| |
| |||||||
Log-Analyse und Auswertung: Telekom Abuse-Meldung BedepWindows 7 Wenn Du Dir einen Trojaner eingefangen hast oder ständig Viren Warnungen bekommst, kannst Du hier die Logs unserer Diagnose Tools zwecks Auswertung durch unsere Experten posten. Um Viren und Trojaner entfernen zu können, muss das infizierte System zuerst untersucht werden: Erste Schritte zur Hilfe. Beachte dass ein infiziertes System nicht vertrauenswürdig ist und bis zur vollständigen Entfernung der Malware nicht verwendet werden sollte.XML. |
 |
07.06.2015, 10:38
| #1 |
| |  Telekom Abuse-Meldung Bedep Hallo zusammen, ich habe eine Mail der Telekom bekommen, dass einer unserer Rechner mit einem Virus (Bedep) infiziert sein soll. Die Angabe der Zeit, wann dies erfolgt sein soll, hilft leider wenig, da mindestens 3 Rechner zu dieser Zeit aktiv waren. Zusätzlich hängen noch einige Smartphones und Tablets im WLAN. Ich habe auf allen Rechnern AVIRA in der PRO-Version installiert. Das WLAN ist gesichert und die Firewall aktiviert. Die Systemüberprüfungen mit Avira waren erfolglos. Der EU-Cleaner von Avira hat ebenfalls nichts gefunden. Der EU-Cleaner von SurfRight auf den Rechnern der beiden Kids Malware KillNPSExe.exe und einmal einen Trojaner namens WriteDescExecuteFileName.exe, sowie Tracking Cookies und "Suchhilfen" aber keinen Bedep. Auch das Windows-Tool zum Entfernen bösartiger Software hat keinen Bedep gefunden. Hat jemand eine Idee, wie ich diesen Schädling finde und dann auch wieder loswerde? Vielen Dank Armin |
|
07.06.2015, 10:45
| #2 |
| /// the machine /// TB-Ausbilder    | Telekom Abuse-Meldung Bedep hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
07.06.2015, 12:06
| #3 |
| | Telekom Abuse-Meldung Bedep Hallo Schrauber
__________________hier sind die beiden DateienVielen Dank Armin |
|
08.06.2015, 06:11
| #4 |
| /// the machine /// TB-Ausbilder | Telekom Abuse-Meldung Bedep Hi, Logs bitte immer in den Thread posten. Zur Not aufteilen und mehrere Posts nutzen. Ich kann auf Arbeit keine Anhänge öffnen, danke.  So funktioniert es:Posten in CODE-Tags Die Logfiles anzuhängen oder sogar vorher in ein ZIP, RAR, 7Z-Archive zu packen erschwert mir massiv die Arbeit, es sei denn natürlich die Datei wäre ansonsten zu gross für das Forum. Um die Logfiles in eine CODE-Box zu stellen gehe so vor:
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
08.06.2015, 06:46
| #5 |
| | Telekom Abuse-Meldung Bedep Hi, Sorry, hier also im Text die FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015
Ran by edv (administrator) on EDV-VAIO on 07-06-2015 11:07:04
Running from C:\Users\edv\Downloads
Loaded Profiles: edv (Available Profiles: edv & Doro)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Samsung) C:\Program Files (x86)\Samsung\Kies\Kies.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(Nikon Corporation) C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_188_ActiveX.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [728312 2015-05-05] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311152 2013-05-23] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [NPSStartup] => [X]
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [83344 2011-04-02] (Sony Corporation)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Run: [VRLPHelper] => C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [186768 2011-04-02] (Sony Corporation)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Run: [KiesPreload] => C:\Program Files (x86)\Samsung\Kies\Kies.exe [1561968 2013-05-23] (Samsung)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\MountPoints2: {169f294b-fce7-11e1-b060-806e6f6e6963} - D:\GrimTales4.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sony MSS.lnk [2013-10-03]
ShortcutTarget: Sony MSS.lnk -> C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe (McAfee, Inc.)
GroupPolicyUsers\S-1-5-21-2530222425-496541977-1974725369-1001\User: Group Policy Restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://vaioportal.sony.eu
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> DefaultScope {EAC08BFF-D954-4947-8611-54AF6BA6F353} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> {084EDD55-2778-4146-BBD8-5A71FAED0F71} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> {A6D487EE-965A-49EF-A45B-33BE5ED01C2E} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> {EAC08BFF-D954-4947-8611-54AF6BA6F353} URL = https://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll [2013-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll [2013-06-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-05-12] (NVIDIA Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2530222425-496541977-1974725369-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827640 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [434424 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1185584 2015-05-05] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.)
R2 Megatech-Software-Protection; C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE [36864 2007-12-12] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [152744 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132120 2015-05-05] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-12] (Avira Operations GmbH & Co. KG)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-06-07] ()
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-07 11:07 - 2015-06-07 11:07 - 00019833 _____ C:\Users\edv\Downloads\FRST.txt
2015-06-07 11:06 - 2015-06-07 11:06 - 02108928 _____ (Farbar) C:\Users\edv\Downloads\FRST64.exe
2015-06-07 11:05 - 2015-06-07 11:05 - 00000000 ___RD C:\Users\edv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-06-07 10:44 - 2015-06-07 10:44 - 00047855 _____ C:\Users\Doro\Downloads\Addition.txt
2015-06-07 10:43 - 2015-06-07 11:07 - 00000000 ____D C:\FRST
2015-06-07 10:43 - 2015-06-07 10:49 - 00057233 _____ C:\Users\Doro\Downloads\FRST.txt
2015-06-07 10:43 - 2015-06-07 10:43 - 02108928 _____ (Farbar) C:\Users\Doro\Downloads\FRST64.exe
2015-06-07 10:28 - 2015-06-07 10:28 - 00000000 ___RD C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-06-07 10:27 - 2015-06-07 10:27 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys
2015-06-07 10:25 - 2015-06-07 10:25 - 00002182 _____ C:\Windows\system32\.crusader
2015-06-07 10:07 - 2015-06-07 10:06 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-07 10:06 - 2015-06-07 10:10 - 00000000 ____D C:\ProgramData\Oracle
2015-06-07 10:06 - 2015-06-07 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-07 10:03 - 2015-06-07 10:05 - 37328992 _____ (Oracle Corporation) C:\Users\Doro\Documents\jre-8u45-windows-i586.exe
2015-06-07 09:56 - 2015-06-07 09:56 - 00007448 _____ C:\Users\edv\Documents\HitmanPro_20150607_0956.log
2015-06-07 09:39 - 2015-06-07 10:25 - 00000000 ____D C:\ProgramData\HitmanPro
2015-06-07 09:38 - 2015-06-07 09:39 - 11024496 _____ (SurfRight B.V.) C:\Users\Doro\Documents\hitmanpro_x64.exe
2015-06-06 14:17 - 2015-06-06 14:17 - 00000000 ____D C:\Users\Doro\AppData\Local\{36E1CA0F-C2DF-4928-8771-42F945B0094D}
2015-06-06 07:27 - 2015-06-06 08:08 - 00000000 ____D C:\AdwCleaner
2015-06-06 07:26 - 2015-06-06 07:27 - 02231296 _____ C:\Users\edv\Downloads\adwcleaner_4.206.exe
2015-06-05 21:12 - 2015-06-06 08:07 - 00000000 ____D C:\8b16ce2242485f5693f09a69
2015-06-05 21:11 - 2015-06-05 21:12 - 51789024 _____ (Microsoft Corporation) C:\Users\Doro\Documents\Windows-KB890830-x64-V5.24.exe
2015-06-05 20:54 - 2015-06-05 20:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-05 20:51 - 2015-06-05 20:51 - 00000000 __SHD C:\Users\edv\AppData\Local\EmieBrowserModeList
2015-06-05 18:26 - 2015-06-05 18:26 - 02209056 _____ C:\Users\Doro\Documents\avira-eu-cleaner_de.exe
2015-06-04 21:37 - 2015-06-04 21:38 - 00000000 ____D C:\Users\Doro\AppData\Local\{4022981E-5180-4166-8206-1F74C75AB632}
2015-06-01 14:51 - 2015-06-01 14:51 - 00001395 _____ C:\Users\Public\Desktop\Ultima 8.lnk
2015-06-01 14:51 - 2015-06-01 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima 8
2015-06-01 11:41 - 2015-06-01 11:43 - 00000000 ____D C:\Users\Doro\Documents\Berufe
2015-05-14 00:57 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 00:57 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 21:56 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 21:56 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 21:56 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 21:56 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 21:56 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 21:56 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 21:56 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 21:56 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 21:56 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 21:56 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 21:56 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 21:56 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 21:56 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 21:56 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 21:56 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 21:56 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 21:56 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 21:56 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 21:56 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 21:56 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 21:56 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 21:56 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 21:56 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 21:56 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 21:56 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 21:56 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 21:56 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 21:56 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 21:56 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 21:56 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 21:56 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 21:56 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 21:56 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 21:56 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 21:56 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 21:56 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 21:56 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 21:56 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 21:56 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 21:56 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 21:56 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 21:56 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 21:56 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 21:56 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 21:56 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 21:56 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 21:56 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 21:56 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 21:56 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 21:56 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 21:56 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 21:56 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 21:56 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 21:56 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 21:56 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 21:56 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 21:56 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 21:56 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 21:56 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 21:56 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 21:53 - 2015-05-05 03:29 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-05-13 21:53 - 2015-05-05 03:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-05-13 21:53 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 21:53 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 21:49 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 21:48 - 2015-04-27 21:28 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-05-13 21:48 - 2015-04-27 21:28 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-05-13 21:48 - 2015-04-27 21:28 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-05-13 21:48 - 2015-04-27 21:26 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 01254400 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-05-13 21:48 - 2015-04-27 21:23 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-05-13 21:48 - 2015-04-27 21:22 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-05-13 21:48 - 2015-04-27 21:22 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-05-13 21:48 - 2015-04-27 21:22 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-05-13 21:48 - 2015-04-27 21:22 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-05-13 21:48 - 2015-04-27 21:22 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-05-13 21:48 - 2015-04-27 21:22 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-05-13 21:48 - 2015-04-27 21:22 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-05-13 21:48 - 2015-04-27 21:22 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-05-13 21:48 - 2015-04-27 21:22 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-05-13 21:48 - 2015-04-27 21:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-05-13 21:48 - 2015-04-27 21:18 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-05-13 21:48 - 2015-04-27 21:18 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:16 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 21:11 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-05-13 21:48 - 2015-04-27 21:11 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-05-13 21:48 - 2015-04-27 21:08 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-05-13 21:48 - 2015-04-27 21:05 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-05-13 21:48 - 2015-04-27 21:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-05-13 21:48 - 2015-04-27 21:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-05-13 21:48 - 2015-04-27 21:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-05-13 21:48 - 2015-04-27 21:05 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-05-13 21:48 - 2015-04-27 21:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-05-13 21:48 - 2015-04-27 21:05 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-05-13 21:48 - 2015-04-27 21:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-05-13 21:48 - 2015-04-27 21:05 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-05-13 21:48 - 2015-04-27 21:04 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-05-13 21:48 - 2015-04-27 21:04 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-05-13 21:48 - 2015-04-27 21:04 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-05-13 21:48 - 2015-04-27 21:04 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-05-13 21:48 - 2015-04-27 21:04 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-05-13 21:48 - 2015-04-27 21:04 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-05-13 21:48 - 2015-04-27 21:04 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-05-13 21:48 - 2015-04-27 21:04 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-05-13 21:48 - 2015-04-27 21:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-05-13 21:48 - 2015-04-27 21:03 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-05-13 21:48 - 2015-04-27 21:03 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-05-13 21:48 - 2015-04-27 21:03 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-05-13 21:48 - 2015-04-27 21:03 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-05-13 21:48 - 2015-04-27 21:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-05-13 21:48 - 2015-04-27 21:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-05-13 21:48 - 2015-04-27 21:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 20:06 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-05-13 21:48 - 2015-04-27 19:57 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-05-13 21:48 - 2015-04-27 19:57 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-05-13 21:48 - 2015-04-27 19:55 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-05-13 21:48 - 2015-04-27 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-05-13 21:48 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 21:48 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 21:48 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 21:48 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 21:48 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 21:48 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 21:48 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 21:48 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 21:48 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 21:48 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 21:48 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 21:48 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 21:48 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 21:48 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 21:48 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 21:48 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 21:48 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 21:48 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-07 11:05 - 2012-09-12 17:12 - 00000000 ____D C:\Users\edv\Documents\Bluetooth Folder
2015-06-07 11:04 - 2013-08-06 14:16 - 00000000 ____D C:\Users\Doro\Documents\Outlook-Dateien
2015-06-07 10:47 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-07 10:47 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-07 10:34 - 2014-03-22 14:22 - 01512864 _____ C:\Windows\WindowsUpdate.log
2015-06-07 10:27 - 2014-03-23 09:49 - 00046079 _____ C:\Windows\setupact.log
2015-06-07 10:27 - 2012-02-05 13:03 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-07 10:25 - 2013-06-16 13:46 - 00000000 ____D C:\Users\Doro\wiederherstellung
2015-06-07 10:05 - 2012-02-05 13:06 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-06 14:22 - 2014-06-09 13:18 - 00000000 ____D C:\Users\Doro\AppData\Local\Windows Live
2015-06-06 10:24 - 2014-08-04 13:20 - 00000000 ____D C:\Users\Doro\Documents\Bluetooth Folder
2015-06-06 07:23 - 2013-06-15 22:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-06 07:23 - 2013-03-13 15:12 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-06 07:23 - 2013-03-13 15:12 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-06 07:23 - 2013-02-23 16:54 - 00000000 ____D C:\Users\edv\AppData\Local\Adobe
2015-06-06 07:20 - 2013-06-16 11:52 - 00000000 ____D C:\Users\edv\AppData\Local\CrashDumps
2015-06-05 13:36 - 2012-12-08 12:52 - 00000000 ____D C:\Users\edv\AppData\Roaming\Avira
2015-06-04 21:53 - 2012-12-26 01:00 - 00000000 ____D C:\Users\Doro\AppData\Roaming\Skype
2015-06-04 21:06 - 2013-09-26 16:37 - 00000000 ____D C:\Users\Doro\Documents\Storys
2015-06-01 16:27 - 2014-03-22 14:37 - 00000000 ____D C:\Users\Doro\AppData\Local\Origin
2015-06-01 14:51 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-01 14:50 - 2015-04-06 15:43 - 00001266 _____ C:\Users\Public\Desktop\Die Sims 4.lnk
2015-06-01 14:50 - 2014-03-22 14:35 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-06-01 14:34 - 2014-03-22 14:26 - 00000000 ____D C:\ProgramData\Origin
2015-05-28 09:04 - 2013-02-06 20:12 - 00000000 ____D C:\Users\Doro\AppData\Local\CrashDumps
2015-05-28 08:14 - 2012-02-05 21:44 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-05-28 08:14 - 2012-02-05 21:44 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-05-28 08:14 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-05-27 09:26 - 2014-07-11 16:31 - 00001261 _____ C:\Users\Doro\Desktop\Corel Painter Essentials 4.lnk
2015-05-27 08:56 - 2012-12-31 20:16 - 00000000 ____D C:\Users\Doro\AppData\Roaming\.minecraft
2015-05-25 08:42 - 2013-06-16 14:06 - 00000000 ____D C:\Users\Doro\Documents\Schule
2015-05-24 20:50 - 2012-12-27 22:59 - 00000952 ___SH C:\ProgramData\KGyGaAvL.sys
2015-05-24 16:57 - 2013-11-18 16:01 - 00000000 ____D C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-05-22 17:28 - 2015-04-06 22:03 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-22 17:28 - 2015-04-06 22:03 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-16 16:45 - 2015-02-20 09:05 - 00000000 ____D C:\ProgramData\TEMP
2015-05-15 13:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-05-14 18:29 - 2014-07-31 20:09 - 00000000 ____D C:\Users\Doro\Documents\Exel
2015-05-14 07:37 - 2009-07-14 06:45 - 00535256 _____ C:\Windows\system32\FNTCACHE.DAT
2015-05-14 07:32 - 2011-12-28 21:21 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 07:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 01:11 - 2012-12-08 14:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-14 01:02 - 2013-08-04 13:42 - 00000000 ____D C:\Windows\system32\MRT
2015-05-14 00:57 - 2013-03-13 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 00:56 - 2013-03-13 16:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 00:56 - 2013-03-13 16:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 07:14 - 2012-12-24 20:22 - 00000000 ____D C:\Users\Doro\AppData\Roaming\Atheros
==================== Files in the root of some directories =======
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\Sounds
2014-05-29 15:42 - 2014-05-29 15:42 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\Soundtrack
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\Space Choir
2014-05-29 15:37 - 2014-05-29 15:37 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\String Comparison
2012-12-27 22:59 - 2015-05-24 20:50 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2013-06-15 22:29 - 2013-06-15 22:38 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2014-05-29 15:37 - 2014-05-29 15:37 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-05-29 15:42 - 2014-05-29 15:42 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-05-29 15:41 - 2014-05-29 15:45 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-05-29 15:41 - 2014-05-29 15:41 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\ProgramData\Specifications
2014-05-29 15:42 - 2014-05-29 15:42 - 0000268 ___RH () C:\ProgramData\Speech Enhancer
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\ProgramData\Sports
2014-05-29 15:37 - 2014-05-29 15:41 - 0000012 ___RH () C:\ProgramData\SupportPrinters
2014-05-29 15:42 - 2014-05-29 15:42 - 0000012 ___RH () C:\ProgramData\Sync Services
2014-05-29 15:41 - 2014-05-29 15:41 - 0000012 ___RH () C:\ProgramData\Synth Leads
2014-05-29 15:37 - 2014-05-29 15:37 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
Some files in TEMP:
====================
C:\Users\Doro\AppData\Local\Temp\avgnt.exe
C:\Users\Doro\AppData\Local\Temp\drm_dialogs.dll
C:\Users\Doro\AppData\Local\Temp\drm_dyndata_7270006.dll
C:\Users\Doro\AppData\Local\Temp\drm_dyndata_7330004.dll
C:\Users\Doro\AppData\Local\Temp\drm_dyndata_7370014.dll
C:\Users\Doro\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Doro\AppData\Local\Temp\ubi8B9E.tmp.exe
C:\Users\edv\AppData\Local\Temp\avgnt.exe
C:\Users\edv\AppData\Local\Temp\Quarantine.exe
C:\Users\edv\AppData\Local\Temp\readSTILog.dll
C:\Users\edv\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2013-07-13 20:25
==================== End of log ============================
und die Addition.txt Code:
ATTFilter Additional FRST Logfile: |
|
08.06.2015, 16:13
| #6 |
| /// the machine /// TB-Ausbilder | Telekom Abuse-Meldung Bedep hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ --> Telekom Abuse-Meldung Bedep |
|
08.06.2015, 19:51
| #7 |
| | Telekom Abuse-Meldung Bedep Hallo Schrauber, so, hier sind die neuen Logfiles Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
www.malwarebytes.org
Database version:
main: v2015.06.08.03
rootkit: v2015.06.02.01
Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17801
edv :: EDV-VAIO [administrator]
08.06.2015 19:27:32
mbar-log-2015-06-08 (19-27-32).txt
Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 425934
Time elapsed: 1 hour(s), 5 minute(s), 59 second(s)
Memory Processes Detected: 0
(No malicious items detected)
Memory Modules Detected: 0
(No malicious items detected)
Registry Keys Detected: 0
(No malicious items detected)
Registry Values Detected: 0
(No malicious items detected)
Registry Data Items Detected: 0
(No malicious items detected)
Folders Detected: 0
(No malicious items detected)
Files Detected: 0
(No malicious items detected)
Physical Sectors Detected: 0
(No malicious items detected)
(end)
und noch das Ergebnis des TDSSKillers: Code:
ATTFilter
20:44:27.0545 0x1f88 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:44:37.0982 0x1f88 ============================================================
20:44:37.0982 0x1f88 Current date / time: 2015/06/08 20:44:37.0982
20:44:37.0982 0x1f88 SystemInfo:
20:44:37.0982 0x1f88
20:44:37.0982 0x1f88 OS Version: 6.1.7601 ServicePack: 1.0
20:44:37.0982 0x1f88 Product type: Workstation
20:44:37.0982 0x1f88 ComputerName: EDV-VAIO
20:44:37.0982 0x1f88 UserName: edv
20:44:37.0982 0x1f88 Windows directory: C:\Windows
