849 0x0bf0 tdx - ok
22:42:37.0859 0x0bf0 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
22:42:37.0869 0x0bf0 TermDD - ok
22:42:37.0939 0x0bf0 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\windows\System32\termsrv.dll
22:42:37.0989 0x0bf0 TermService - ok
22:42:38.0019 0x0bf0 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
22:42:38.0049 0x0bf0 Themes - ok
22:42:38.0079 0x0bf0 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
22:42:38.0099 0x0bf0 THREADORDER - ok
22:42:38.0139 0x0bf0 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
22:42:38.0179 0x0bf0 TrkWks - ok
22:42:38.0239 0x0bf0 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
22:42:38.0299 0x0bf0 TrustedInstaller - ok
22:42:38.0329 0x0bf0 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
22:42:38.0349 0x0bf0 tssecsrv - ok
22:42:38.0379 0x0bf0 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
22:42:38.0409 0x0bf0 TsUsbFlt - ok
22:42:38.0429 0x0bf0 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
22:42:38.0449 0x0bf0 TsUsbGD - ok
22:42:38.0479 0x0bf0 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
22:42:38.0519 0x0bf0 tunnel - ok
22:42:38.0539 0x0bf0 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
22:42:38.0549 0x0bf0 uagp35 - ok
22:42:38.0629 0x0bf0 [ F0458A5ABFC8C269798D398F664666A8, 04102C73360F8B4E81E84D099ADD90F77CE0A785ED7FE9F767045F451118FD7E ] uArcCapture C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe
22:42:38.0649 0x0bf0 uArcCapture - ok
22:42:38.0679 0x0bf0 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
22:42:38.0719 0x0bf0 udfs - ok
22:42:38.0749 0x0bf0 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
22:42:38.0769 0x0bf0 UI0Detect - ok
22:42:38.0789 0x0bf0 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
22:42:38.0799 0x0bf0 uliagpkx - ok
22:42:38.0829 0x0bf0 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
22:42:38.0849 0x0bf0 umbus - ok
22:42:38.0869 0x0bf0 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys
22:42:38.0879 0x0bf0 UmPass - ok
22:42:38.0999 0x0bf0 [ D8A54623FFFB5A882645910EA165AE44, 527968E3C2CC67AFB4CC908584D4A7E40FDD76CBF2F2D9756BB17DA647A0DC73 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
22:42:39.0029 0x0bf0 UNS - ok
22:42:39.0069 0x0bf0 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
22:42:39.0119 0x0bf0 upnphost - ok
22:42:39.0179 0x0bf0 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\windows\system32\drivers\usbaudio.sys
22:42:39.0219 0x0bf0 usbaudio - ok
22:42:39.0239 0x0bf0 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
22:42:39.0269 0x0bf0 usbccgp - ok
22:42:39.0279 0x0bf0 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\windows\system32\drivers\usbcir.sys
22:42:39.0309 0x0bf0 usbcir - ok
22:42:39.0329 0x0bf0 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\windows\system32\drivers\usbehci.sys
22:42:39.0359 0x0bf0 usbehci - ok
22:42:39.0389 0x0bf0 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
22:42:39.0419 0x0bf0 usbhub - ok
22:42:39.0439 0x0bf0 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\windows\system32\drivers\usbohci.sys
22:42:39.0459 0x0bf0 usbohci - ok
22:42:39.0489 0x0bf0 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
22:42:39.0499 0x0bf0 usbprint - ok
22:42:39.0519 0x0bf0 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\windows\system32\drivers\usbscan.sys
22:42:39.0579 0x0bf0 usbscan - ok
22:42:39.0589 0x0bf0 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
22:42:39.0629 0x0bf0 USBSTOR - ok
22:42:39.0649 0x0bf0 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
22:42:39.0679 0x0bf0 usbuhci - ok
22:42:39.0719 0x0bf0 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
22:42:39.0739 0x0bf0 usbvideo - ok
22:42:39.0759 0x0bf0 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
22:42:39.0819 0x0bf0 UxSms - ok
22:42:39.0839 0x0bf0 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc C:\windows\system32\lsass.exe
22:42:39.0849 0x0bf0 VaultSvc - ok
22:42:39.0989 0x0bf0 [ EF3BD2119454883B0D5463AD5327DD10, 3A9BE7DFAFA11F6DDD0E2BC9AF461CD14EE2C9480551661D8BF4BB6F348C34A6 ] vcsFPService C:\windows\system32\vcsFPService.exe
22:42:40.0049 0x0bf0 vcsFPService - ok
22:42:40.0069 0x0bf0 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
22:42:40.0079 0x0bf0 vdrvroot - ok
22:42:40.0109 0x0bf0 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
22:42:40.0149 0x0bf0 vds - ok
22:42:40.0189 0x0bf0 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
22:42:40.0219 0x0bf0 vga - ok
22:42:40.0229 0x0bf0 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
22:42:40.0259 0x0bf0 VgaSave - ok
22:42:40.0279 0x0bf0 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
22:42:40.0289 0x0bf0 vhdmp - ok
22:42:40.0319 0x0bf0 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
22:42:40.0329 0x0bf0 viaide - ok
22:42:40.0359 0x0bf0 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
22:42:40.0369 0x0bf0 volmgr - ok
22:42:40.0389 0x0bf0 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
22:42:40.0409 0x0bf0 volmgrx - ok
22:42:40.0419 0x0bf0 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\windows\system32\drivers\volsnap.sys
22:42:40.0429 0x0bf0 volsnap - ok
22:42:40.0459 0x0bf0 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
22:42:40.0469 0x0bf0 vsmraid - ok
22:42:40.0529 0x0bf0 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
22:42:40.0599 0x0bf0 VSS - ok
22:42:40.0609 0x0bf0 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
22:42:40.0619 0x0bf0 vwifibus - ok
22:42:40.0639 0x0bf0 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
22:42:40.0669 0x0bf0 vwififlt - ok
22:42:40.0689 0x0bf0 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
22:42:40.0699 0x0bf0 vwifimp - ok
22:42:40.0729 0x0bf0 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
22:42:40.0759 0x0bf0 W32Time - ok
22:42:40.0789 0x0bf0 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
22:42:40.0799 0x0bf0 WacomPen - ok
22:42:40.0819 0x0bf0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
22:42:40.0849 0x0bf0 WANARP - ok
22:42:40.0859 0x0bf0 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
22:42:40.0879 0x0bf0 Wanarpv6 - ok
22:42:40.0949 0x0bf0 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
22:42:40.0999 0x0bf0 wbengine - ok
22:42:41.0009 0x0bf0 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
22:42:41.0039 0x0bf0 WbioSrvc - ok
22:42:41.0079 0x0bf0 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
22:42:41.0099 0x0bf0 wcncsvc - ok
22:42:41.0109 0x0bf0 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
22:42:41.0139 0x0bf0 WcsPlugInService - ok
22:42:41.0149 0x0bf0 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
22:42:41.0159 0x0bf0 Wd - ok
22:42:41.0189 0x0bf0 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
22:42:41.0219 0x0bf0 Wdf01000 - ok
22:42:41.0249 0x0bf0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
22:42:41.0279 0x0bf0 WdiServiceHost - ok
22:42:41.0279 0x0bf0 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\windows\system32\wdi.dll
22:42:41.0289 0x0bf0 WdiSystemHost - ok
22:42:41.0319 0x0bf0 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\windows\System32\webclnt.dll
22:42:41.0339 0x0bf0 WebClient - ok
22:42:41.0359 0x0bf0 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
22:42:41.0389 0x0bf0 Wecsvc - ok
22:42:41.0399 0x0bf0 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
22:42:41.0439 0x0bf0 wercplsupport - ok
22:42:41.0469 0x0bf0 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
22:42:41.0489 0x0bf0 WerSvc - ok
22:42:41.0519 0x0bf0 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
22:42:41.0549 0x0bf0 WfpLwf - ok
22:42:41.0569 0x0bf0 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
22:42:41.0579 0x0bf0 WIMMount - ok
22:42:41.0599 0x0bf0 WinDefend - ok
22:42:41.0609 0x0bf0 WinHttpAutoProxySvc - ok
22:42:41.0679 0x0bf0 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
22:42:41.0729 0x0bf0 Winmgmt - ok
22:42:41.0839 0x0bf0 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\windows\system32\WsmSvc.dll
22:42:41.0899 0x0bf0 WinRM - ok
22:42:41.0939 0x0bf0 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
22:42:41.0949 0x0bf0 WinUsb - ok
22:42:41.0999 0x0bf0 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
22:42:42.0029 0x0bf0 Wlansvc - ok