20:44:37.0982 0x1f88 System windows directory: C:\Windows
20:44:37.0982 0x1f88 Running under WOW64
20:44:37.0982 0x1f88 Processor architecture: Intel x64
20:44:37.0982 0x1f88 Number of processors: 4
20:44:37.0982 0x1f88 Page size: 0x1000
20:44:37.0982 0x1f88 Boot type: Normal boot
20:44:37.0982 0x1f88 ============================================================
20:44:38.0731 0x1f88 KLMD registered as C:\Windows\system32\drivers\17811059.sys
20:44:40.0369 0x1f88 System UUID: {EFD8485F-251B-93B1-C64A-E8E1602FF3EF}
20:44:42.0974 0x1f88 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:44:42.0990 0x1f88 ============================================================
20:44:42.0990 0x1f88 \Device\Harddisk0\DR0:
20:44:42.0990 0x1f88 MBR partitions:
20:44:42.0990 0x1f88 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C79000, BlocksNum 0x32000
20:44:42.0990 0x1f88 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1CAB000, BlocksNum 0x5589B000
20:44:42.0990 0x1f88 ============================================================
20:44:43.0036 0x1f88 C: <-> \Device\Harddisk0\DR0\Partition2
20:44:43.0036 0x1f88 ============================================================
20:44:43.0036 0x1f88 Initialize success
20:44:43.0036 0x1f88 ============================================================
20:45:28.0450 0x1508 ============================================================
20:45:28.0450 0x1508 Scan started
20:45:28.0450 0x1508 Mode: Manual; SigCheck; TDLFS;
20:45:28.0450 0x1508 ============================================================
20:45:28.0450 0x1508 KSN ping started
20:45:44.0284 0x1508 KSN ping finished: true
20:45:47.0388 0x1508 ================ Scan system memory ========================
20:45:47.0388 0x1508 System memory - ok
20:45:47.0388 0x1508 ================ Scan services =============================
20:45:47.0591 0x1508 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:45:47.0778 0x1508 1394ohci - ok
20:45:47.0997 0x1508 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:45:48.0044 0x1508 ACDaemon - ok
20:45:48.0090 0x1508 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:45:48.0106 0x1508 ACPI - ok
20:45:48.0153 0x1508 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:45:48.0246 0x1508 AcpiPmi - ok
20:45:48.0558 0x1508 [ 835CE0647E4E9F01BEB26201DA6705B4, C90CBED7E066ECE2F380CE84B95EAD0E120C02720DB31483BDF0E7EDF7FB4EE1 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
20:45:48.0636 0x1508 AdobeActiveFileMonitor11.0 - ok
20:45:48.0746 0x1508 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:45:48.0777 0x1508 AdobeARMservice - ok
20:45:48.0995 0x1508 [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:45:49.0026 0x1508 AdobeFlashPlayerUpdateSvc - ok
20:45:49.0104 0x1508 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:45:49.0120 0x1508 adp94xx - ok
20:45:49.0182 0x1508 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:45:49.0214 0x1508 adpahci - ok
20:45:49.0245 0x1508 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:45:49.0260 0x1508 adpu320 - ok
20:45:49.0307 0x1508 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:45:49.0416 0x1508 AeLookupSvc - ok
20:45:49.0510 0x1508 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:45:49.0619 0x1508 AFD - ok
20:45:49.0682 0x1508 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:45:49.0697 0x1508 agp440 - ok
20:45:49.0744 0x1508 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:45:49.0869 0x1508 ALG - ok
20:45:49.0931 0x1508 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:45:49.0962 0x1508 aliide - ok
20:45:49.0994 0x1508 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:45:50.0009 0x1508 amdide - ok
20:45:50.0056 0x1508 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:45:50.0150 0x1508 AmdK8 - ok
20:45:50.0196 0x1508 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:45:50.0243 0x1508 AmdPPM - ok
20:45:50.0306 0x1508 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:45:50.0321 0x1508 amdsata - ok
20:45:50.0368 0x1508 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:45:50.0399 0x1508 amdsbs - ok
20:45:50.0415 0x1508 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:45:50.0415 0x1508 amdxata - ok
20:45:50.0586 0x1508 [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
20:45:50.0618 0x1508 AntiVirMailService - ok
20:45:50.0727 0x1508 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:45:50.0758 0x1508 AntiVirSchedulerService - ok
20:45:50.0867 0x1508 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:45:50.0914 0x1508 AntiVirService - ok
20:45:51.0101 0x1508 [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
20:45:51.0132 0x1508 AntiVirWebService - ok
20:45:51.0195 0x1508 [ 12BFA9EC4B03CC16BB7D19BAA308AEF2, 83EE94308BBDE5FBFC9D863CB0C14AAD487DA0AF34FFA446CF9B4BE0A68254C7 ] ApfiltrService C:\Windows\system32\drivers\Apfiltr.sys
20:45:51.0226 0x1508 ApfiltrService - ok
20:45:51.0304 0x1508 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
20:45:51.0382 0x1508 AppID - ok
20:45:51.0460 0x1508 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:45:51.0538 0x1508 AppIDSvc - ok
20:45:51.0600 0x1508 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
20:45:51.0694 0x1508 Appinfo - ok
20:45:51.0772 0x1508 [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:45:51.0803 0x1508 Apple Mobile Device - ok
20:45:51.0850 0x1508 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
20:45:51.0881 0x1508 arc - ok
20:45:51.0912 0x1508 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:45:51.0928 0x1508 arcsas - ok
20:45:51.0975 0x1508 [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
20:45:51.0990 0x1508 ArcSoftKsUFilter - ok
20:45:52.0115 0x1508 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:45:52.0178 0x1508 aspnet_state - ok
20:45:52.0209 0x1508 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:45:52.0380 0x1508 AsyncMac - ok
20:45:52.0458 0x1508 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:45:52.0474 0x1508 atapi - ok
20:45:52.0536 0x1508 [ 50F257E19554421B6891E3F998EDCA90, 32D368632B714864D77C700B1115F4404EAA72C5F734BF6A2B96F48C3935A5D9 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:45:52.0646 0x1508 AthBTPort - ok
20:45:52.0692 0x1508 [ 4119870B90E1B5E7797D6433D21F9216, 5CDA3748A6C89B1046173F20D857D164F4170A5028370B5BB9843212CEA86C8F ] ATHDFU C:\Windows\System32\Drivers\AthDfu.sys
20:45:52.0770 0x1508 ATHDFU - ok
20:45:52.0864 0x1508 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF, 99AD83993D724538687F084318404DBF314C2249AB593AF9DD3783B0AB6B3B25 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:45:52.0911 0x1508 Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
20:45:55.0656 0x1508 Detect skipped due to KSN trusted
20:45:55.0656 0x1508 Atheros Bt&Wlan Coex Agent - ok
20:45:55.0719 0x1508 [ EBC3119394C9074A9CD87578A435050D, 4AE141D02DDE33574CC899BBEDCCC311867FB98CEDBB3E556409B018F8F795E5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:45:55.0750 0x1508 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:45:58.0496 0x1508 Detect skipped due to KSN trusted
20:45:58.0496 0x1508 AtherosSvc - ok
20:45:58.0776 0x1508 [ A5E770426D18F8EF332A593F3289DA91, 87AC97758618765814B630CB1A189CD690DC6B0EAAE93D80EDE7771FB362C9AF ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:45:59.0010 0x1508 athr - ok
20:45:59.0104 0x1508 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:45:59.0151 0x1508 AudioEndpointBuilder - ok
20:45:59.0166 0x1508 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:45:59.0198 0x1508 AudioSrv - ok
20:45:59.0276 0x1508 [ 43B6D229C7DBA9F0FC0FC0C318DB5350, F5A525DBD71FC4A323E92839C6D27F323FB304B7E9FFA35E89E9B419570AA4C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:45:59.0291 0x1508 avgntflt - ok
20:45:59.0369 0x1508 [ 626D1BAD7A1975A8FEE8876A8AD0EEA7, 59772746A2DF3B7E8D021756B8A64569AC8468CA1C802EB594494224354F1E60 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:45:59.0400 0x1508 avipbb - ok
20:45:59.0416 0x1508 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:45:59.0416 0x1508 avkmgr - ok
20:45:59.0494 0x1508 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
20:45:59.0525 0x1508 avnetflt - ok
20:45:59.0572 0x1508 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:45:59.0712 0x1508 AxInstSV - ok
20:45:59.0806 0x1508 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:45:59.0946 0x1508 b06bdrv - ok
20:45:59.0993 0x1508 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:46:00.0056 0x1508 b57nd60a - ok
20:46:00.0134 0x1508 [ 93EE7D9C35AE7E9FFDA148D7805F1421, 9D88D5CC08F887B35A893FEC80D8CC4A9E4EAAF533E27D0F1B9CC36C171C92DA ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:46:00.0165 0x1508 BBSvc - ok
20:46:00.0212 0x1508 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:46:00.0290 0x1508 BDESVC - ok
20:46:00.0321 0x1508 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:46:00.0446 0x1508 Beep - ok
20:46:00.0508 0x1508 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:46:00.0633 0x1508 BFE - ok
20:46:00.0680 0x1508 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:46:01.0460 0x1508 BITS - ok
20:46:01.0506 0x1508 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:46:01.0553 0x1508 blbdrive - ok
20:46:01.0647 0x1508 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:46:01.0678 0x1508 Bonjour Service - ok
20:46:01.0756 0x1508 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:46:01.0850 0x1508 bowser - ok
20:46:01.0943 0x1508 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:46:02.0006 0x1508 BrFiltLo - ok
20:46:02.0037 0x1508 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:46:02.0084 0x1508 BrFiltUp - ok
20:46:02.0146 0x1508 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:46:02.0240 0x1508 Browser - ok
20:46:02.0286 0x1508 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:46:02.0380 0x1508 Brserid - ok
20:46:02.0411 0x1508 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:46:02.0474 0x1508 BrSerWdm - ok
20:46:02.0520 0x1508 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:46:02.0583 0x1508 BrUsbMdm - ok
20:46:02.0630 0x1508 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:46:02.0676 0x1508 BrUsbSer - ok
20:46:02.0754 0x1508 [ B3BCD755FA9A359D10208CC9F09847CC, 8DE11815A2C76051DFF0F68BC8CF38CADD7BCA3A75EED4CC03B38DEB9F658296 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:46:02.0864 0x1508 BTATH_A2DP - ok
20:46:02.0895 0x1508 [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF710, EE6932310F97F9DC07F8EC66B3939BA73FF8B7C7B9D84CE9852C85B770681A60 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
20:46:02.0942 0x1508 btath_avdt - ok
20:46:02.0988 0x1508 [ D838DD1BCB328EFCFAD7A52DE9E3CAFD, A364C50240069D7606119E4FD3BC839F307947F680295C3A68AE1CE42B9A6108 ] BTATH_BUS C:\Windows\system32\drivers\btath_bus.sys
20:46:03.0051 0x1508 BTATH_BUS - ok
20:46:03.0238 0x1508 [ A441B800E04CF8443FAF519207563ABB, AAA865453E000B38D4DCCB435731F3843394FFA224F577B88DBBB31256F1BC39 ] BTATH_HCRP C:\Windows\system32\drivers\btath_hcrp.sys
20:46:03.0363 0x1508 BTATH_HCRP - ok
20:46:03.0410 0x1508 [ B16F8429A35BBA2A8EF9DB2E08675B97, B38952519A8AC2E0A211F685CB4AC453AA2885AA0DA39DBF92CE61FE649BC309 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:46:03.0503 0x1508 BTATH_LWFLT - ok
20:46:03.0550 0x1508 [ C24231C6BDFE21735930084A22089AAB, DF5104AC26A8D3E1C204D479F32204FE66B225DBA7EFDAC7149A02D0B5CEB714 ] BTATH_RCP C:\Windows\system32\drivers\btath_rcp.sys
20:46:03.0659 0x1508 BTATH_RCP - ok
20:46:03.0737 0x1508 [ 3632FA4C6B3CE9EC827690DEAC266D8C, 46D34968DA1BE0D793518506D4FCA094C3F15ACF530DB3660C7CD6ECCBF3C1BD ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:46:03.0878 0x1508 BtFilter - ok
20:46:03.0940 0x1508 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:46:04.0034 0x1508 BthEnum - ok
20:46:04.0096 0x1508 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:46:04.0174 0x1508 BTHMODEM - ok
20:46:04.0236 0x1508 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:46:04.0268 0x1508 BthPan - ok
20:46:04.0377 0x1508 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:46:04.0470 0x1508 BTHPORT - ok
20:46:04.0517 0x1508 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:46:04.0611 0x1508 bthserv - ok
20:46:04.0658 0x1508 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:46:04.0720 0x1508 BTHUSB - ok
20:46:04.0767 0x1508 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:46:04.0814 0x1508 cdfs - ok
20:46:04.0860 0x1508 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:46:04.0907 0x1508 cdrom - ok
20:46:04.0970 0x1508 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:46:05.0016 0x1508 CertPropSvc - ok
20:46:05.0063 0x1508 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
20:46:05.0110 0x1508 circlass - ok
20:46:05.0204 0x1508 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
20:46:05.0235 0x1508 CLFS - ok
20:46:05.0438 0x1508 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:46:05.0453 0x1508 clr_optimization_v2.0.50727_32 - ok
20:46:05.0500 0x1508 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:46:05.0562 0x1508 clr_optimization_v2.0.50727_64 - ok
20:46:05.0672 0x1508 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:46:05.0703 0x1508 clr_optimization_v4.0.30319_32 - ok
20:46:05.0781 0x1508 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:46:05.0874 0x1508 clr_optimization_v4.0.30319_64 - ok
20:46:05.0921 0x1508 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:46:05.0968 0x1508 CmBatt - ok
20:46:06.0030 0x1508 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:46:06.0046 0x1508 cmdide - ok
20:46:06.0202 0x1508 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
20:46:06.0233 0x1508 CNG - ok
20:46:06.0358 0x1508 [ 1F394DF3714ED4280047810790E6DF69, 92AD804E0F0559BF76EA8DAE038B4CDE4EBB4C4BD7A53913B714BF936B03B85E ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
20:46:06.0405 0x1508 CnxtHdAudService - ok
20:46:06.0452 0x1508 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:46:06.0483 0x1508 Compbatt - ok
20:46:06.0530 0x1508 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:46:06.0608 0x1508 CompositeBus - ok
20:46:06.0639 0x1508 COMSysApp - ok
20:46:06.0670 0x1508 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:46:06.0686 0x1508 crcdisk - ok
20:46:06.0748 0x1508 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:46:06.0795 0x1508 CryptSvc - ok
20:46:06.0935 0x1508 [ 75E3C4BB1ED032310EDCF5691A452B4B, E7FDF778CBD347017A84EB3919C530ED1EACB22277F3EA3B6FF3EA45D9FE8A6D ] DCDhcpService C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
20:46:06.0982 0x1508 DCDhcpService - detected UnsignedFile.Multi.Generic ( 1 )
20:46:10.0086 0x1508 Detect skipped due to KSN trusted
20:46:10.0086 0x1508 DCDhcpService - ok
20:46:10.0258 0x1508 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:46:10.0336 0x1508 DcomLaunch - ok
20:46:10.0383 0x1508 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:46:10.0445 0x1508 defragsvc - ok
20:46:10.0508 0x1508 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:46:10.0586 0x1508 DfsC - ok
20:46:10.0695 0x1508 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:46:10.0742 0x1508 Dhcp - ok
20:46:10.0913 0x1508 [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack C:\Windows\system32\diagtrack.dll
20:46:11.0007 0x1508 DiagTrack - ok
20:46:11.0116 0x1508 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:46:11.0241 0x1508 discache - ok
20:46:11.0288 0x1508 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
20:46:11.0319 0x1508 Disk - ok
20:46:11.0397 0x1508 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:46:11.0490 0x1508 Dnscache - ok
20:46:11.0537 0x1508 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:46:11.0600 0x1508 dot3svc - ok
20:46:11.0662 0x1508 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:46:11.0724 0x1508 DPS - ok
20:46:11.0771 0x1508 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:46:11.0849 0x1508 drmkaud - ok
20:46:11.0958 0x1508 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:46:11.0990 0x1508 DXGKrnl - ok
20:46:12.0021 0x1508 [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
20:46:12.0068 0x1508 e1yexpress - ok
20:46:12.0130 0x1508 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:46:12.0177 0x1508 EapHost - ok
20:46:12.0302 0x1508 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:46:12.0504 0x1508 ebdrv - ok
20:46:12.0582 0x1508 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS C:\Windows\System32\lsass.exe
20:46:12.0598 0x1508 EFS - ok
20:46:12.0738 0x1508 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:46:12.0801 0x1508 ehRecvr - ok
20:46:12.0848 0x1508 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:46:12.0894 0x1508 ehSched - ok
20:46:12.0972 0x1508 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:46:13.0004 0x1508 elxstor - ok
20:46:13.0035 0x1508 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:46:13.0113 0x1508 ErrDev - ok
20:46:13.0300 0x1508 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:46:13.0362 0x1508 EventSystem - ok
20:46:13.0425 0x1508 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:46:13.0503 0x1508 exfat - ok
20:46:13.0534 0x1508 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:46:13.0612 0x1508 fastfat - ok
20:46:13.0706 0x1508 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:46:13.0815 0x1508 Fax - ok
20:46:13.0877 0x1508 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
20:46:13.0908 0x1508 fdc - ok
20:46:13.0971 0x1508 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:46:14.0018 0x1508 fdPHost - ok
20:46:14.0064 0x1508 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:46:14.0111 0x1508 FDResPub - ok
20:46:14.0174 0x1508 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:46:14.0205 0x1508 FileInfo - ok
20:46:14.0220 0x1508 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:46:14.0330 0x1508 Filetrace - ok
20:46:14.0361 0x1508 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:46:14.0423 0x1508 flpydisk - ok
20:46:14.0486 0x1508 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:46:14.0501 0x1508 FltMgr - ok
20:46:14.0642 0x1508 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
20:46:14.0704 0x1508 FontCache - ok
20:46:14.0766 0x1508 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:46:14.0798 0x1508 FontCache3.0.0.0 - ok
20:46:14.0829 0x1508 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:46:14.0844 0x1508 FsDepends - ok
20:46:14.0876 0x1508 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:46:14.0891 0x1508 Fs_Rec - ok
20:46:14.0938 0x1508 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:46:14.0954 0x1508 fvevol - ok
20:46:15.0000 0x1508 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:46:15.0016 0x1508 gagp30kx - ok
20:46:15.0110 0x1508 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:46:15.0125 0x1508 GEARAspiWDM - ok
20:46:15.0234 0x1508 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:46:15.0359 0x1508 gpsvc - ok
20:46:15.0390 0x1508 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:46:15.0453 0x1508 hcw85cir - ok
20:46:15.0515 0x1508 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:46:15.0578 0x1508 HdAudAddService - ok
20:46:15.0624 0x1508 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:46:15.0687 0x1508 HDAudBus - ok
20:46:15.0718 0x1508 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:46:15.0780 0x1508 HidBatt - ok
20:46:15.0843 0x1508 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:46:15.0874 0x1508 HidBth - ok
20:46:15.0921 0x1508 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
20:46:15.0983 0x1508 HidIr - ok
20:46:16.0046 0x1508 [ 943B20F119F05BCAB4D2593E2D3D4278, 7056691C0EFF0AA236195BD254E452C026EEDFB2E257330F92A072D4CEC3B712 ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
20:46:16.0061 0x1508 hidkmdf - ok
20:46:16.0092 0x1508 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:46:16.0155 0x1508 hidserv - ok
20:46:16.0217 0x1508 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:46:16.0280 0x1508 HidUsb - ok
20:46:16.0326 0x1508 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:46:16.0436 0x1508 hkmsvc - ok
20:46:16.0482 0x1508 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:46:16.0560 0x1508 HomeGroupListener - ok
20:46:16.0592 0x1508 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:46:16.0623 0x1508 HomeGroupProvider - ok
20:46:16.0670 0x1508 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:46:16.0701 0x1508 HpSAMD - ok
20:46:16.0810 0x1508 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:46:16.0919 0x1508 HTTP - ok
20:46:16.0950 0x1508 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:46:16.0966 0x1508 hwpolicy - ok
20:46:17.0013 0x1508 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:46:17.0028 0x1508 i8042prt - ok
20:46:17.0060 0x1508 [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:46:17.0091 0x1508 iaStor - ok
20:46:17.0169 0x1508 [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:46:17.0184 0x1508 IAStorDataMgrSvc - ok
20:46:17.0278 0x1508 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:46:17.0325 0x1508 iaStorV - ok
20:46:17.0465 0x1508 [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:46:17.0512 0x1508 IconMan_R - ok
20:46:17.0621 0x1508 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:46:17.0652 0x1508 idsvc - ok
20:46:17.0684 0x1508 IEEtwCollectorService - ok
20:46:17.0715 0x1508 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:46:17.0730 0x1508 iirsp - ok
20:46:17.0808 0x1508 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:46:17.0840 0x1508 IKEEXT - ok
20:46:17.0871 0x1508 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:46:17.0886 0x1508 intelide - ok
20:46:17.0918 0x1508 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
20:46:17.0980 0x1508 intelppm - ok
20:46:18.0027 0x1508 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:46:18.0074 0x1508 IPBusEnum - ok
20:46:18.0089 0x1508 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:46:18.0120 0x1508 IpFilterDriver - ok
20:46:18.0214 0x1508 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:46:18.0323 0x1508 iphlpsvc - ok
20:46:18.0354 0x1508 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:46:18.0401 0x1508 IPMIDRV - ok
20:46:18.0448 0x1508 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:46:18.0526 0x1508 IPNAT - ok
20:46:18.0620 0x1508 [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:46:18.0651 0x1508 iPod Service - ok
20:46:18.0682 0x1508 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:46:18.0729 0x1508 IRENUM - ok
20:46:18.0744 0x1508 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:46:18.0760 0x1508 isapnp - ok
20:46:18.0791 0x1508 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:46:18.0822 0x1508 iScsiPrt - ok
20:46:18.0854 0x1508 [ F415A88162D23977B5EDAE4F0410E903, B86FD88B4285ED96BFDB9430E4DB134AC1B09DBB541929C4D6C1EEAF792D444D ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
20:46:18.0854 0x1508 IviRegMgr - ok
20:46:18.0900 0x1508 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:46:18.0916 0x1508 kbdclass - ok
20:46:18.0947 0x1508 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:46:19.0010 0x1508 kbdhid - ok
20:46:19.0072 0x1508 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso C:\Windows\system32\lsass.exe
20:46:19.0088 0x1508 KeyIso - ok
20:46:19.0197 0x1508 [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:46:19.0244 0x1508 KSecDD - ok
20:46:19.0275 0x1508 [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:46:19.0290 0x1508 KSecPkg - ok
20:46:19.0384 0x1508 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:46:19.0446 0x1508 ksthunk - ok
20:46:19.0493 0x1508 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:46:19.0540 0x1508 KtmRm - ok
20:46:19.0602 0x1508 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:46:19.0665 0x1508 LanmanServer - ok
20:46:19.0696 0x1508 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:46:19.0758 0x1508 LanmanWorkstation - ok
20:46:19.0852 0x1508 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:46:19.0930 0x1508 lltdio - ok
20:46:19.0977 0x1508 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:46:20.0070 0x1508 lltdsvc - ok
20:46:20.0117 0x1508 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:46:20.0195 0x1508 lmhosts - ok
20:46:20.0273 0x1508 [ 98B16E756243BEA9410E32025B19C06F, C4F8663FF4C2F1123CC92D88004090AD06ED12FCD07706AE168333A33B269A53 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:46:20.0289 0x1508 LMS - ok
20:46:20.0336 0x1508 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:46:20.0336 0x1508 LSI_FC - ok
20:46:20.0382 0x1508 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:46:20.0414 0x1508 LSI_SAS - ok
20:46:20.0445 0x1508 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:46:20.0460 0x1508 LSI_SAS2 - ok
20:46:20.0507 0x1508 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:46:20.0538 0x1508 LSI_SCSI - ok
20:46:20.0585 0x1508 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:46:20.0648 0x1508 luafv - ok
20:46:20.0804 0x1508 [ 98E19D3FCAAE0236816E4942C5771F89, D7E6B2EF7F253C0C68363E8AE6744FAC11930350FF568F6144EA6EA3153E4F17 ] McComponentHostServiceSony C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe
20:46:20.0835 0x1508 McComponentHostServiceSony - ok