22:42:42.0049 0x0bf0 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
22:42:42.0069 0x0bf0 WmiAcpi - ok
22:42:42.0099 0x0bf0 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
22:42:42.0129 0x0bf0 wmiApSrv - ok
22:42:42.0159 0x0bf0 WMPNetworkSvc - ok
22:42:42.0179 0x0bf0 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
22:42:42.0219 0x0bf0 WPCSvc - ok
22:42:42.0239 0x0bf0 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
22:42:42.0259 0x0bf0 WPDBusEnum - ok
22:42:42.0269 0x0bf0 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
22:42:42.0289 0x0bf0 ws2ifsl - ok
22:42:42.0309 0x0bf0 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\system32\wscsvc.dll
22:42:42.0329 0x0bf0 wscsvc - ok
22:42:42.0329 0x0bf0 WSearch - ok
22:42:42.0459 0x0bf0 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\windows\system32\wuaueng.dll
22:42:42.0519 0x0bf0 wuauserv - ok
22:42:42.0539 0x0bf0 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
22:42:42.0569 0x0bf0 WudfPf - ok
22:42:42.0589 0x0bf0 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
22:42:42.0619 0x0bf0 WUDFRd - ok
22:42:42.0649 0x0bf0 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
22:42:42.0669 0x0bf0 wudfsvc - ok
22:42:42.0699 0x0bf0 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\windows\System32\wwansvc.dll
22:42:42.0719 0x0bf0 WwanSvc - ok
22:42:42.0789 0x0bf0 [ 86B8B1F5C1189D68B07666784BE882FE, 0DD8C627F3DDBDB61B1910540C465C0D62C9F8D84C7CBB6C80782DB02D535AF0 ] ZAtheros Bt and Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
22:42:42.0799 0x0bf0 ZAtheros Bt and Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
22:42:45.0569 0x0bf0 Detect skipped due to KSN trusted
22:42:45.0569 0x0bf0 ZAtheros Bt and Wlan Coex Agent - ok
22:42:45.0649 0x0bf0 ================ Scan global ===============================
22:42:45.0669 0x0bf0 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
22:42:45.0699 0x0bf0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
22:42:45.0709 0x0bf0 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
22:42:45.0749 0x0bf0 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
22:42:45.0779 0x0bf0 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
22:42:45.0789 0x0bf0 [ Global ] - ok
22:42:45.0789 0x0bf0 ================ Scan MBR ==================================
22:42:45.0799 0x0bf0 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
22:42:46.0179 0x0bf0 \Device\Harddisk0\DR0 - ok
22:42:46.0179 0x0bf0 ================ Scan VBR ==================================
22:42:46.0189 0x0bf0 [ 7483B61AF2C7F57A08478194764A48C6 ] \Device\Harddisk0\DR0\Partition1
22:42:46.0189 0x0bf0 \Device\Harddisk0\DR0\Partition1 - ok
22:42:46.0199 0x0bf0 [ FCDA7C700101CACD3A9694962C192E6B ] \Device\Harddisk0\DR0\Partition2
22:42:46.0199 0x0bf0 \Device\Harddisk0\DR0\Partition2 - ok
22:42:46.0229 0x0bf0 [ 77D46616234AE235CE2D09F2CAF49725 ] \Device\Harddisk0\DR0\Partition3
22:42:46.0229 0x0bf0 \Device\Harddisk0\DR0\Partition3 - ok
22:42:46.0249 0x0bf0 [ CE784E420FC6DE9E73462A1837D08E18 ] \Device\Harddisk0\DR0\Partition4
22:42:46.0249 0x0bf0 \Device\Harddisk0\DR0\Partition4 - ok
22:42:46.0249 0x0bf0 ================ Scan generic autorun ======================
22:42:46.0289 0x0bf0 [ A03EEBDBF578C1EC6466D2B43A1D9D61, 8EE05ED1918217387969B252C70542337AD3CA2906F233EF19D6C7596709C802 ] C:\windows\system32\igfxtray.exe
22:42:46.0309 0x0bf0 IgfxTray - ok
22:42:46.0339 0x0bf0 [ 786DC0218FF551D3FF8F314760E6644F, E31FD56AC6B2A525076119CCD5AA6B574BBAE30E73CD06A723B999AD3D99C993 ] C:\windows\system32\hkcmd.exe
22:42:46.0359 0x0bf0 HotKeysCmds - ok
22:42:46.0379 0x0bf0 [ EAACFFA3DDC8F7372537D58A117BDA9A, 7A0BE7EDD12D523BB3A56B3CC9993340CF84CEB4E2C51104DC205A94559D8E8D ] C:\windows\system32\igfxpers.exe
22:42:46.0399 0x0bf0 Persistence - ok
22:42:46.0489 0x0bf0 [ BD4FA01BE032F4A5B1B332A80F102F11, A62581D1DADCA288996AE154134D2185A02A8E393B412F634F6F9C6F27ECDB9F ] C:\Program Files\Hewlett-Packard\HP Power Assistant\DelayedAppStarter.exe
22:42:46.0519 0x0bf0 HPPowerAssistant - ok
22:42:46.0529 0x0bf0 MfeEpePcMonitor - ok
22:42:46.0629 0x0bf0 [ FEDB6110D3E0A7EFE6996F93CD8C48E7, 719F6B648AE9841B03C8FB9FC9D0CB1233FDD3030FBD3C420C3E8CEB59A12214 ] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe
22:42:46.0669 0x0bf0 CanonSolutionMenu - ok
22:42:46.0779 0x0bf0 [ B28AD85B8C199CB573621FCE54D7E19C, 42FFD67529592C5F349936C175E0C40E4E116E20B041042AB1E05FF164AEDD17 ] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe
22:42:46.0819 0x0bf0 CanonMyPrinter - ok
22:42:46.0899 0x0bf0 [ 9D8D9550FCF2CCBA9A29ECD56902A0E6, 18686175B502DC6951CD5EF6B728EB0C5D9B3298E84A47F7C4648BD104E48D6D ] C:\Program Files\IDT\WDM\sttray64.exe
22:42:46.0939 0x0bf0 SysTrayApp - detected UnsignedFile.Multi.Generic ( 1 )
22:42:49.0739 0x0bf0 Detect skipped due to KSN trusted
22:42:49.0739 0x0bf0 SysTrayApp - ok
22:42:49.0739 0x0bf0 SynTPEnh - ok
22:42:49.0799 0x0bf0 [ 049998505AF00B693D9E9C9AB5C11A8F, E54A061608C2AF47B1B834F075ACCA5554A0633174501783872C877C606284E6 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
22:42:49.0829 0x0bf0 IAStorIcon - ok
22:42:49.0889 0x0bf0 [ BDDAFDB5F9517DFE97AD3750CF343819, 4DA9A1FE099CE2EF9F3BA2F30B391B2720806BB815D79CE7C0BEC101399B37FE ] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
22:42:49.0919 0x0bf0 USB3MON - ok
22:42:50.0029 0x0bf0 [ 36095700352B45C3583ED71D2C1C4CBA, 45ADF18FDF3B17540D1393329C94D24383554E0B9FCCC4D9F1230748F24AC841 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
22:42:50.0049 0x0bf0 StartCCC - ok
22:42:50.0059 0x0bf0 AMD AVT - ok
22:42:50.0139 0x0bf0 [ 53AB059637ABB53D51EDCF52789D0847, 058F7B405639615246B2D18DC454A12E89F29FF241C512D87F866AD561BE6784 ] c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe
22:42:50.0159 0x0bf0 DTRun - ok
22:42:50.0549 0x0bf0 [ 1E9BE983BB86FC938AEC57091BFAA477, 3E6EEEE111500A6A112C745FA83A267E8FFBE739B7F59DEDC7F8606CCDDC3CA0 ] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
22:42:50.0779 0x0bf0 File Sanitizer - ok
22:42:50.0899 0x0bf0 [ 085F30DB0B38903940A4141E675BDC08, 3ABFB79C850D2B1976DB4DEF69AA031C4E18B5E240316908DDD16DEA4050365A ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
22:42:50.0929 0x0bf0 avgnt - ok
22:42:50.0959 0x0bf0 [ D63797E8E7781EE1500A810CB6194FA6, 5C96DA00B98F0776E6174EBB7D4D6DB634838E130D8581E11811831D2C57B119 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
22:42:50.0969 0x0bf0 SunJavaUpdateSched - ok
22:42:51.0049 0x0bf0 [ 48B7ABBD880C8F9993B452BA44ECA93C, 521AB8E7DB4E5BFDFE0D019BF5CDCC71D22DC684B5F6B9AC49502C3EFFE08EEB ] C:\Program Files (x86)\PDF Complete\pdfsty.exe
22:42:51.0069 0x0bf0 PDF Complete - ok
22:42:51.0119 0x0bf0 [ 55A7C3EC45396563B7A2D0ED4DA83A37, 48A4CFD404D12ABF4EA3CAE186CA02B5FBD2C15A9119F07A784127E676016A26 ] C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe
22:42:51.0149 0x0bf0 HPConnectionManager - ok
22:42:51.0199 0x0bf0 [ F4D12D87E678ACFA2FC710BB3DA9F8DB, 4B751D1CB7E472E875D795D02A65571F9F116ADB62D298F3364CC8AA7F069BFC ] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
22:42:51.0229 0x0bf0 QLBController - ok
22:42:51.0319 0x0bf0 [ E3BF29CED96790CDAAFA981FFDDF53A3, 76CB27EF7B27E5636EDA9D95229519B2A2870729A0BB694F1FD11CD602BAC4DC ] C:\Program Files\Windows Sidebar\sidebar.exe
22:42:51.0399 0x0bf0 Sidebar - ok
22:42:51.0409 0x0bf0 Waiting for KSN requests completion. In queue: 17
22:42:52.0409 0x0bf0 Waiting for KSN requests completion. In queue: 11
22:42:53.0409 0x0bf0 Waiting for KSN requests completion. In queue: 11
22:42:54.0439 0x0bf0 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.8.650 ), 0x40000 ( disabled : updated )
22:42:54.0439 0x0bf0 Win FW state via NFP2: enabled
22:42:57.0199 0x0bf0 ============================================================
22:42:57.0199 0x0bf0 Scan finished
22:42:57.0199 0x0bf0 ============================================================
22:42:57.0209 0x0cbc Detected object count: 0
22:42:57.0209 0x0cbc Actual detected object count: 0
|
|
12.03.2015, 22:52
| #21 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Entfernen von DHL-Trojaner Gut  Weiter gehts: Adware/Junkware/Toolbars entfernen Alte Versionen von adwCleaner und falls vorhanden JRT vorher löschen, danach neu runterladen auf den Desktop! Virenscanner jetzt vor dem Einsatz dieser Tools bitte komplett deaktivieren! 1. Schritt: adwCleaner Downloade Dir bitte  AdwCleaner auf deinen Desktop.
2. Schritt: JRT - Junkware Removal Tool Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
3. Schritt: Frisches Log mit FRST Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ --> Entfernen von DHL-Trojaner |
|
13.03.2015, 18:31
| #22 |
| | Entfernen von DHL-TrojanerCode:
ATTFilter # AdwCleaner v4.112 - Bericht erstellt 13/03/2015 um 18:14:13
# Aktualisiert 09/03/2015 von Xplode
# Datenbank : 2015-03-05.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : Marie - MARIE-HP
# Gestarted von : C:\Users\Marie\Downloads\AdwCleaner_4.112.exe
# Option : Löschen
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
Ordner Gelöscht : C:\ProgramData\Ask
Ordner Gelöscht : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
Datei Gelöscht : C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\p93ddf4f.default\searchplugins\Askcom.xml
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2FA28606-DE77-4029-AF96-B231E3B8F827}
Schlüssel Gelöscht : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A019CA20-27E6-44A1-80A1-46DC350FECD1}
Schlüssel Gelöscht : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}
Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\Softonic
Schlüssel Gelöscht : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\softonic.de
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17689
-\\ Mozilla Firefox v19.0 (de)
[p93ddf4f.default\prefs.js] - Zeile Gelöscht : user_pref("browser.search.order.1", "Ask.com");
*************************
AdwCleaner[R0].txt - [2591 Bytes] - [13/03/2015 18:12:08]
AdwCleaner[S0].txt - [1923 Bytes] - [13/03/2015 18:14:13]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1982 Bytes] ##########
Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.3 (03.01.2015:1)
OS: Windows 7 Home Premium x64
Ran by Marie on 13.03.2015 at 18:20:35,61
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{B7FCA997-D0FB-4FE0-8AFD-255E89CF9671}
~~~ Files
~~~ Folders
~~~ FireFox
Emptied folder: C:\Users\Marie\AppData\Roaming\mozilla\firefox\profiles\p93ddf4f.default\minidumps [119 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 13.03.2015 at 18:24:09,19
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST Logfile: FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Marie (administrator) on MARIE-HP on 13-03-2015 18:26:41
Running from C:\Users\Marie\Downloads
Loaded Profiles: Marie (Available profiles: Marie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CANON INC.) C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
() C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\taxaktuell.exe
() C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Thisisu) C:\Users\Marie\Downloads\JRT.exe
(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) C:\Users\Marie\Downloads\FRST64(1).exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-04-03] (CANON INC.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-04-03] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-12-22] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2013-04-28] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-01-31] ()
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12313720 2012-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-06-05] (PDF Complete Inc)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-10-31] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\t@x aktuell.lnk
ShortcutTarget: t@x aktuell.lnk -> C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\taxaktuell.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/
HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-08-07] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-16] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-05-08] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-16] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\p93ddf4f.default
FF Homepage: hxxp://de.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-06-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-16] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Extension: Avira Browser Safety - C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\p93ddf4f.default\Extensions\abs@avira.com [2015-03-09]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2012-11-04]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Marie\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-04-28] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477088 2012-09-04] (Hewlett-Packard Company)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-11-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-11-17] (Intel Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-03-27] () [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-06-05] (PDF Complete Inc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-04-03] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-02-03] (ArcSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91432 2013-03-27] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-03-27] (McAfee, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-13 18:26 - 2015-03-13 18:26 - 02095616 _____ (Farbar) C:\Users\Marie\Downloads\FRST64(1).exe
2015-03-13 18:24 - 2015-03-13 18:24 - 00000906 _____ () C:\Users\Marie\Desktop\JRT.txt
2015-03-13 18:19 - 2015-03-13 18:19 - 01388333 _____ (Thisisu) C:\Users\Marie\Downloads\JRT.exe
2015-03-13 18:11 - 2015-03-13 18:14 - 00000000 ____D () C:\AdwCleaner
2015-03-13 18:11 - 2015-03-13 18:11 - 02171392 _____ () C:\Users\Marie\Downloads\AdwCleaner_4.112.exe
2015-03-12 21:56 - 2015-03-12 21:56 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Marie\Downloads\tdsskiller.exe
2015-03-12 18:33 - 2015-03-12 18:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-12 18:32 - 2015-03-12 19:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-12 18:32 - 2015-03-12 18:32 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-12 18:31 - 2015-03-12 19:30 - 00000000 ____D () C:\Users\Marie\Desktop\mbar
2015-03-12 18:31 - 2015-03-12 18:31 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-03-12 18:29 - 2015-03-12 18:29 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Marie\Downloads\mbar-1.09.1.1004.exe
2015-03-12 16:26 - 2015-03-12 16:26 - 00020202 _____ () C:\ComboFix.txt
2015-03-12 16:08 - 2015-03-12 16:26 - 00000000 ____D () C:\Qoobox
2015-03-12 16:08 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-03-12 16:08 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-03-12 16:08 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-03-12 16:08 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-03-12 16:08 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-03-12 16:08 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-03-12 16:08 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-03-12 16:08 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-03-12 16:07 - 2015-03-12 16:25 - 00000000 ____D () C:\windows\erdnt
2015-03-12 16:06 - 2015-03-12 16:06 - 05613296 ____R (Swearware) C:\Users\Marie\Downloads\ComboFix.exe
2015-03-12 15:31 - 2015-03-12 15:35 - 00036610 _____ () C:\Users\Marie\Downloads\Addition.txt
2015-03-12 15:30 - 2015-03-13 18:26 - 00018783 _____ () C:\Users\Marie\Downloads\FRST.txt
2015-03-12 15:28 - 2015-03-13 18:26 - 00000000 ____D () C:\FRST
2015-03-12 15:27 - 2015-03-12 15:27 - 02095616 _____ (Farbar) C:\Users\Marie\Downloads\FRST64.exe
2015-03-12 15:25 - 2015-03-12 15:25 - 01135104 _____ (Farbar) C:\Users\Marie\Downloads\FRST.exe
2015-03-12 15:16 - 2015-03-12 15:16 - 00000714 _____ () C:\Users\Marie\Desktop\Ereignisse.txt
2015-03-10 22:11 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-10 22:11 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-10 22:11 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-10 22:11 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-10 22:11 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-03-10 22:11 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-10 22:11 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-03-10 22:11 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-03-10 22:11 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-10 22:11 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-10 22:10 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-10 22:10 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-03-10 22:10 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-10 22:10 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-03-10 22:10 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-10 22:10 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-10 22:10 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-10 22:10 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-10 22:10 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-10 22:10 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-10 22:10 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-10 22:10 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-03-10 22:10 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-03-10 22:10 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-03-10 22:10 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-03-10 22:10 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-03-10 22:10 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-03-10 22:10 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-03-10 22:10 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-03-10 22:10 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-03-10 22:10 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-10 22:10 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-10 22:10 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-10 22:10 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-03-10 22:08 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-10 22:08 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-10 22:08 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-10 22:08 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-10 22:08 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-10 22:08 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-10 22:08 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-10 22:08 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-03-10 22:08 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-03-10 22:08 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-03-10 22:08 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-03-10 22:08 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-03-10 22:08 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-03-10 22:08 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-10 22:08 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-10 22:08 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-10 22:08 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-03-10 22:08 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-10 22:07 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-10 22:07 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-10 22:07 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-10 22:07 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-10 22:07 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-10 22:07 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-10 22:07 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-10 22:07 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-10 22:07 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-10 22:07 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-10 22:07 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-10 22:07 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-10 22:07 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-10 22:07 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-10 22:07 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-10 22:07 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-10 22:07 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-10 22:07 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-10 22:07 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-10 22:07 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-10 22:07 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-10 22:07 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-10 22:07 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-10 22:07 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-10 22:07 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-10 22:07 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-10 22:07 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-10 22:07 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-10 22:07 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-10 22:07 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-10 22:07 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-10 22:07 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-03-10 22:07 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-03-10 22:07 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-10 22:07 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-10 22:07 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-10 22:07 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-10 22:07 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-03-10 22:07 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-03-10 22:07 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-03-10 22:07 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-10 22:07 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-10 22:07 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-10 22:07 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-10 22:07 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-10 22:07 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-10 22:07 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-10 22:07 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-10 22:07 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-10 22:07 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-10 22:07 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-10 22:07 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-03-10 22:07 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-10 22:07 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-10 22:07 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-10 22:07 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-10 22:07 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-03-10 22:07 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-10 22:07 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-10 22:07 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-10 22:07 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-03-10 22:06 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-10 22:06 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-03-06 20:30 - 2015-03-06 20:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-03 21:51 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-03-03 21:51 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-03-03 21:51 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-03-03 21:51 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