20:46:20.0866 0x1508 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:46:20.0882 0x1508 Mcx2Svc - ok
20:46:20.0897 0x1508 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
20:46:20.0913 0x1508 megasas - ok
20:46:21.0084 0x1508 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:46:21.0162 0x1508 MegaSR - ok
20:46:21.0256 0x1508 [ 68B005AF0BC4F8823EAB5B105A40CC28, B92605200BD4AAAAC3F4FE7D9A636A6DA11FD94749719EAD8DC609E86BD38402 ] Megatech-Software-Protection C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE
20:46:21.0303 0x1508 Megatech-Software-Protection - detected UnsignedFile.Multi.Generic ( 1 )
20:46:24.0048 0x1508 Detect skipped due to KSN trusted
20:46:24.0048 0x1508 Megatech-Software-Protection - ok
20:46:24.0111 0x1508 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
20:46:24.0158 0x1508 MEIx64 - ok
20:46:24.0189 0x1508 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:46:24.0251 0x1508 MMCSS - ok
20:46:24.0282 0x1508 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:46:24.0376 0x1508 Modem - ok
20:46:24.0438 0x1508 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:46:24.0516 0x1508 monitor - ok
20:46:24.0548 0x1508 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:46:24.0563 0x1508 mouclass - ok
20:46:24.0610 0x1508 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:46:24.0688 0x1508 mouhid - ok
20:46:24.0766 0x1508 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:46:24.0797 0x1508 mountmgr - ok
20:46:24.0828 0x1508 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:46:24.0844 0x1508 mpio - ok
20:46:24.0875 0x1508 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:46:24.0906 0x1508 mpsdrv - ok
20:46:24.0953 0x1508 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:46:25.0031 0x1508 MpsSvc - ok
20:46:25.0062 0x1508 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:46:25.0109 0x1508 MRxDAV - ok
20:46:25.0140 0x1508 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:46:25.0234 0x1508 mrxsmb - ok
20:46:25.0265 0x1508 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:46:25.0281 0x1508 mrxsmb10 - ok
20:46:25.0296 0x1508 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:46:25.0328 0x1508 mrxsmb20 - ok
20:46:25.0374 0x1508 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:46:25.0390 0x1508 msahci - ok
20:46:25.0421 0x1508 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:46:25.0421 0x1508 msdsm - ok
20:46:25.0437 0x1508 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:46:25.0484 0x1508 MSDTC - ok
20:46:25.0530 0x1508 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:46:25.0608 0x1508 Msfs - ok
20:46:25.0640 0x1508 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:46:25.0671 0x1508 mshidkmdf - ok
20:46:25.0671 0x1508 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:46:25.0686 0x1508 msisadrv - ok
20:46:25.0718 0x1508 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:46:25.0764 0x1508 MSiSCSI - ok
20:46:25.0780 0x1508 msiserver - ok
20:46:25.0827 0x1508 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:46:25.0874 0x1508 MSKSSRV - ok
20:46:25.0889 0x1508 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:46:25.0952 0x1508 MSPCLOCK - ok
20:46:25.0952 0x1508 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:46:25.0983 0x1508 MSPQM - ok
20:46:26.0030 0x1508 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:46:26.0045 0x1508 MsRPC - ok
20:46:26.0061 0x1508 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:46:26.0061 0x1508 mssmbios - ok
20:46:26.0108 0x1508 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:46:26.0201 0x1508 MSTEE - ok
20:46:26.0232 0x1508 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:46:26.0279 0x1508 MTConfig - ok
20:46:26.0326 0x1508 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:46:26.0357 0x1508 Mup - ok
20:46:26.0420 0x1508 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:46:26.0466 0x1508 napagent - ok
20:46:26.0529 0x1508 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:46:26.0576 0x1508 NativeWifiP - ok
20:46:26.0654 0x1508 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:46:26.0685 0x1508 NDIS - ok
20:46:26.0716 0x1508 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:46:26.0763 0x1508 NdisCap - ok
20:46:26.0825 0x1508 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:46:26.0841 0x1508 NdisTapi - ok
20:46:26.0872 0x1508 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:46:26.0903 0x1508 Ndisuio - ok
20:46:26.0981 0x1508 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:46:27.0090 0x1508 NdisWan - ok
20:46:27.0122 0x1508 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:46:27.0215 0x1508 NDProxy - ok
20:46:27.0309 0x1508 [ 59267D2F0328599AA3B5408C2E06126F, 54D59079F04F9F08F980C1F1A8F8973ACF9C344218818A15A762287EE6F22F02 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:46:27.0371 0x1508 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
20:46:30.0150 0x1508 Detect skipped due to KSN trusted
20:46:30.0150 0x1508 Net Driver HPZ12 - ok
20:46:30.0197 0x1508 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:46:30.0322 0x1508 NetBIOS - ok
20:46:30.0353 0x1508 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:46:30.0431 0x1508 NetBT - ok
20:46:30.0478 0x1508 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon C:\Windows\system32\lsass.exe
20:46:30.0493 0x1508 Netlogon - ok
20:46:30.0556 0x1508 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:46:30.0634 0x1508 Netman - ok
20:46:30.0727 0x1508 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:46:30.0836 0x1508 NetMsmqActivator - ok
20:46:30.0852 0x1508 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:46:30.0852 0x1508 NetPipeActivator - ok
20:46:30.0914 0x1508 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:46:30.0977 0x1508 netprofm - ok
20:46:31.0008 0x1508 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:46:31.0024 0x1508 NetTcpActivator - ok
20:46:31.0039 0x1508 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:46:31.0055 0x1508 NetTcpPortSharing - ok
20:46:31.0086 0x1508 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:46:31.0117 0x1508 nfrd960 - ok
20:46:31.0180 0x1508 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:46:31.0258 0x1508 NlaSvc - ok
20:46:31.0273 0x1508 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:46:31.0336 0x1508 Npfs - ok
20:46:31.0390 0x1508 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:46:31.0481 0x1508 nsi - ok
20:46:31.0491 0x1508 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:46:31.0522 0x1508 nsiproxy - ok
20:46:31.0647 0x1508 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:46:31.0818 0x1508 Ntfs - ok
20:46:31.0881 0x1508 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:46:31.0959 0x1508 Null - ok
20:46:32.0021 0x1508 [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
20:46:32.0037 0x1508 NVHDA - ok
20:46:32.0458 0x1508 [ DEE6C390A3C573789A6805D5955BA2A1, 0C4543A3DD36B60D1B95A613C35EFCE0A30261B250A271B0061D605B2B5143E2 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:46:32.0926 0x1508 nvlddmkm - ok
20:46:33.0113 0x1508 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:46:33.0160 0x1508 nvraid - ok
20:46:33.0238 0x1508 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:46:33.0285 0x1508 nvstor - ok
20:46:33.0788 0x1508 [ AE7B95A9E45DFC0B25146941EEAB1A32, 4263FF423BCFB06A65729424308FA37D55E17F1EC16FA0D0D2138E332C0E93D5 ] NVSvc C:\Windows\system32\nvvsvc.exe
20:46:33.0819 0x1508 NVSvc - ok
20:46:33.0897 0x1508 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:46:33.0928 0x1508 nv_agp - ok
20:46:33.0959 0x1508 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:46:34.0022 0x1508 ohci1394 - ok
20:46:34.0803 0x1508 [ D06C2368C93396C6B983CE60523BA99F, ABC90E2DC2DE577AFA37BF34630502AA209C9556DFCC1757844D95D9370FFA8C ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
20:46:34.0959 0x1508 Origin Client Service - ok
20:46:35.0051 0x1508 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:46:35.0082 0x1508 ose - ok
20:46:35.0940 0x1508 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:46:36.0459 0x1508 osppsvc - ok
20:46:36.0646 0x1508 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:46:36.0693 0x1508 p2pimsvc - ok
20:46:36.0724 0x1508 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:46:36.0786 0x1508 p2psvc - ok
20:46:36.0818 0x1508 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
20:46:36.0864 0x1508 Parport - ok
20:46:36.0958 0x1508 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:46:36.0974 0x1508 partmgr - ok
20:46:37.0036 0x1508 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:46:37.0098 0x1508 PcaSvc - ok
20:46:37.0145 0x1508 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:46:37.0161 0x1508 pci - ok
20:46:37.0208 0x1508 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:46:37.0208 0x1508 pciide - ok
20:46:37.0223 0x1508 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:46:37.0239 0x1508 pcmcia - ok
20:46:37.0254 0x1508 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:46:37.0270 0x1508 pcw - ok
20:46:37.0364 0x1508 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:46:37.0379 0x1508 PEAUTH - ok
20:46:37.0488 0x1508 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:46:37.0551 0x1508 PerfHost - ok
20:46:37.0644 0x1508 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:46:37.0707 0x1508 pla - ok
20:46:37.0769 0x1508 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:46:37.0816 0x1508 PlugPlay - ok
20:46:38.0081 0x1508 [ 63694C307273062A2167AE4CE80730EF, 788E762D02A8BE9802143361A5768364A994B20E769A9733FA5827F526432893 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
20:46:38.0112 0x1508 PMBDeviceInfoProvider - ok
20:46:38.0159 0x1508 [ 5261A2FD55183AC6993145AB6662CDDF, 996358C80674B1310B3C42BB45254AFC7FF90F12176FE76EF3C930D6D3C647FE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:46:38.0190 0x1508 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
20:46:40.0956 0x1508 Detect skipped due to KSN trusted
20:46:40.0956 0x1508 Pml Driver HPZ12 - ok
20:46:41.0018 0x1508 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:46:41.0065 0x1508 PNRPAutoReg - ok
20:46:41.0112 0x1508 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:46:41.0143 0x1508 PNRPsvc - ok
20:46:41.0174 0x1508 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:46:41.0205 0x1508 PolicyAgent - ok
20:46:41.0236 0x1508 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:46:41.0283 0x1508 Power - ok
20:46:41.0330 0x1508 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:46:41.0408 0x1508 PptpMiniport - ok
20:46:41.0439 0x1508 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
20:46:41.0439 0x1508 Processor - ok
20:46:41.0486 0x1508 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
20:46:41.0548 0x1508 ProfSvc - ok
20:46:41.0548 0x1508 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:46:41.0564 0x1508 ProtectedStorage - ok
20:46:41.0611 0x1508 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:46:41.0658 0x1508 Psched - ok
20:46:41.0704 0x1508 [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
20:46:41.0736 0x1508 PSI_SVC_2 - ok
20:46:41.0845 0x1508 [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:46:41.0892 0x1508 PxHlpa64 - ok
20:46:42.0016 0x1508 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:46:42.0079 0x1508 ql2300 - ok
20:46:42.0126 0x1508 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:46:42.0157 0x1508 ql40xx - ok
20:46:42.0188 0x1508 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:46:42.0235 0x1508 QWAVE - ok
20:46:42.0266 0x1508 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:46:42.0328 0x1508 QWAVEdrv - ok
20:46:42.0360 0x1508 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:46:42.0422 0x1508 RasAcd - ok
20:46:42.0453 0x1508 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:46:42.0484 0x1508 RasAgileVpn - ok
20:46:42.0516 0x1508 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:46:42.0594 0x1508 RasAuto - ok
20:46:42.0625 0x1508 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:46:42.0687 0x1508 Rasl2tp - ok
20:46:42.0718 0x1508 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:46:42.0781 0x1508 RasMan - ok
20:46:42.0812 0x1508 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:46:42.0906 0x1508 RasPppoe - ok
20:46:42.0952 0x1508 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:46:42.0999 0x1508 RasSstp - ok
20:46:43.0015 0x1508 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:46:43.0077 0x1508 rdbss - ok
20:46:43.0124 0x1508 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:46:43.0186 0x1508 rdpbus - ok
20:46:43.0218 0x1508 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:46:43.0311 0x1508 RDPCDD - ok