2015-03-02 00:10 - 2015-03-02 00:10 - 11580676 _____ () C:\Users\Marie\Downloads\Yvi.zip
2015-02-26 07:51 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-26 07:51 - 2015-01-09 00:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-17 15:26 - 2015-02-17 15:26 - 01217184 _____ (Microsoft Corporation) C:\windows\SysWOW64\FM20.DLL
2015-02-11 11:52 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 11:52 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 11:52 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 11:52 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 11:52 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 11:52 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 11:52 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 11:52 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 11:51 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 11:51 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-11 11:51 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 11:51 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 11:51 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-02-11 11:51 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-02-11 11:51 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-13 18:25 - 2009-07-14 05:45 - 00028352 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-13 18:25 - 2009-07-14 05:45 - 00028352 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-13 18:23 - 2012-11-03 17:17 - 00003930 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{C4724AC1-8B44-47C1-B882-62DBD4CE486B}
2015-03-13 18:21 - 2012-11-13 21:48 - 00000000 ____D () C:\Users\Marie\AppData\Local\CrashDumps
2015-03-13 18:16 - 2012-04-16 04:16 - 00000000 ____D () C:\ProgramData\PDFC
2015-03-13 18:15 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-13 18:15 - 2009-07-14 05:51 - 00100189 _____ () C:\windows\setupact.log
2015-03-13 18:14 - 2012-07-04 01:13 - 01150336 _____ () C:\windows\WindowsUpdate.log
2015-03-13 17:57 - 2013-06-24 19:56 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-12 16:26 - 2013-02-09 22:37 - 00000000 ____D () C:\Users\Marie\AppData\Local\Apps\2.0
2015-03-12 16:26 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-12 16:20 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2015-03-12 16:18 - 2010-11-21 04:47 - 00299312 _____ () C:\windows\PFRO.log
2015-03-12 16:04 - 2012-11-03 17:17 - 00000000 ____D () C:\Users\Marie\Documents\Bluetooth Folder
2015-03-11 22:52 - 2009-07-14 06:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2015-03-11 22:52 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-11 16:34 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-03-11 15:56 - 2009-07-14 05:45 - 00343440 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-11 15:53 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2015-03-11 15:52 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism
2015-03-11 15:34 - 2012-11-03 17:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 15:27 - 2013-08-18 15:35 - 00000000 ____D () C:\windows\system32\MRT
2015-03-11 15:22 - 2013-01-23 15:37 - 122905848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-10 21:26 - 2015-02-01 11:06 - 00000000 ____D () C:\Users\Marie\Desktop\Schnittmuster
2015-03-10 20:54 - 2014-09-05 20:18 - 00003186 _____ () C:\windows\System32\Tasks\HPCeeScheduleForMarie
2015-03-10 20:54 - 2014-09-05 20:18 - 00000332 _____ () C:\windows\Tasks\HPCeeScheduleForMarie.job
2015-03-08 16:33 - 2015-01-17 22:54 - 00098304 _____ (Sony DADC Austria AG.) C:\windows\SysWOW64\CmdLineExt.dll
2015-03-08 13:48 - 2012-11-04 12:31 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2015-03-07 13:20 - 2012-12-14 21:21 - 00043520 _____ () C:\windows\SysWOW64\CmdLineExt03.dll
2015-03-07 13:20 - 2012-11-21 21:04 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-05 11:54 - 2014-09-06 14:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-05 11:54 - 2013-02-19 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-05 11:54 - 2013-02-19 16:49 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-05 11:51 - 2013-05-07 20:03 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-03-05 11:51 - 2013-04-02 22:30 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-03-05 11:51 - 2013-04-02 22:30 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-03-04 18:38 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\tracing
2015-02-26 11:26 - 2012-04-16 02:50 - 00699666 _____ () C:\windows\system32\perfh007.dat
2015-02-26 11:26 - 2012-04-16 02:50 - 00149774 _____ () C:\windows\system32\perfc007.dat
2015-02-26 11:26 - 2009-07-14 06:13 - 01620612 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-26 09:37 - 2012-11-03 17:17 - 00000000 ____D () C:\Users\Marie\AppData\Local\PDFC
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-02-15 22:18 - 2011-07-29 00:51 - 00000000 ____D () C:\swsetup
2015-02-12 09:52 - 2014-12-13 13:26 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-12 09:52 - 2014-05-14 09:24 - 00000000 ___SD () C:\windows\system32\CompatTel
==================== Files in the root of some directories =======
2013-02-24 17:42 - 2013-02-24 17:42 - 0000017 _____ () C:\Users\Marie\AppData\Local\resmon.resmoncfg
Some content of TEMP:
====================
C:\Users\Marie\AppData\Local\Temp\avgnt.exe
C:\Users\Marie\AppData\Local\Temp\Quarantine.exe
C:\Users\Marie\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-05 13:19
==================== End Of Log ============================
--- --- --- --- --- ---  einen additional log gibts nicht!? |
|
13.03.2015, 19:06
| #23 | |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Entfernen von DHL-Trojaner Zukünftig bitte beachten: Zitat:
Bitte alle Tools direkt auf den Desktop downloaden bzw. dorthin verschieben und vom Desktop starten, da unsere Anleitungen daraufhin ausgelegt sind. Zudem lassen sich dann am Ende der Bereinigung alle verwendeten Tools sehr einfach entfernen. Alle Tools bis zum Ende der Bereinigung auf dem Desktop lassen, evtl. benötigen wir manche öfter. Bitte auch ne neue Addition.txt erstellen, dazu FRST starten und einen Haken setzen bei Addition.txt, dann auf Scan klicken. 
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.03.2015, 19:17
| #24 |
| | Entfernen von DHL-Trojaner ui, hab eigentlich gedacht, es wurde auf dem desktop gespeichert. Also 1. bis 3. Schritt nochmal? Muss ich das in den Downloads dann löschen? |
|
13.03.2015, 20:59
| #25 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Entfernen von DHL-Trojaner Mach es doch nicht so kompliziert. Einfach FRST von Downloads in den Desktop verschieben
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.03.2015, 21:36
| #26 |
| | Entfernen von DHL-Trojaner Jetzt aber hoffentlich ;-) FRST Logfile: FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by Marie (administrator) on MARIE-HP on 13-03-2015 21:31:07
Running from C:\Users\Marie\Desktop
Loaded Profiles: Marie (Available profiles: Marie)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(CANON INC.) C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.EXE
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
() C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\taxaktuell.exe
() C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPConnectionManager.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_16_0_0_305.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [3488640 2012-03-14] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => "C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe"
HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [644696 2007-05-14] (CANON INC.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [1840720 2007-04-03] (CANON INC.)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-04-03] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-12-22] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-03-01] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2013-04-28] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [636032 2012-03-30] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [AMD AVT] => C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe [10752 2012-01-31] ()
HKLM-x32\...\Run: [DTRun] => c:\Program Files (x86)\ArcSoft\TotalMedia Suite\TotalMedia Theatre 3\uDTRun.exe [517456 2010-11-24] (ArcSoft Inc.)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12313720 2012-08-07] (Hewlett-Packard)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703280 2015-03-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [683656 2013-06-05] (PDF Complete Inc)
HKLM-x32\...\Run: [HPConnectionManager] => C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\HPCMDelayStart.exe [185144 2013-10-31] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [337184 2013-10-16] (Hewlett-Packard Company)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [127792 2015-02-12] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP-x32: DeviceNP.dll [X]
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ImageBrowser EX Agent.lnk
ShortcutTarget: ImageBrowser EX Agent.lnk -> C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\t@x aktuell.lnk
ShortcutTarget: t@x aktuell.lnk -> C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\taxaktuell.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WISO Mein Steuer-Sparbuch heute.lnk
ShortcutTarget: WISO Mein Steuer-Sparbuch heute.lnk -> C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://de.yahoo.com/
HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28] (Hewlett-Packard)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-08-07] (Hewlett-Packard)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-06-16] (Oracle Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2013-05-08] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-06-16] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28] (Hewlett-Packard)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\p93ddf4f.default
FF Homepage: hxxp://de.yahoo.com/
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_305.dll [2015-02-04] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll [2015-02-04] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.66 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-11-17] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-11-17] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.21.2 -> C:\windows\SysWOW64\npDeployJava1.dll [2013-06-16] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-16] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Extension: Avira Browser Safety - C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\p93ddf4f.default\Extensions\abs@avira.com [2015-03-09]
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: DigitalPersona Extension - C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2012-11-04]
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [aaaaojmikegpiepcfdkkjaplodkpfmlo] - C:\Users\Marie\AppData\Local\APN\GoogleCRXs\apnorjtoolbar.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2015-03-05] (Avira Operations GmbH & Co. KG)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [312448 2013-09-25] (Windows (R) Win 7 DDK provider) [File not signed]
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [184056 2015-02-12] (Avira Operations GmbH & Co. KG)
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [493904 2012-04-28] (DigitalPersona, Inc.)
S3 FLCDLOCK; c:\windows\SysWOW64\flcdlock.exe [477088 2012-09-04] (Hewlett-Packard Company)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [92160 2013-11-04] (Hewlett-Packard Company) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel(R) Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131032 2013-11-17] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165336 2013-11-17] (Intel Corporation)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-03-27] () [File not signed]
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1143432 2013-06-05] (PDF Complete Inc)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2013-04-03] (IDT, Inc.) [File not signed]
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [498352 2012-02-03] (ArcSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-09-25] (Atheros) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [32896 2012-03-20] (Advanced Micro Devices, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ARCVCAM; C:\Windows\System32\DRIVERS\ArcSoftVCapture.sys [42816 2012-02-03] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [128536 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-03-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-11-26] (Avira Operations GmbH & Co. KG)
R3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-09-25] (Qualcomm Atheros)
S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91432 2013-03-27] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-03-27] (McAfee, Inc.)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-13 21:31 - 2015-03-13 21:32 - 00018760 _____ () C:\Users\Marie\Desktop\FRST.txt
2015-03-13 18:26 - 2015-03-13 18:26 - 02095616 _____ (Farbar) C:\Users\Marie\Downloads\FRST64(1).exe
2015-03-13 18:24 - 2015-03-13 18:24 - 00000906 _____ () C:\Users\Marie\Desktop\JRT.txt
2015-03-13 18:19 - 2015-03-13 18:19 - 01388333 _____ (Thisisu) C:\Users\Marie\Desktop\JRT.exe
2015-03-13 18:11 - 2015-03-13 19:23 - 00000000 ____D () C:\AdwCleaner
2015-03-13 18:11 - 2015-03-13 18:11 - 02171392 _____ () C:\Users\Marie\Desktop\AdwCleaner_4.112.exe
2015-03-12 21:56 - 2015-03-12 21:56 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\Marie\Downloads\tdsskiller.exe
2015-03-12 18:33 - 2015-03-12 18:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-03-12 18:32 - 2015-03-12 19:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-03-12 18:32 - 2015-03-12 18:32 - 00136408 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2015-03-12 18:31 - 2015-03-12 19:30 - 00000000 ____D () C:\Users\Marie\Desktop\mbar
2015-03-12 18:31 - 2015-03-12 18:31 - 00107736 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2015-03-12 18:29 - 2015-03-12 18:29 - 16502728 _____ (Malwarebytes Corp.) C:\Users\Marie\Downloads\mbar-1.09.1.1004.exe
2015-03-12 16:26 - 2015-03-12 16:26 - 00020202 _____ () C:\ComboFix.txt
2015-03-12 16:08 - 2015-03-12 16:26 - 00000000 ____D () C:\Qoobox
2015-03-12 16:08 - 2011-06-26 07:45 - 00256000 _____ () C:\windows\PEV.exe
2015-03-12 16:08 - 2010-11-07 18:20 - 00208896 _____ () C:\windows\MBR.exe
2015-03-12 16:08 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\windows\NIRCMD.exe
2015-03-12 16:08 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\windows\SWREG.exe
2015-03-12 16:08 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\windows\SWSC.exe
2015-03-12 16:08 - 2000-08-31 01:00 - 00098816 _____ () C:\windows\sed.exe
2015-03-12 16:08 - 2000-08-31 01:00 - 00080412 _____ () C:\windows\grep.exe
2015-03-12 16:08 - 2000-08-31 01:00 - 00068096 _____ () C:\windows\zip.exe
2015-03-12 16:07 - 2015-03-12 16:25 - 00000000 ____D () C:\windows\erdnt
2015-03-12 16:06 - 2015-03-12 16:06 - 05613296 ____R (Swearware) C:\Users\Marie\Downloads\ComboFix.exe
2015-03-12 15:31 - 2015-03-12 15:35 - 00036610 _____ () C:\Users\Marie\Downloads\Addition.txt
2015-03-12 15:30 - 2015-03-13 18:28 - 00052507 _____ () C:\Users\Marie\Downloads\FRST.txt
2015-03-12 15:28 - 2015-03-13 21:31 - 00000000 ____D () C:\FRST
2015-03-12 15:27 - 2015-03-12 15:27 - 02095616 _____ (Farbar) C:\Users\Marie\Desktop\FRST64.exe
2015-03-12 15:25 - 2015-03-12 15:25 - 01135104 _____ (Farbar) C:\Users\Marie\Downloads\FRST.exe
2015-03-12 15:16 - 2015-03-12 15:16 - 00000714 _____ () C:\Users\Marie\Desktop\Ereignisse.txt
2015-03-10 22:11 - 2015-02-20 05:41 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-10 22:11 - 2015-02-20 05:40 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-10 22:11 - 2015-02-20 05:40 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-10 22:11 - 2015-02-20 05:40 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-10 22:11 - 2015-02-20 05:13 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-03-10 22:11 - 2015-02-20 05:13 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-10 22:11 - 2015-02-20 05:13 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-03-10 22:11 - 2015-02-20 05:12 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-03-10 22:11 - 2015-02-20 04:29 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-10 22:11 - 2015-02-20 04:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-10 22:10 - 2015-02-03 04:34 - 05554104 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-10 22:10 - 2015-02-03 04:34 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-03-10 22:10 - 2015-02-03 04:34 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-10 22:10 - 2015-02-03 04:33 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-03-10 22:10 - 2015-02-03 04:31 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-10 22:10 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-10 22:10 - 2015-02-03 04:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-10 22:10 - 2015-02-03 04:30 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-10 22:10 - 2015-02-03 04:30 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-10 22:10 - 2015-02-03 04:30 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-10 22:10 - 2015-02-03 04:29 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-10 22:10 - 2015-02-03 04:28 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-10 22:10 - 2015-02-03 04:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-10 22:10 - 2015-02-03 04:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-10 22:10 - 2015-02-03 04:16 - 03973048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-03-10 22:10 - 2015-02-03 04:16 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-03-10 22:10 - 2015-02-03 04:12 - 11411968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-03-10 22:10 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-03-10 22:10 - 2015-02-03 04:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-03-10 22:10 - 2015-02-03 04:11 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-03-10 22:10 - 2015-02-03 04:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-03-10 22:10 - 2015-02-03 04:11 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-03-10 22:10 - 2015-02-03 04:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-03-10 22:10 - 2015-02-03 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-03-10 22:10 - 2015-02-03 03:32 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-10 22:10 - 2014-10-31 23:24 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-10 22:10 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-10 22:10 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-03-10 22:08 - 2015-03-06 06:56 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-10 22:08 - 2015-03-06 06:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-10 22:08 - 2015-03-06 06:42 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-10 22:08 - 2015-03-06 06:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-10 22:08 - 2015-03-06 06:41 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-10 22:08 - 2015-03-06 06:41 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-10 22:08 - 2015-03-06 06:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-10 22:08 - 2015-03-06 06:38 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-10 22:08 - 2015-03-06 06:36 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-03-10 22:08 - 2015-03-06 06:10 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-03-10 22:08 - 2015-03-06 06:09 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-03-10 22:08 - 2015-03-06 06:09 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-03-10 22:08 - 2015-03-06 06:07 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-03-10 22:08 - 2015-03-06 06:07 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-03-10 22:08 - 2015-03-06 06:06 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-03-10 22:08 - 2015-02-13 06:26 - 12875264 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-10 22:08 - 2015-02-13 06:22 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-10 22:08 - 2015-02-03 04:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-10 22:08 - 2015-02-03 04:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-03-10 22:08 - 2015-01-31 00:56 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-10 22:07 - 2015-02-26 04:25 - 03204096 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-10 22:07 - 2015-02-24 04:15 - 00389800 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-10 22:07 - 2015-02-24 03:32 - 00342696 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-10 22:07 - 2015-02-21 02:16 - 25021440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-10 22:07 - 2015-02-21 01:41 - 12827648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-10 22:07 - 2015-02-21 01:27 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-10 22:07 - 2015-02-21 01:27 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-10 22:07 - 2015-02-21 01:25 - 19720192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-10 22:07 - 2015-02-21 00:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-10 22:07 - 2015-02-21 00:32 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-10 22:07 - 2015-02-20 04:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-10 22:07 - 2015-02-20 04:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-10 22:07 - 2015-02-20 03:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-10 22:07 - 2015-02-20 03:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-10 22:07 - 2015-02-20 03:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-10 22:07 - 2015-02-20 03:48 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-10 22:07 - 2015-02-20 03:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-10 22:07 - 2015-02-20 03:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-10 22:07 - 2015-02-20 03:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-10 22:07 - 2015-02-20 03:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-10 22:07 - 2015-02-20 03:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-10 22:07 - 2015-02-20 03:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-10 22:07 - 2015-02-20 03:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-10 22:07 - 2015-02-20 03:32 - 06035456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-10 22:07 - 2015-02-20 03:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-10 22:07 - 2015-02-20 03:22 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-10 22:07 - 2015-02-20 03:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-10 22:07 - 2015-02-20 03:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-10 22:07 - 2015-02-20 03:09 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-10 22:07 - 2015-02-20 03:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-10 22:07 - 2015-02-20 03:08 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-10 22:07 - 2015-02-20 03:08 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-03-10 22:07 - 2015-02-20 03:06 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-03-10 22:07 - 2015-02-20 03:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-10 22:07 - 2015-02-20 03:03 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-10 22:07 - 2015-02-20 03:01 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-10 22:07 - 2015-02-20 03:00 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-10 22:07 - 2015-02-20 02:58 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-03-10 22:07 - 2015-02-20 02:56 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-03-10 22:07 - 2015-02-20 02:56 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-03-10 22:07 - 2015-02-20 02:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-10 22:07 - 2015-02-20 02:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-10 22:07 - 2015-02-20 02:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-10 22:07 - 2015-02-20 02:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-10 22:07 - 2015-02-20 02:43 - 14398976 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-10 22:07 - 2015-02-20 02:41 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-10 22:07 - 2015-02-20 02:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-10 22:07 - 2015-02-20 02:30 - 04300288 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-10 22:07 - 2015-02-20 02:28 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-10 22:07 - 2015-02-20 02:24 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-10 22:07 - 2015-02-20 02:24 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-10 22:07 - 2015-02-20 02:23 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-03-10 22:07 - 2015-02-20 02:16 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-10 22:07 - 2015-02-20 02:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-10 22:07 - 2015-02-20 02:01 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-10 22:07 - 2015-02-20 01:57 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-10 22:07 - 2015-02-20 01:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-03-10 22:07 - 2015-02-03 04:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-10 22:07 - 2015-02-03 04:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-10 22:07 - 2015-01-17 03:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-10 22:07 - 2015-01-17 03:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-03-10 22:06 - 2015-02-04 04:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-10 22:06 - 2015-02-04 03:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-03-06 20:30 - 2015-03-06 20:30 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-03 21:51 - 2015-01-09 04:14 - 00950272 _____ (Microsoft Corporation) C:\windows\system32\perftrack.dll