20:46:43.0342 0x1508 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:46:43.0358 0x1508 RDPENCDD - ok
20:46:43.0389 0x1508 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:46:43.0420 0x1508 RDPREFMP - ok
20:46:43.0592 0x1508 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:46:43.0654 0x1508 RdpVideoMiniport - ok
20:46:43.0717 0x1508 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:46:43.0795 0x1508 RDPWD - ok
20:46:43.0842 0x1508 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:46:43.0857 0x1508 rdyboost - ok
20:46:43.0873 0x1508 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6, A0E808EA9A58FC99D694A9EBF1F7248B79CAA44D9E6E30A07CDEDBC72A8F3610 ] regi C:\Windows\system32\drivers\regi.sys
20:46:43.0873 0x1508 regi - ok
20:46:43.0888 0x1508 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:46:43.0951 0x1508 RemoteAccess - ok
20:46:44.0029 0x1508 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:46:44.0122 0x1508 RemoteRegistry - ok
20:46:44.0247 0x1508 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:46:44.0263 0x1508 RFCOMM - ok
20:46:44.0325 0x1508 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:46:44.0466 0x1508 RpcEptMapper - ok
20:46:44.0544 0x1508 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:46:44.0606 0x1508 RpcLocator - ok
20:46:44.0871 0x1508 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:46:44.0934 0x1508 RpcSs - ok
20:46:45.0105 0x1508 [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
20:46:45.0183 0x1508 RSPCIESTOR - ok
20:46:45.0199 0x1508 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:46:45.0277 0x1508 rspndr - ok
20:46:45.0339 0x1508 [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:46:45.0402 0x1508 RTL8167 - ok
20:46:45.0495 0x1508 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs C:\Windows\system32\lsass.exe
20:46:45.0511 0x1508 SamSs - ok
20:46:45.0620 0x1508 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:46:45.0637 0x1508 sbp2port - ok
20:46:45.0715 0x1508 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:46:45.0777 0x1508 SCardSvr - ok
20:46:45.0808 0x1508 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:46:45.0886 0x1508 scfilter - ok
20:46:46.0058 0x1508 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
20:46:46.0183 0x1508 Schedule - ok
20:46:46.0229 0x1508 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:46:46.0261 0x1508 SCPolicySvc - ok
20:46:46.0323 0x1508 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:46:46.0401 0x1508 sdbus - ok
20:46:46.0495 0x1508 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:46:46.0573 0x1508 SDRSVC - ok
20:46:46.0635 0x1508 [ CC781378E7EDA615D2CDCA3B17829FA4, 137BF83A2A3D69335AD031B8D73473526F782CB8917A34B3CD92F923E7660F2A ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:46:46.0666 0x1508 SeaPort - ok
20:46:46.0729 0x1508 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:46:46.0791 0x1508 secdrv - ok
20:46:46.0838 0x1508 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:46:46.0885 0x1508 seclogon - ok
20:46:46.0994 0x1508 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:46:47.0150 0x1508 SENS - ok
20:46:47.0228 0x1508 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:46:47.0321 0x1508 SensrSvc - ok
20:46:47.0353 0x1508 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:46:47.0431 0x1508 Serenum - ok
20:46:47.0477 0x1508 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
20:46:47.0524 0x1508 Serial - ok
20:46:47.0571 0x1508 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:46:47.0633 0x1508 sermouse - ok
20:46:47.0727 0x1508 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:46:47.0821 0x1508 SessionEnv - ok
20:46:47.0883 0x1508 [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP C:\Windows\system32\drivers\SFEP.sys
20:46:47.0945 0x1508 SFEP - ok
20:46:47.0961 0x1508 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:46:48.0023 0x1508 sffdisk - ok
20:46:48.0070 0x1508 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:46:48.0117 0x1508 sffp_mmc - ok
20:46:48.0226 0x1508 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:46:48.0304 0x1508 sffp_sd - ok
20:46:48.0351 0x1508 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:46:48.0367 0x1508 sfloppy - ok
20:46:48.0413 0x1508 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:46:48.0507 0x1508 SharedAccess - ok
20:46:48.0569 0x1508 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:46:48.0647 0x1508 ShellHWDetection - ok
20:46:48.0694 0x1508 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:46:48.0694 0x1508 SiSRaid2 - ok
20:46:48.0725 0x1508 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:46:48.0741 0x1508 SiSRaid4 - ok
20:46:48.0975 0x1508 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:46:49.0037 0x1508 SkypeUpdate - ok
20:46:49.0100 0x1508 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:46:49.0178 0x1508 Smb - ok
20:46:49.0256 0x1508 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:46:49.0271 0x1508 SNMPTRAP - ok
20:46:49.0443 0x1508 [ DDF2EC98AF6FC70608A4F9CE4DB52758, A3F18822C9D0EE508CCAA5323937D631950320D9642C46FD93DB764A06A78F0D ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
20:46:49.0474 0x1508 SOHCImp - ok
20:46:49.0521 0x1508 [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C, E99AD063DA8E89ECD2993D1B1AAB346A3EB4E48D687E7378C03037DD00600BB8 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
20:46:49.0537 0x1508 SOHDs - ok
20:46:49.0739 0x1508 [ 65E5659E9C2A0762D05657C0E22A7CA2, A6EE72878CFA901A94485C7BEC7675702ED207DB54F5A8ED70835B6A8A8F5754 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
20:46:49.0802 0x1508 SpfService - ok
20:46:49.0958 0x1508 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:46:49.0989 0x1508 spldr - ok
20:46:50.0067 0x1508 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:46:50.0161 0x1508 Spooler - ok
20:46:50.0707 0x1508 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:46:50.0941 0x1508 sppsvc - ok
20:46:50.0972 0x1508 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:46:51.0034 0x1508 sppuinotify - ok
20:46:51.0159 0x1508 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:46:51.0253 0x1508 srv - ok
20:46:51.0284 0x1508 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:46:51.0377 0x1508 srv2 - ok
20:46:51.0409 0x1508 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:46:51.0471 0x1508 srvnet - ok
20:46:51.0658 0x1508 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:46:51.0736 0x1508 SSDPSRV - ok
20:46:51.0814 0x1508 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:46:51.0970 0x1508 SstpSvc - ok
20:46:52.0017 0x1508 StarOpen - ok
20:46:52.0220 0x1508 [ EBAA82F7C9B97C0E450449178E007340, D470927CC216C4E3EA23236E6C6464187CD3A49C3A4A456F488FEC8E713EA31B ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:46:52.0251 0x1508 Steam Client Service - ok
20:46:52.0469 0x1508 [ 336B906017B254C2AA445DC707019513, 69D267E621ADCC4DE9AE3446054FD04D06E6CF0AA9CAA3019FF19BEE7D264CAE ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:46:52.0501 0x1508 Stereo Service - ok
20:46:52.0563 0x1508 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:46:52.0610 0x1508 stexstor - ok
20:46:52.0688 0x1508 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:46:52.0750 0x1508 stisvc - ok
20:46:52.0828 0x1508 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
20:46:52.0891 0x1508 swenum - ok
20:46:52.0969 0x1508 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:46:53.0062 0x1508 swprv - ok
20:46:53.0296 0x1508 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
20:46:53.0499 0x1508 SysMain - ok
20:46:53.0546 0x1508 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:46:53.0593 0x1508 TabletInputService - ok
20:46:53.0624 0x1508 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:46:53.0655 0x1508 TapiSrv - ok
20:46:53.0655 0x1508 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:46:53.0702 0x1508 TBS - ok
20:46:54.0076 0x1508 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:46:54.0341 0x1508 Tcpip - ok
20:46:54.0497 0x1508 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:46:54.0560 0x1508 TCPIP6 - ok
20:46:54.0607 0x1508 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:46:54.0669 0x1508 tcpipreg - ok
20:46:54.0763 0x1508 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:46:54.0825 0x1508 TDPIPE - ok
20:46:54.0841 0x1508 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:46:54.0872 0x1508 TDTCP - ok
20:46:54.0950 0x1508 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:46:54.0981 0x1508 tdx - ok
20:46:55.0028 0x1508 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
20:46:55.0043 0x1508 TermDD - ok
20:46:55.0137 0x1508 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
20:46:55.0199 0x1508 TermService - ok
20:46:55.0246 0x1508 [ 48D9D00C2E0E72C3D4F52772C80355F6, 86F281C7F5FA2FCF1A36C69DD6561531E48483CACB8A873B955F7E93D9A1D259 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
20:46:55.0262 0x1508 TFsExDisk - ok
20:46:55.0277 0x1508 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:46:55.0371 0x1508 Themes - ok
20:46:55.0402 0x1508 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:46:55.0449 0x1508 THREADORDER - ok
20:46:55.0558 0x1508 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:46:55.0652 0x1508 TrkWks - ok
20:46:55.0792 0x1508 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:46:55.0917 0x1508 TrustedInstaller - ok
20:46:56.0026 0x1508 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:46:56.0073 0x1508 tssecsrv - ok
20:46:56.0120 0x1508 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:46:56.0229 0x1508 TsUsbFlt - ok
20:46:56.0323 0x1508 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:46:56.0385 0x1508 TsUsbGD - ok
20:46:56.0432 0x1508 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:46:56.0525 0x1508 tunnel - ok
20:46:56.0635 0x1508 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:46:56.0681 0x1508 uagp35 - ok
20:46:56.0806 0x1508 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC, 30BD61BA46955BD6A48EC78538FAAB46026DD048347F8280352335EB0ECE16AD ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
20:46:56.0853 0x1508 uCamMonitor - ok
20:46:56.0978 0x1508 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:46:57.0071 0x1508 udfs - ok
20:46:57.0134 0x1508 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:46:57.0212 0x1508 UI0Detect - ok
20:46:57.0290 0x1508 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:46:57.0352 0x1508 uliagpkx - ok
20:46:57.0446 0x1508 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:46:57.0539 0x1508 umbus - ok
20:46:57.0633 0x1508 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
20:46:57.0742 0x1508 UmPass - ok
20:46:58.0148 0x1508 [ 7A78ED1088890114DFDE2C4AB038D6B6, B52357594A90A8BCF5F96FA630F52BB1274A2FE814AF0270D21C892871D076FC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:46:58.0210 0x1508 UNS - ok
20:46:58.0351 0x1508 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:46:58.0460 0x1508 upnphost - ok
20:46:58.0522 0x1508 [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:46:58.0600 0x1508 USBAAPL64 - ok
20:46:58.0678 0x1508 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:46:58.0741 0x1508 usbaudio - ok
20:46:58.0787 0x1508 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:46:58.0865 0x1508 usbccgp - ok
20:46:58.0912 0x1508 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:46:59.0006 0x1508 usbcir - ok
20:46:59.0053 0x1508 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:46:59.0115 0x1508 usbehci - ok
20:46:59.0224 0x1508 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:46:59.0287 0x1508 usbhub - ok
20:46:59.0349 0x1508 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:46:59.0365 0x1508 usbohci - ok
20:46:59.0411 0x1508 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:46:59.0474 0x1508 usbprint - ok
20:46:59.0567 0x1508 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:46:59.0645 0x1508 USBSTOR - ok
20:46:59.0708 0x1508 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:46:59.0786 0x1508 usbuhci - ok
20:46:59.0848 0x1508 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:46:59.0911 0x1508 usbvideo - ok
20:47:00.0004 0x1508 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:47:00.0145 0x1508 UxSms - ok
20:47:00.0254 0x1508 [ DCB1F83AD167D16D263CE57C94E9EEDF, 2389268A1F83F0D354111553FB5F48E77A8FE4C0A1C22376A313A961252ED259 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
20:47:00.0285 0x1508 VAIO Event Service - ok
20:47:00.0332 0x1508 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc C:\Windows\system32\lsass.exe