2015-03-03 21:51 - 2015-01-09 04:14 - 00091136 _____ (Microsoft Corporation) C:\windows\system32\wdi.dll
2015-03-03 21:51 - 2015-01-09 04:14 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\powertracker.dll
2015-03-03 21:51 - 2015-01-09 03:48 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdi.dll
2015-03-02 00:10 - 2015-03-02 00:10 - 11580676 _____ () C:\Users\Marie\Downloads\Yvi.zip
2015-02-26 07:51 - 2015-01-09 00:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-26 07:51 - 2015-01-09 00:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-17 15:26 - 2015-02-17 15:26 - 01217184 _____ (Microsoft Corporation) C:\windows\SysWOW64\FM20.DLL
2015-02-11 11:52 - 2015-02-04 04:16 - 00894976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2015-02-11 11:52 - 2015-02-04 04:16 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2015-02-11 11:52 - 2015-02-04 04:16 - 00609280 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2015-02-11 11:52 - 2015-02-04 04:16 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2015-02-11 11:52 - 2015-02-04 04:16 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
2015-02-11 11:52 - 2015-02-04 04:16 - 00192000 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2015-02-11 11:52 - 2015-02-04 04:13 - 01098752 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2015-02-11 11:52 - 2015-01-28 00:36 - 01239720 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2015-02-11 11:51 - 2014-12-08 04:09 - 00406528 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
2015-02-11 11:51 - 2014-12-08 03:46 - 00308224 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
2015-02-11 11:51 - 2014-11-26 04:53 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2015-02-11 11:51 - 2014-11-26 04:32 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2015-02-11 11:51 - 2014-10-04 03:10 - 03722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2015-02-11 11:51 - 2014-10-04 02:42 - 03221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2015-02-11 11:51 - 2014-10-04 02:42 - 00131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-03-13 21:29 - 2013-06-24 19:56 - 00000884 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-13 21:29 - 2012-07-04 01:13 - 01186467 _____ () C:\windows\WindowsUpdate.log
2015-03-13 19:35 - 2009-07-14 05:45 - 00028352 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-13 19:35 - 2009-07-14 05:45 - 00028352 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-13 19:26 - 2012-04-16 04:16 - 00000000 ____D () C:\ProgramData\PDFC
2015-03-13 19:25 - 2009-07-14 06:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-13 19:25 - 2009-07-14 05:51 - 00100245 _____ () C:\windows\setupact.log
2015-03-13 18:23 - 2012-11-03 17:17 - 00003930 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{C4724AC1-8B44-47C1-B882-62DBD4CE486B}
2015-03-13 18:21 - 2012-11-13 21:48 - 00000000 ____D () C:\Users\Marie\AppData\Local\CrashDumps
2015-03-12 16:26 - 2013-02-09 22:37 - 00000000 ____D () C:\Users\Marie\AppData\Local\Apps\2.0
2015-03-12 16:26 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Default
2015-03-12 16:20 - 2009-07-14 03:34 - 00000215 _____ () C:\windows\system.ini
2015-03-12 16:18 - 2010-11-21 04:47 - 00299312 _____ () C:\windows\PFRO.log
2015-03-12 16:04 - 2012-11-03 17:17 - 00000000 ____D () C:\Users\Marie\Documents\Bluetooth Folder
2015-03-11 22:52 - 2009-07-14 06:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2015-03-11 22:52 - 2009-07-14 05:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-03-11 16:34 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\rescache
2015-03-11 15:56 - 2009-07-14 05:45 - 00343440 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-11 15:53 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2015-03-11 15:52 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\system32\Dism
2015-03-11 15:34 - 2012-11-03 17:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-03-11 15:27 - 2013-08-18 15:35 - 00000000 ____D () C:\windows\system32\MRT
2015-03-11 15:22 - 2013-01-23 15:37 - 122905848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-10 21:26 - 2015-02-01 11:06 - 00000000 ____D () C:\Users\Marie\Desktop\Schnittmuster
2015-03-10 20:54 - 2014-09-05 20:18 - 00003186 _____ () C:\windows\System32\Tasks\HPCeeScheduleForMarie
2015-03-10 20:54 - 2014-09-05 20:18 - 00000332 _____ () C:\windows\Tasks\HPCeeScheduleForMarie.job
2015-03-08 16:33 - 2015-01-17 22:54 - 00098304 _____ (Sony DADC Austria AG.) C:\windows\SysWOW64\CmdLineExt.dll
2015-03-08 13:48 - 2012-11-04 12:31 - 00000052 _____ () C:\windows\SysWOW64\DOErrors.log
2015-03-07 13:20 - 2012-12-14 21:21 - 00043520 _____ () C:\windows\SysWOW64\CmdLineExt03.dll
2015-03-07 13:20 - 2012-11-21 21:04 - 00000000 ____D () C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-03-05 11:54 - 2014-09-06 14:29 - 00000000 ____D () C:\ProgramData\Package Cache
2015-03-05 11:54 - 2013-02-19 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-03-05 11:54 - 2013-02-19 16:49 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-03-05 11:51 - 2013-05-07 20:03 - 00044088 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avnetflt.sys
2015-03-05 11:51 - 2013-04-02 22:30 - 00132120 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avipbb.sys
2015-03-05 11:51 - 2013-04-02 22:30 - 00128536 _____ (Avira Operations GmbH & Co. KG) C:\windows\system32\Drivers\avgntflt.sys
2015-03-04 18:38 - 2009-07-14 04:20 - 00000000 ____D () C:\windows\tracing
2015-02-26 11:26 - 2012-04-16 02:50 - 00699666 _____ () C:\windows\system32\perfh007.dat
2015-02-26 11:26 - 2012-04-16 02:50 - 00149774 _____ () C:\windows\system32\perfc007.dat
2015-02-26 11:26 - 2009-07-14 06:13 - 01620612 _____ () C:\windows\system32\PerfStringBackup.INI
2015-02-26 09:37 - 2012-11-03 17:17 - 00000000 ____D () C:\Users\Marie\AppData\Local\PDFC
2015-02-24 03:17 - 2010-11-21 04:27 - 00295552 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2015-02-15 22:18 - 2011-07-29 00:51 - 00000000 ____D () C:\swsetup
2015-02-12 09:52 - 2014-12-13 13:26 - 00000000 ____D () C:\windows\system32\appraiser
2015-02-12 09:52 - 2014-05-14 09:24 - 00000000 ___SD () C:\windows\system32\CompatTel
==================== Files in the root of some directories =======
2013-02-24 17:42 - 2013-02-24 17:42 - 0000017 _____ () C:\Users\Marie\AppData\Local\resmon.resmoncfg
Some content of TEMP:
====================
C:\Users\Marie\AppData\Local\Temp\avgnt.exe
C:\Users\Marie\AppData\Local\Temp\Quarantine.exe
C:\Users\Marie\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-03-05 13:19
==================== End Of Log ============================
--- --- --- Code:
ATTFilter Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by Marie at 2015-03-13 21:32:49
Running from C:\Users\Marie\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.305 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{8642397F-CF08-6B30-A477-A039BBAA511E}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
ArcSoft TotalMedia (HKLM-x32\...\ArcSoft TotalMedia) (Version: 2.0.39.42 - ArcSoft)
ArcSoft TotalMedia (x32 Version: 1.0.61.25 - ArcSoft) Hidden
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.38 - ArcSoft)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 1996635390.48.56.39004882 - Audible, Inc.)
Avira (HKLM-x32\...\{d9ed6dcf-6bfc-4fbb-802e-81dd5b767d6e}) (Version: 1.1.32.25147 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.32.25147 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 15.0.8.650 - Avira)
Blitzrechnen (HKLM-x32\...\Blitzrechnen) (Version: - )
Canon MP Navigator EX 1.0 (HKLM-x32\...\MP Navigator EX 1.0) (Version: - )
Canon MX300 series (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MX300_series) (Version: - )
Canon MX300 series Benutzerregistrierung (HKLM-x32\...\Canon MX300 series Benutzerregistrierung) (Version: - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version: - )
Canon Utilities Digital Photo Professional (HKLM-x32\...\Digital Photo Professional) (Version: 3.13.20.0 - Canon Inc.)
Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: - )
Canon Utilities EOS Sample Music (HKLM-x32\...\EOS Sample Music) (Version: 1.0.1.1 - Canon Inc.)
Canon Utilities EOS Utility (HKLM-x32\...\EOS Utility) (Version: 2.13.20.0 - Canon Inc.)
Canon Utilities ImageBrowser EX (HKLM-x32\...\ImageBrowser EX) (Version: 1.4.0.5 - Canon Inc.)
Canon Utilities PhotoStitch (HKLM-x32\...\PhotoStitch) (Version: 3.1.23.47 - Canon Inc.)
Canon Utilities Picture Style Editor (HKLM-x32\...\Picture Style Editor) (Version: 1.13.20.0 - Canon Inc.)
Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version: - )
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.2.0 - Hewlett-Packard Company)
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.41.36204 - Hewlett-Packard Company)
Empire Earth II (HKLM-x32\...\{DF315348-721C-40B8-BAE2-58C6C7D935A2}) (Version: 1.20 - Sierra)
Empire Earth II: Art of Supremacy (HKLM-x32\...\{F596C356-BF35-4ED7-981C-CC791461A8F0}) (Version: 1.0 - Sierra)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
Evernote v. 4.6.5 (HKLM-x32\...\{F47455A0-B827-11E2-870C-984BE15F174E}) (Version: 4.6.5.8353 - Evernote Corp.)
Face Recognition for HP ProtectTools (HKLM\...\Face Recognition for HP ProtectTools) (Version: 7.2.1.4548 - Hewlett-Packard Company)
Face Recognition for HP ProtectTools (Version: 7.2.1.4548 - Hewlett-Packard Company) Hidden
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 7.0.2.2 - Hewlett-Packard Company)
Flinky Zeugnis (HKLM-x32\...\{5573691E-F76A-4221-92C4-8EB50EC9025C}_is1) (Version: 13.2.5.0 - [DS'n'] soft)
Fotobuch - Book Uploader 4 sfx (HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\...\f98c331dcca62948) (Version: 1.16.7.0 - Fotobuch - Book Uploader 4 sfx)
Free YouTube to MP3 Converter version 3.12.1.320 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.1.320 - DVDVideoSoft Ltd.)
Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{B64F0818-316F-4237-8CB4-35BC2DA784C2}) (Version: 5.1.12.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{8C18FA50-5107-473C-B2A2-A8A32B0791E6}) (Version: 4.5.29.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{A351CC1B-C92C-4F37-8109-9F6D33ACF5EF}) (Version: 1.1.1.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{240B2BF7-E7E6-425C-A2A4-A3149189BF7F}) (Version: 2.3.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{7F7E2060-7212-4A53-9875-55173E4BA3F0}) (Version: 5.0.21.1 - Hewlett-Packard Company)
HP Power Assistant (HKLM\...\{84642787-58C0-44AE-8B26-E2F544E380A1}) (Version: 2.5.0.16 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.1.1199 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15453.4066 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{223AE3E8-4445-410F-8EDA-13EC137E3BDB}) (Version: 3.4.3.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{D2462056-BA75-4B2C-8267-DFEA2B6AC4AE}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{658A8756-7B1E-44FD-A434-D777DD906232}) (Version: 8.5.2.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{3A61A282-4F08-4D43-920C-DC30ECE528E8}) (Version: 2.6.1 - Hewlett-Packard Company)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 3.0.0.1 - Hewlett-Packard Company)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6435.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3090 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.30.1349 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.6.245 - Intel Corporation)
Java 7 Update 21 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.210 - Oracle)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.76.1 - JMicron Technology Corp.)
Klassenmappe (HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\...\ac801a01b148f4f5) (Version: 3.0.2.0 - Gunnar Sievert)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Age of Empires (HKLM-x32\...\Age of Empires) (Version: - )
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio 2010-Tools für Office-Laufzeit (x64) Language Pack - DEU (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - DEU) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 19.0 (x86 de) (HKLM-x32\...\Mozilla Firefox 19.0 (x86 de)) (Version: 19.0 - Mozilla)
Mozilla Firefox 36.0.1 (x86 de) (HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\...\Mozilla Firefox 36.0.1 (x86 de)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 19.0 - Mozilla)
opensource (x32 Version: 1.0.14960.3876 - Your Company Name) Hidden
OptimalFotobuch Designer (HKLM-x32\...\OptimalFotobuchDesigner) (Version: 3.2.43 - Saal Digital Fotoservice GmbH)
OptimalFotobuch Designer (x32 Version: 3.2.43 - Saal Digital Fotoservice GmbH) Hidden
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.1.49 - PDF Complete, Inc)
Privacy Manager for HP ProtectTools (HKLM\...\{29AB47F0-C5A3-401F-8A84-3324F2DC8E46}) (Version: 7.0.1.892 - Hewlett-Packard Company)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.306 - Qualcomm Atheros Communications)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.73.618.2013 - Realtek)
SDK (x32 Version: 2.30.042 - Portrait Displays, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Stronghold (HKLM-x32\...\{C917BA70-28A3-4C74-B163-41FD8C8E1A5A}) (Version: 1.20.0000 - Firefly Studios)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.8 - Synaptics Incorporated)
t@x 2013 (HKLM-x32\...\{6737F045-A91A-4177-9C8C-59460FC1C84D}) (Version: 20.09.8389 - Buhl Data Service GmbH)
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.1.02 - Hewlett-Packard Company)
Theft Recovery for HP ProtectTools (x32 Version: 7.0.1.02 - Hewlett-Packard Company) Hidden
Validity Fingerprint Sensor Driver (HKLM\...\{93581599-ECF1-4DCD-BE36-BD969A6C8DB5}) (Version: 4.4.213.0 - Validity Sensors, Inc.)
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CF}) (Version: 15.0.10039 - WinZip Computing, S.L. )
WISO Steuer-Sparbuch 2012 (HKLM-x32\...\{0CC1DAFB-40C8-4903-953D-471E541477C7}) (Version: 19.00.7303 - Buhl Data Service GmbH)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-4010501916-4231810875-2732530499-1001_Classes\CLSID\{260706c2-c1a7-4cd5-a11f-9883be4c0cc2}\InprocServer32 -> C:\windows\system32\dfshim.dll (Microsoft Corporation)
==================== Restore Points =========================
03-03-2015 11:46:02 Windows Update
04-03-2015 08:02:37 Windows Update
10-03-2015 21:59:17 Windows Update
11-03-2015 15:17:47 Windows Update
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:34 - 2015-03-12 16:17 - 00000027 ____A C:\windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {301669F5-874E-4CEE-A2DC-9AAB7ABECE12} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {67D7045D-DBF2-4864-B77E-6A3BAF4AE365} - System32\Tasks\HPCeeScheduleForMarie => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
Task: {74289A92-0BAE-40C2-A44E-BBF5675BD3B9} - System32\Tasks\{5CBA17B0-E754-4B07-9613-D491C10FF746} => pcalua.exe -a C:\Users\Marie\Downloads\wmp11-windowsxp-x86-DE-DE.exe -d C:\Users\Marie\Downloads
Task: {9DEDB449-622D-4AFB-AEA1-FC651AB6660C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-04] (Adobe Systems Incorporated)
Task: {BC4562EF-7BE4-4D3C-9CFB-B4DB2F315B3C} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {C3C3F2F8-172E-4E0E-BB0E-3C008E936AC1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {C768E27E-ECC3-4B2C-B0F5-1177E415E4A7} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis Install => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: {E632A059-FA8F-416E-B7F7-729BB93ADAF2} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\HPCeeScheduleForMarie.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
==================== Loaded Modules (whitelisted) ==============
2012-01-17 16:57 - 2012-01-17 16:57 - 00298368 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2013-03-27 11:11 - 2013-03-27 11:11 - 03346432 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2010-09-06 13:18 - 2010-09-06 13:18 - 01412608 _____ () C:\windows\system32\LIBEAY32.dll
2013-03-27 10:28 - 2013-03-27 10:28 - 01327104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2012-03-26 13:33 - 2012-03-26 13:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-08-30 12:46 - 2013-10-03 09:42 - 00069120 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
2014-02-09 12:41 - 2014-01-14 11:15 - 00543024 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\taxaktuell.exe
2014-02-09 12:02 - 2011-11-04 14:29 - 01370224 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\mshaktuell.exe
2011-12-26 21:20 - 2011-12-26 21:20 - 00016384 ____R () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2012-03-30 07:07 - 2012-03-30 07:07 - 00369152 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-02-10 22:26 - 2012-02-10 22:26 - 01083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2013-03-27 10:54 - 2013-03-27 10:54 - 02854912 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2013-03-27 10:26 - 2013-03-27 10:26 - 00126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-03-27 10:52 - 2013-03-27 10:52 - 03035136 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2013-03-27 10:57 - 2013-03-27 10:57 - 02867200 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-03-27 10:55 - 2013-03-27 10:55 - 00053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-03-27 10:30 - 2013-03-27 10:30 - 02043904 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-03-27 10:31 - 2013-03-27 10:31 - 01949696 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2012-08-30 12:39 - 2013-10-03 09:42 - 00112128 _____ () C:\Program Files (x86)\Canon\ImageBrowser EX\MFMFileSystemWatcher.dll
2014-02-09 12:40 - 2014-01-14 18:43 - 08953648 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wgui13.dll
2014-02-09 12:40 - 2014-01-14 11:15 - 00028672 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\rsdcom48.dll
2014-02-09 12:40 - 2014-01-14 11:15 - 00309040 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\rscorewinapi48.dll
2014-02-09 12:40 - 2014-01-14 11:15 - 00321328 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\rsguiwinapi48.dll
2014-02-09 12:40 - 2014-01-14 11:16 - 03471152 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wcore13.dll
2014-02-09 12:40 - 2014-01-14 11:15 - 00136496 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\rsodbc48.dll
2014-02-09 12:40 - 2014-01-14 11:16 - 02179888 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wfvie13.dll
2014-02-09 12:40 - 2014-01-14 11:15 - 01610544 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wsteu13.dll
2014-02-09 12:40 - 2014-01-14 11:15 - 01739056 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wreli13.dll
2014-02-09 12:40 - 2014-01-14 11:16 - 04267824 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wauff13.dll
2014-02-09 12:40 - 2014-01-14 10:50 - 01043456 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\clucene-core.dll
2014-02-09 12:40 - 2014-01-14 10:50 - 00094720 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\clucene-shared.dll
2014-02-09 12:40 - 2014-01-14 10:50 - 00250368 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\clucene-contribs-lib.dll
2014-02-09 12:40 - 2014-01-14 11:15 - 01505072 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wmain13.dll
2014-02-09 12:40 - 2014-01-14 11:16 - 04972336 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wbae113.dll
2014-02-09 12:40 - 2014-01-14 11:15 - 01373488 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wbae213.dll
2014-02-09 12:40 - 2014-01-14 11:15 - 01748784 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wbae313.dll
2014-02-09 12:40 - 2014-01-14 11:16 - 01581872 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wbae413.dll
2014-02-09 12:40 - 2014-01-14 11:16 - 01147184 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\whau113.dll
2014-02-09 12:40 - 2014-01-14 11:16 - 01230640 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\whau213.dll
2014-02-09 12:40 - 2014-01-14 11:16 - 01307952 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wwerb13.dll
2014-02-09 12:40 - 2014-01-14 11:16 - 06788400 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wkont13.dll
2014-02-09 12:40 - 2014-01-14 11:16 - 01253888 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wimp13.dll
2014-02-09 12:40 - 2014-01-14 11:16 - 01317168 _____ () C:\Program Files (x86)\Buhl finance\tax Steuersoftware 2013\wfabu13.dll
2014-02-09 12:00 - 2011-11-04 14:29 - 07559792 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\wgui12.dll
2014-02-09 12:00 - 2011-11-04 14:29 - 00028672 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\rsdcom47.dll
2014-02-09 12:00 - 2011-11-04 13:47 - 02356736 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\QtCorers47.dll
2014-02-09 12:00 - 2011-11-04 13:47 - 08934400 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\QtGuirs47.dll
2014-02-09 12:00 - 2011-11-04 13:47 - 00990208 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\QtNetworkrs47.dll
2014-02-09 12:00 - 2011-11-04 13:47 - 00358400 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\QtXmlrs47.dll
2014-02-09 12:00 - 2011-11-04 13:47 - 00704000 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\QtSqlrs47.dll
2014-02-09 12:00 - 2011-11-04 13:47 - 01340416 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\QtScriptrs47.dll
2014-02-09 12:00 - 2011-11-04 13:47 - 02395648 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\Qt3Supportrs47.dll
2014-02-09 12:00 - 2011-11-04 13:47 - 11163648 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\QtWebKitrs47.dll
2014-02-09 12:00 - 2011-11-04 13:47 - 00271872 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\phononrs47.dll
2014-02-09 12:00 - 2011-11-04 13:47 - 00108544 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\QtTestrs47.dll