20:47:00.0347 0x1508 VaultSvc - ok
20:47:00.0488 0x1508 [ D00058C1FFF3F3DE990444A5734E9639, 450192C5F458888D71328994E29A6CB0E04F387BF63D49E7EABA1E1AECD680F9 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
20:47:00.0519 0x1508 VCFw - ok
20:47:00.0613 0x1508 [ F19275655B42086C884ABCDAE2C659AE, D5D36DFF2D316C390E0336B51EE9C4B23705A52A3BBCCB13CC0B95FCF5761344 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
20:47:00.0644 0x1508 VcmIAlzMgr - ok
20:47:00.0691 0x1508 [ 2F06D134554BA84FE253DBC481DCFE6D, A88780610A1B4FAFF1818CF3D86AC83B27DDDCD9CDB9F1A38C5BBFEE5632CF5E ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
20:47:00.0737 0x1508 VcmINSMgr - ok
20:47:00.0784 0x1508 [ 32A3735F6874B7783C6209ED5CA36D9D, B6DA3D749A000D99B6F0BF475C47AC0867595B634CC6502C8758B241759F531C ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
20:47:00.0815 0x1508 VcmXmlIfHelper - ok
20:47:00.0925 0x1508 [ 8F0840FF3A11D6B3F767AD6C79AC2A40, 23A9AFB841CAD5E3FA8360BB2C9531DACCF8D113145CFFE2C9D7BDE507C77509 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
20:47:00.0971 0x1508 VCService - ok
20:47:01.0003 0x1508 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:47:01.0018 0x1508 vdrvroot - ok
20:47:01.0096 0x1508 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:47:01.0205 0x1508 vds - ok
20:47:01.0283 0x1508 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:47:01.0315 0x1508 vga - ok
20:47:01.0330 0x1508 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:47:01.0424 0x1508 VgaSave - ok
20:47:01.0471 0x1508 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:47:01.0486 0x1508 vhdmp - ok
20:47:01.0517 0x1508 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:47:01.0549 0x1508 viaide - ok
20:47:01.0580 0x1508 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:47:01.0611 0x1508 volmgr - ok
20:47:01.0627 0x1508 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:47:01.0673 0x1508 volmgrx - ok
20:47:01.0720 0x1508 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:47:01.0751 0x1508 volsnap - ok
20:47:01.0814 0x1508 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:47:01.0939 0x1508 vsmraid - ok
20:47:02.0079 0x1508 [ 86958A24639B8E3A84F14307CE35650B, C16CC385239B441FD3B363EB17D0EA5C792F274347EA028758103E7DC85B9318 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
20:47:02.0126 0x1508 VSNService - ok
20:47:02.0251 0x1508 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:47:02.0344 0x1508 VSS - ok
20:47:02.0516 0x1508 [ 27A74F6B08144A7201B16A3C7C7FA3DA, 0719FEAD940A29BEDDEA17754CB8765804098574329AD1D4BDB54E64E9054F5D ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
20:47:02.0563 0x1508 VUAgent - ok
20:47:02.0609 0x1508 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:47:02.0641 0x1508 vwifibus - ok
20:47:02.0672 0x1508 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:47:02.0703 0x1508 vwififlt - ok
20:47:02.0750 0x1508 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:47:02.0781 0x1508 vwifimp - ok
20:47:02.0843 0x1508 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:47:02.0921 0x1508 W32Time - ok
20:47:02.0968 0x1508 [ 0D67B715AE6729D0B518D20B7A7BAD1C, 05B044CB816CBF54DCB634AC765A5937C76B471722C6D6E1A9C27E7EBAB68913 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
20:47:02.0968 0x1508 WacHidRouter - ok
20:47:02.0999 0x1508 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:47:03.0015 0x1508 WacomPen - ok
20:47:03.0062 0x1508 [ 1042B08B4336EF3CE34E09435BB33A4A, A42B447B4A9B364BAE329F75D36A906999E8CB754F1B10DE322B6611FF9764F7 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
20:47:03.0062 0x1508 wacomrouterfilter - ok
20:47:03.0124 0x1508 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:47:03.0187 0x1508 WANARP - ok
20:47:03.0187 0x1508 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:47:03.0218 0x1508 Wanarpv6 - ok
20:47:03.0280 0x1508 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:47:03.0358 0x1508 wbengine - ok
20:47:03.0374 0x1508 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:47:03.0389 0x1508 WbioSrvc - ok
20:47:03.0421 0x1508 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:47:03.0499 0x1508 wcncsvc - ok
20:47:03.0545 0x1508 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:47:03.0577 0x1508 WcsPlugInService - ok
20:47:03.0608 0x1508 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
20:47:03.0623 0x1508 Wd - ok
20:47:03.0701 0x1508 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:47:03.0733 0x1508 Wdf01000 - ok
20:47:03.0795 0x1508 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:47:03.0857 0x1508 WdiServiceHost - ok
20:47:03.0857 0x1508 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:47:03.0889 0x1508 WdiSystemHost - ok
20:47:03.0920 0x1508 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
20:47:03.0998 0x1508 WebClient - ok
20:47:04.0029 0x1508 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:47:04.0138 0x1508 Wecsvc - ok
20:47:04.0169 0x1508 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:47:04.0263 0x1508 wercplsupport - ok
20:47:04.0310 0x1508 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:47:04.0388 0x1508 WerSvc - ok
20:47:04.0435 0x1508 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:47:04.0450 0x1508 WfpLwf - ok
20:47:04.0481 0x1508 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:47:04.0481 0x1508 WIMMount - ok
20:47:04.0513 0x1508 WinDefend - ok
20:47:04.0513 0x1508 WinHttpAutoProxySvc - ok
20:47:04.0575 0x1508 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:47:04.0622 0x1508 Winmgmt - ok
20:47:04.0762 0x1508 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
20:47:04.0856 0x1508 WinRM - ok
20:47:04.0934 0x1508 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
20:47:04.0965 0x1508 WinUsb - ok
20:47:05.0043 0x1508 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:47:05.0105 0x1508 Wlansvc - ok
20:47:05.0261 0x1508 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:47:05.0308 0x1508 wlidsvc - ok
20:47:05.0371 0x1508 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:47:05.0386 0x1508 WmiAcpi - ok
20:47:05.0433 0x1508 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:47:05.0464 0x1508 wmiApSrv - ok
20:47:05.0495 0x1508 WMPNetworkSvc - ok
20:47:05.0511 0x1508 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:47:05.0527 0x1508 WPCSvc - ok
20:47:05.0542 0x1508 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:47:05.0573 0x1508 WPDBusEnum - ok
20:47:05.0605 0x1508 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:47:05.0667 0x1508 ws2ifsl - ok
20:47:05.0698 0x1508 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:47:05.0761 0x1508 wscsvc - ok
20:47:05.0776 0x1508 WSearch - ok
20:47:06.0041 0x1508 [ CD16EB55F78AB1C92A0711F92B04B570, 387FCC84DD142AF66E15871F9D9EF67096EDFBECC6DEB9A8FB75A09168737723 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
20:47:06.0088 0x1508 WTabletServiceCon - ok
20:47:06.0275 0x1508 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
20:47:06.0385 0x1508 wuauserv - ok
20:47:06.0416 0x1508 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:47:06.0494 0x1508 WudfPf - ok
20:47:06.0541 0x1508 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
20:47:06.0603 0x1508 WUDFRd - ok
20:47:06.0634 0x1508 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:47:06.0681 0x1508 wudfsvc - ok
20:47:06.0712 0x1508 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:47:06.0806 0x1508 WwanSvc - ok
20:47:06.0837 0x1508 ================ Scan global ===============================
20:47:06.0868 0x1508 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:47:06.0947 0x1508 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
20:47:06.0978 0x1508 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
20:47:07.0010 0x1508 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:47:07.0088 0x1508 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:47:07.0103 0x1508 [ Global ] - ok
20:47:07.0119 0x1508 ================ Scan MBR ==================================
20:47:07.0134 0x1508 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:47:07.0602 0x1508 \Device\Harddisk0\DR0 - ok
20:47:07.0618 0x1508 ================ Scan VBR ==================================
20:47:07.0649 0x1508 [ 4EF1C6241D115E4A753CF2B80CBBBA0B ] \Device\Harddisk0\DR0\Partition1
20:47:07.0649 0x1508 \Device\Harddisk0\DR0\Partition1 - ok
20:47:07.0665 0x1508 [ 6E8F6629BBBB8E5B2C3994BE0A379506 ] \Device\Harddisk0\DR0\Partition2
20:47:07.0665 0x1508 \Device\Harddisk0\DR0\Partition2 - ok
20:47:07.0665 0x1508 ================ Scan generic autorun ======================
20:47:07.0727 0x1508 [ 7D1B808410A734E427A229B31EAE8891, 36BB31B9119062A53D2AB6CCBFF820D8195776836D84AF7008CE1F18D2519009 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
20:47:07.0758 0x1508 cAudioFilterAgent - ok
20:47:07.0836 0x1508 [ B055BE4B6D723FBB68D1FC4611C7D332, 2B32189994CF8AB54C9F8575CED866138C1CC26F2FECE78F3E6B5C63EBF2AB14 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
20:47:07.0852 0x1508 AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
20:47:17.0945 0x1508 AtherosBtStack ( UnsignedFile.Multi.Generic ) - warning
20:47:21.0190 0x1508 [ 6144904300988F59D6775C0A7D200C16, 223247E5718580482D5E5EBDD74938B32C13D12584BEF9C2E9A4173C52CEC2C1 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
20:47:21.0237 0x1508 AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
20:47:23.0982 0x1508 Detect skipped due to KSN trusted
20:47:23.0982 0x1508 AthBtTray - ok
20:47:23.0982 0x1508 Apoint - ok
20:47:24.0029 0x1508 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
20:47:24.0092 0x1508 Logitech Download Assistant - ok
20:47:24.0310 0x1508 [ F9C48B76DA59CF5FF2ED937B62F5ED39, BABC2638F6C92947C79C918DFD3E605B196672B23745226DFA64F68867B7C257 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:47:24.0341 0x1508 AdobeAAMUpdater-1.0 - ok
20:47:24.0419 0x1508 [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
20:47:24.0450 0x1508 IAStorIcon - ok
20:47:24.0575 0x1508 [ 440699F90786EF6A7722B4417BB0F5C7, 75C8743E944E847541848AE972B90480AD33CA7607ECA9D4FF4C90D442AEC8FB ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
20:47:24.0669 0x1508 ISBMgr.exe - ok
20:47:24.0794 0x1508 [ 48B9248CED8A5DE4EB0917CB676CB8D5, E39AF20AE2D8B768C9E6CD060BEB7E24F71B1398472274BA7178AB9ADF8A3248 ] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
20:47:24.0903 0x1508 PMBVolumeWatcher - ok
20:47:25.0090 0x1508 [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
20:47:25.0121 0x1508 avgnt - ok
20:47:25.0168 0x1508 [ C26B09276755E0698B31CF0BAE0BF182, A95B567626C0573DF0F136818AA7E487BC4995552E9B7A041437539E49B99473 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:47:25.0184 0x1508 APSDaemon - ok
20:47:25.0308 0x1508 [ 1AA5F0A2E3E65A9F6B35C19A7C9D7762, AB08124D101C4FE8B6D4A6056783D2EAD5C049BE39A3DE772E008CD43E36F443 ] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
20:47:25.0340 0x1508 Nikon Message Center 2 - detected UnsignedFile.Multi.Generic ( 1 )
20:47:28.0070 0x1508 Detect skipped due to KSN trusted
20:47:28.0070 0x1508 Nikon Message Center 2 - ok
20:47:28.0210 0x1508 [ C6352C29C56077749CEEDD08680D347D, DF520DA9E9F8D34004E497969FC4AB0D9F057EEE5D8A0BBB91C5EBC983011ABD ] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
20:47:28.0241 0x1508 BambooCore - ok
20:47:28.0304 0x1508 [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:47:28.0319 0x1508 SunJavaUpdateSched - ok
20:47:28.0413 0x1508 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:47:28.0662 0x1508 Sidebar - ok
20:47:28.0694 0x1508 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:47:28.0725 0x1508 mctadmin - ok
20:47:28.0772 0x1508 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:47:28.0803 0x1508 Sidebar - ok
20:47:28.0818 0x1508 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:47:28.0834 0x1508 mctadmin - ok
20:47:28.0896 0x1508 [ FED1E7E085EE23781A61B6153FEAB2E8, 7DA193CADA7B9840D27F9A5D7C180A9AA3C141CC097DD2CE3CB4B70DFFD48ADA ] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
20:47:28.0912 0x1508 Elbserver - ok
20:47:28.0943 0x1508 [ A76A095006D172C1F3545F4F93B24652, 3925EF68807A5C950BB09DC1862E44D73411892AEE689192D5C81DC6B022DB26 ] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
20:47:28.0959 0x1508 VRLPHelper - ok
20:47:29.0052 0x1508 [ 1E377D64DACD4E4656C86241CE5A1233, F0AE582DBCF2525F580DA6D441B4F24BAE551CD35C0F2B19B2B0127787F2AE3A ] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
20:47:29.0130 0x1508 AutoStartNPSAgent - ok
20:47:29.0130 0x1508 Waiting for KSN requests completion. In queue: 16
20:47:30.0144 0x1508 Waiting for KSN requests completion. In queue: 16