2014-02-09 12:00 - 2011-11-04 14:26 - 00261232 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\rscorewinapi47.dll
2014-02-09 12:00 - 2011-11-04 14:26 - 00318064 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\rsguiwinapi47.dll
2014-02-09 12:00 - 2011-11-04 14:26 - 02943600 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\wcore12.dll
2014-02-09 12:00 - 2011-11-04 14:29 - 00135792 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\rsodbc47.dll
2014-02-09 12:00 - 2011-11-04 13:47 - 00865280 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\QtCLuceners47.dll
2014-02-09 12:00 - 2011-11-04 14:30 - 01868912 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\wfvie12.dll
2014-02-09 12:00 - 2011-11-04 13:47 - 00281088 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\QtSvgrs47.dll
2014-02-09 12:00 - 2011-11-04 14:26 - 01537136 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\wsteu12.dll
2014-02-09 12:00 - 2011-11-04 14:26 - 01607792 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\wreli12.dll
2014-02-09 12:00 - 2011-11-04 14:29 - 04278896 ____N () C:\Program Files (x86)\WISO\Steuersoftware 2012\wauff12.dll
2014-10-29 12:16 - 2014-10-29 12:16 - 00172544 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\1eeea3ab8d69ec722bdcb28b8eb8dd75\IsdiInterop.ni.dll
2012-04-16 04:09 - 2012-02-02 02:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-06-05 11:35 - 2013-06-05 11:35 - 00514570 _____ () C:\Program Files (x86)\Hewlett-Packard\HP Connection Manager\sqlite3.dll
2015-02-04 22:18 - 2015-02-04 22:18 - 16852144 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_305.dll
2012-07-04 01:22 - 2013-11-17 18:44 - 01200088 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) ===============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marie\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
==================== Accounts: =============================
Administrator (S-1-5-21-4010501916-4231810875-2732530499-500 - Administrator - Disabled)
Gast (S-1-5-21-4010501916-4231810875-2732530499-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4010501916-4231810875-2732530499-1003 - Limited - Enabled)
Marie (S-1-5-21-4010501916-4231810875-2732530499-1001 - Administrator - Enabled) => C:\Users\Marie
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (03/13/2015 07:25:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
System errors:
=============
Error: (03/13/2015 06:37:17 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
Microsoft Office Sessions:
=========================
Error: (03/13/2015 07:25:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
CodeIntegrity Errors:
===================================
Date: 2015-03-12 16:17:01.115
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
Date: 2015-03-12 16:17:01.068
Description: Windows konnte die Abbildintegrität der Datei "\Device\HarddiskVolume2\ComboFix\catchme.sys" nicht überprüfen, weil der Dateihash nicht im System gefunden wurde. Möglicherweise wurde durch eine kürzlich durchgeführte Hardware- oder Softwareänderung eine falsch signierte oder beschädigte Datei oder eine Datei, bei der es sich um schädliche Software aus einer unbekannten Quelle handelt, installiert.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 55%
Total physical RAM: 3979.6 MB
Available physical RAM: 1790.56 MB
Total Pagefile: 7957.38 MB
Available Pagefile: 4989.29 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:675.29 GB) (Free:539.26 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (HP_TOOLS) (Fixed) (Total:1.99 GB) (Free:1.97 GB) FAT32
Drive g: (HP_RECOVERY) (Fixed) (Total:21.05 GB) (Free:3.24 GB) NTFS ==>[System with boot components (obtained from reading drive)]
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 4D8DCA1E)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=675.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=21 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=2 GB) - (Type=0C)
==================== End Of Log ============================
|
|
13.03.2015, 22:04
| #27 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Entfernen von DHL-Trojaner FRST-Fix Virenscanner jetzt bitte komplett deaktivieren, damit sichergestellt ist, dass der Fix sauber durchläuft! Drücke bitte die Windowstaste + R Taste und schreibe notepad in das Ausführen Fenster. Kopiere nun folgenden Text aus der Code-Box in das leere Textdokument Code:
ATTFilter HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
EmptyTemp:
Hosts:
Speichere diese bitte als Fixlist.txt auf deinem Desktop (oder dem Verzeichnis in dem sich FRST befindet).
__________________ Logfiles bitte immer in CODE-Tags posten |
|
13.03.2015, 22:19
| #28 |
| | Entfernen von DHL-TrojanerCode:
ATTFilter Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 11-03-2015
Ran by Marie at 2015-03-13 22:12:15 Run:1
Running from C:\Users\Marie\Desktop
Loaded Profiles: Marie (Available profiles: Marie)
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
EmptyTemp:
Hosts:
*****************
"HKU\S-1-5-21-4010501916-4231810875-2732530499-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 512.1 MB temporary data.
The system needed a reboot.
==== End of Fixlog 22:13:15 ====
|
|
13.03.2015, 22:56
| #29 |
| /// Winkelfunktion /// TB-Süch-Tiger™ | Entfernen von DHL-Trojaner Okay, dann Kontrollscans mit MBAM und ESET bitte: Downloade Dir bitte  Malwarebytes Anti-Malware
ESET Online Scanner
__________________ Logfiles bitte immer in CODE-Tags posten |
|
14.03.2015, 21:36
| #30 |
| | Entfernen von DHL-TrojanerCode:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 13.03.2015 Suchlauf-Zeit: 23:13:57 Logdatei: mbam.txt Administrator: Ja Version: 2.00.4.1028 Malware Datenbank: v2015.03.13.09 Rootkit Datenbank: v2015.02.25.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: Marie Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 356686 Verstrichene Zeit: 25 Min, 51 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente erkannt) Module: 0 (Keine schädliche Elemente erkannt) Registrierungsschlüssel: 0 (Keine schädliche Elemente erkannt) Registrierungswerte: 0 (Keine schädliche Elemente erkannt) Registrierungsdaten: 0 (Keine schädliche Elemente erkannt) Ordner: 1 PUP.Optional.MindSpark.A, C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\p93ddf4f.default\Allin1Convert_8h, Löschen bei Neustart, [07067ec74743bb7b31301264bf448080], Dateien: 4 PUP.Optional.Conduit.A, C:\Users\Marie\Downloads\FileConverter_1.3(1).exe, In Quarantäne, [838a67dec4c6a393972ec7ae867b38c8], PUP.Optional.Conduit.A, C:\Users\Marie\Downloads\FileConverter_1.3.exe, In Quarantäne, [29e46adbb0dad1654e77225316eb7b85], PUP.Optional.MindSpark.A, C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\p93ddf4f.default\searchplugins\ask-web-search.xml, In Quarantäne, [2edf291cabdfb97df419b82749ba21df], PUP.Optional.MindSpark.A, C:\Users\Marie\AppData\Roaming\Mozilla\Firefox\Profiles\p93ddf4f.default\Allin1Convert_8h\08BEB7C6-C6D0-4747-B76B-F800B8C626AF.sqlite, Löschen bei Neustart, [07067ec74743bb7b31301264bf448080], Physische Sektoren: 0 (Keine schädliche Elemente erkannt) (end) Also läuft immer noch. Bis jetzt schon 20 Stunden und erst bei 31%. Ist das normal? Soll ich abbrechen und nochmal starten? okay, Eset ist durch. Hier der Log Code:
ATTFilter ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=1e62ee41a8f48d478c6d75e746b8bcf7
# engine=22899
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-03-14 07:47:16
# local_time=2015-03-14 08:47:16 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 95601 177992286 0 0
# scanned=233006
# found=12
# cleaned=0
# scan_time=74581
sh=CF6185A9EDFBA0217C9D36D25CA9F6ADCC9F6BC8 ft=1 fh=f90d49fcbe154eac vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Common Files\DVDVideoSoft\TB\ConduitInstaller.exe.vir"
sh=50F8CA4D26720074F3356596464ED9D6E213B55A ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Documents and Settings\Marie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\2c7ca141-4e8c4f06"
sh=50F8CA4D26720074F3356596464ED9D6E213B55A ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Documents and Settings\Marie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\2c7ca141-73f88776"
sh=50F8CA4D26720074F3356596464ED9D6E213B55A ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Documents and Settings\Marie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\705180bf-3216a978"
sh=50F8CA4D26720074F3356596464ED9D6E213B55A ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Documents and Settings\Marie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\705180bf-5fe6dc7e"
sh=ECBA503DCD7936BF7FADCC83E68D524F54FB8F7B ft=1 fh=9e9d1398a0099fd2 vn="Variante von Win32/Injector.BWDQ Trojaner" ac=I fn="C:\Qoobox\Quarantine\C\Users\Marie\AppData\Roaming\Microsoft\msdb212423.exe.vir"
sh=DF678B81D0A2C063E5467C5113DCCFF238B44DC4 ft=1 fh=55941976f4437196 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\swsetup\WinZBas\Setup.exe"
sh=50F8CA4D26720074F3356596464ED9D6E213B55A ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Marie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\2c7ca141-4e8c4f06"
sh=50F8CA4D26720074F3356596464ED9D6E213B55A ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Marie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\1\2c7ca141-73f88776"
sh=50F8CA4D26720074F3356596464ED9D6E213B55A ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Marie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\705180bf-3216a978"
sh=50F8CA4D26720074F3356596464ED9D6E213B55A ft=0 fh=0000000000000000 vn="Mehrere Bedrohungen" ac=I fn="C:\Users\Marie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\63\705180bf-5fe6dc7e"
sh=ED5C7FA74CB6DCD8F9AFEACDF9A3B8E5B395C832 ft=0 fh=0000000000000000 vn="Variante von Win32/Systweak.L evtl. unerwünschte Anwendung" ac=I fn="C:\Windows\Installer\147ce3.msi"
|
|
| Themen zu Entfernen von DHL-Trojaner |
| abend, dhl-trojaner, e-mail, entferne, entfernen, entfernung, gefälschte, guten, troja, trojaner, vermutlich, virus, zusammen |
Linear-Darstellung