20:47:31.0158 0x1508 Waiting for KSN requests completion. In queue: 16
20:47:32.0313 0x1508 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x40000 ( disabled : updated )
20:47:32.0360 0x1508 Win FW state via NFP2: enabled
20:47:35.0090 0x1508 ============================================================
20:47:35.0090 0x1508 Scan finished
20:47:35.0090 0x1508 ============================================================
20:47:35.0105 0x1dd4 Detected object count: 1
20:47:35.0105 0x1dd4 Actual detected object count: 1
20:47:45.0526 0x1dd4 AtherosBtStack ( UnsignedFile.Multi.Generic ) - skipped by user
20:47:45.0526 0x1dd4 AtherosBtStack ( UnsignedFile.Multi.Generic ) - User select action: Skip
Armin |
|
08.06.2015, 19:54
| #8 |
| | Telekom Abuse-Meldung Bedep Und noch das Logfile zur obigen Report-Datei des TDSSKillers: Code:
ATTFilter
20:44:27.0545 0x1f88 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
20:44:37.0982 0x1f88 ============================================================
20:44:37.0982 0x1f88 Current date / time: 2015/06/08 20:44:37.0982
20:44:37.0982 0x1f88 SystemInfo:
20:44:37.0982 0x1f88
20:44:37.0982 0x1f88 OS Version: 6.1.7601 ServicePack: 1.0
20:44:37.0982 0x1f88 Product type: Workstation
20:44:37.0982 0x1f88 ComputerName: EDV-VAIO
20:44:37.0982 0x1f88 UserName: edv
20:44:37.0982 0x1f88 Windows directory: C:\Windows
20:44:37.0982 0x1f88 System windows directory: C:\Windows
20:44:37.0982 0x1f88 Running under WOW64
20:44:37.0982 0x1f88 Processor architecture: Intel x64
20:44:37.0982 0x1f88 Number of processors: 4
20:44:37.0982 0x1f88 Page size: 0x1000
20:44:37.0982 0x1f88 Boot type: Normal boot
20:44:37.0982 0x1f88 ============================================================
20:44:38.0731 0x1f88 KLMD registered as C:\Windows\system32\drivers\17811059.sys
20:44:40.0369 0x1f88 System UUID: {EFD8485F-251B-93B1-C64A-E8E1602FF3EF}
20:44:42.0974 0x1f88 Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:44:42.0990 0x1f88 ============================================================
20:44:42.0990 0x1f88 \Device\Harddisk0\DR0:
20:44:42.0990 0x1f88 MBR partitions:
20:44:42.0990 0x1f88 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1C79000, BlocksNum 0x32000
20:44:42.0990 0x1f88 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1CAB000, BlocksNum 0x5589B000
20:44:42.0990 0x1f88 ============================================================
20:44:43.0036 0x1f88 C: <-> \Device\Harddisk0\DR0\Partition2
20:44:43.0036 0x1f88 ============================================================
20:44:43.0036 0x1f88 Initialize success
20:44:43.0036 0x1f88 ============================================================
20:45:28.0450 0x1508 ============================================================
20:45:28.0450 0x1508 Scan started
20:45:28.0450 0x1508 Mode: Manual; SigCheck; TDLFS;
20:45:28.0450 0x1508 ============================================================
20:45:28.0450 0x1508 KSN ping started
20:45:44.0284 0x1508 KSN ping finished: true
20:45:47.0388 0x1508 ================ Scan system memory ========================
20:45:47.0388 0x1508 System memory - ok
20:45:47.0388 0x1508 ================ Scan services =============================
20:45:47.0591 0x1508 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
20:45:47.0778 0x1508 1394ohci - ok
20:45:47.0997 0x1508 [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
20:45:48.0044 0x1508 ACDaemon - ok
20:45:48.0090 0x1508 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
20:45:48.0106 0x1508 ACPI - ok
20:45:48.0153 0x1508 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
20:45:48.0246 0x1508 AcpiPmi - ok
20:45:48.0558 0x1508 [ 835CE0647E4E9F01BEB26201DA6705B4, C90CBED7E066ECE2F380CE84B95EAD0E120C02720DB31483BDF0E7EDF7FB4EE1 ] AdobeActiveFileMonitor11.0 C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
20:45:48.0636 0x1508 AdobeActiveFileMonitor11.0 - ok
20:45:48.0746 0x1508 [ D19C4EE2AC7C47B8F5F84FFF1A789D8A, F419E159D3E428A3929A1A983142E7B0783D3F104EE9587585418E51011E4B8F ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:45:48.0777 0x1508 AdobeARMservice - ok
20:45:48.0995 0x1508 [ 00CC35F515079F5F94FABC3AC5C7D363, 7CE8B1715009602059DEDD6CBCA9C18EF079EDA344E7809813D6C0A395622B82 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:45:49.0026 0x1508 AdobeFlashPlayerUpdateSvc - ok
20:45:49.0104 0x1508 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
20:45:49.0120 0x1508 adp94xx - ok
20:45:49.0182 0x1508 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
20:45:49.0214 0x1508 adpahci - ok
20:45:49.0245 0x1508 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
20:45:49.0260 0x1508 adpu320 - ok
20:45:49.0307 0x1508 [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
20:45:49.0416 0x1508 AeLookupSvc - ok
20:45:49.0510 0x1508 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
20:45:49.0619 0x1508 AFD - ok
20:45:49.0682 0x1508 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
20:45:49.0697 0x1508 agp440 - ok
20:45:49.0744 0x1508 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
20:45:49.0869 0x1508 ALG - ok
20:45:49.0931 0x1508 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
20:45:49.0962 0x1508 aliide - ok
20:45:49.0994 0x1508 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
20:45:50.0009 0x1508 amdide - ok
20:45:50.0056 0x1508 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
20:45:50.0150 0x1508 AmdK8 - ok
20:45:50.0196 0x1508 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
20:45:50.0243 0x1508 AmdPPM - ok
20:45:50.0306 0x1508 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
20:45:50.0321 0x1508 amdsata - ok
20:45:50.0368 0x1508 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
20:45:50.0399 0x1508 amdsbs - ok
20:45:50.0415 0x1508 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
20:45:50.0415 0x1508 amdxata - ok
20:45:50.0586 0x1508 [ D908096B873B940BB438CE63BA35BD1E, F1C79C907E6CDBC2770C16AFFAE0D6F9B9B7DA21F5074D602AC5FE1597975748 ] AntiVirMailService C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
20:45:50.0618 0x1508 AntiVirMailService - ok
20:45:50.0727 0x1508 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
20:45:50.0758 0x1508 AntiVirSchedulerService - ok
20:45:50.0867 0x1508 [ EC705D6ED3A7F3D9AE42F6239707D9FE, B50F6BB0FC308E7403B1807DF2AAF87BEDE0B044128C580970A26801CCABC43F ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
20:45:50.0914 0x1508 AntiVirService - ok
20:45:51.0101 0x1508 [ 0F3D12E5FAE0082DB3F306095CA6B027, 726D054357031F45B43C87D798E84FA93439ECA6C691EB8C76FE524B50C25B32 ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
20:45:51.0132 0x1508 AntiVirWebService - ok
20:45:51.0195 0x1508 [ 12BFA9EC4B03CC16BB7D19BAA308AEF2, 83EE94308BBDE5FBFC9D863CB0C14AAD487DA0AF34FFA446CF9B4BE0A68254C7 ] ApfiltrService C:\Windows\system32\drivers\Apfiltr.sys
20:45:51.0226 0x1508 ApfiltrService - ok
20:45:51.0304 0x1508 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID C:\Windows\system32\drivers\appid.sys
20:45:51.0382 0x1508 AppID - ok
20:45:51.0460 0x1508 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc C:\Windows\System32\appidsvc.dll
20:45:51.0538 0x1508 AppIDSvc - ok
20:45:51.0600 0x1508 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
20:45:51.0694 0x1508 Appinfo - ok
20:45:51.0772 0x1508 [ A5299D04ED225D64CF07A568A3E1BF8C, 6F7E73893127BADC8C9815E9BCC0EB5F6584E254D0D09A0B6A680704C71E0A90 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:45:51.0803 0x1508 Apple Mobile Device - ok
20:45:51.0850 0x1508 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
20:45:51.0881 0x1508 arc - ok
20:45:51.0912 0x1508 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
20:45:51.0928 0x1508 arcsas - ok
20:45:51.0975 0x1508 [ C130BC4A51B1382B2BE8E44579EC4C0A, CC1FD33ED7CAD87A504D8678F8482CAECACD18C727BB97FFB86F39255563EEF2 ] ArcSoftKsUFilter C:\Windows\system32\DRIVERS\ArcSoftKsUFilter.sys
20:45:51.0990 0x1508 ArcSoftKsUFilter - ok
20:45:52.0115 0x1508 [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:45:52.0178 0x1508 aspnet_state - ok
20:45:52.0209 0x1508 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
20:45:52.0380 0x1508 AsyncMac - ok
20:45:52.0458 0x1508 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
20:45:52.0474 0x1508 atapi - ok
20:45:52.0536 0x1508 [ 50F257E19554421B6891E3F998EDCA90, 32D368632B714864D77C700B1115F4404EAA72C5F734BF6A2B96F48C3935A5D9 ] AthBTPort C:\Windows\system32\DRIVERS\btath_flt.sys
20:45:52.0646 0x1508 AthBTPort - ok
20:45:52.0692 0x1508 [ 4119870B90E1B5E7797D6433D21F9216, 5CDA3748A6C89B1046173F20D857D164F4170A5028370B5BB9843212CEA86C8F ] ATHDFU C:\Windows\System32\Drivers\AthDfu.sys
20:45:52.0770 0x1508 ATHDFU - ok
20:45:52.0864 0x1508 [ 650F111D5CDA64C10AE4B9D1BA9D4FFF, 99AD83993D724538687F084318404DBF314C2249AB593AF9DD3783B0AB6B3B25 ] Atheros Bt&Wlan Coex Agent C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
20:45:52.0911 0x1508 Atheros Bt&Wlan Coex Agent - detected UnsignedFile.Multi.Generic ( 1 )
20:45:55.0656 0x1508 Detect skipped due to KSN trusted
20:45:55.0656 0x1508 Atheros Bt&Wlan Coex Agent - ok
20:45:55.0719 0x1508 [ EBC3119394C9074A9CD87578A435050D, 4AE141D02DDE33574CC899BBEDCCC311867FB98CEDBB3E556409B018F8F795E5 ] AtherosSvc C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
20:45:55.0750 0x1508 AtherosSvc - detected UnsignedFile.Multi.Generic ( 1 )
20:45:58.0496 0x1508 Detect skipped due to KSN trusted
20:45:58.0496 0x1508 AtherosSvc - ok
20:45:58.0776 0x1508 [ A5E770426D18F8EF332A593F3289DA91, 87AC97758618765814B630CB1A189CD690DC6B0EAAE93D80EDE7771FB362C9AF ] athr C:\Windows\system32\DRIVERS\athrx.sys
20:45:59.0010 0x1508 athr - ok
20:45:59.0104 0x1508 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
20:45:59.0151 0x1508 AudioEndpointBuilder - ok
20:45:59.0166 0x1508 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv C:\Windows\System32\Audiosrv.dll
20:45:59.0198 0x1508 AudioSrv - ok
20:45:59.0276 0x1508 [ 43B6D229C7DBA9F0FC0FC0C318DB5350, F5A525DBD71FC4A323E92839C6D27F323FB304B7E9FFA35E89E9B419570AA4C8 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
20:45:59.0291 0x1508 avgntflt - ok
20:45:59.0369 0x1508 [ 626D1BAD7A1975A8FEE8876A8AD0EEA7, 59772746A2DF3B7E8D021756B8A64569AC8468CA1C802EB594494224354F1E60 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
20:45:59.0400 0x1508 avipbb - ok
20:45:59.0416 0x1508 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
20:45:59.0416 0x1508 avkmgr - ok
20:45:59.0494 0x1508 [ 13253E5E3B6BDF945B63B336A8C9489B, 671C716E43F89D4BDDAA2BE045CDEBBB569C85BC2BA334E1F550187B79A7740D ] avnetflt C:\Windows\system32\DRIVERS\avnetflt.sys
20:45:59.0525 0x1508 avnetflt - ok
20:45:59.0572 0x1508 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
20:45:59.0712 0x1508 AxInstSV - ok
20:45:59.0806 0x1508 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
20:45:59.0946 0x1508 b06bdrv - ok
20:45:59.0993 0x1508 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
20:46:00.0056 0x1508 b57nd60a - ok
20:46:00.0134 0x1508 [ 93EE7D9C35AE7E9FFDA148D7805F1421, 9D88D5CC08F887B35A893FEC80D8CC4A9E4EAAF533E27D0F1B9CC36C171C92DA ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
20:46:00.0165 0x1508 BBSvc - ok
20:46:00.0212 0x1508 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
20:46:00.0290 0x1508 BDESVC - ok
20:46:00.0321 0x1508 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
20:46:00.0446 0x1508 Beep - ok
20:46:00.0508 0x1508 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
20:46:00.0633 0x1508 BFE - ok
20:46:00.0680 0x1508 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
20:46:01.0460 0x1508 BITS - ok
20:46:01.0506 0x1508 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\drivers\blbdrive.sys
20:46:01.0553 0x1508 blbdrive - ok
20:46:01.0647 0x1508 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:46:01.0678 0x1508 Bonjour Service - ok
20:46:01.0756 0x1508 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
20:46:01.0850 0x1508 bowser - ok
20:46:01.0943 0x1508 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
20:46:02.0006 0x1508 BrFiltLo - ok
20:46:02.0037 0x1508 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
20:46:02.0084 0x1508 BrFiltUp - ok
20:46:02.0146 0x1508 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
20:46:02.0240 0x1508 Browser - ok
20:46:02.0286 0x1508 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
20:46:02.0380 0x1508 Brserid - ok
20:46:02.0411 0x1508 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
20:46:02.0474 0x1508 BrSerWdm - ok
20:46:02.0520 0x1508 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
20:46:02.0583 0x1508 BrUsbMdm - ok
20:46:02.0630 0x1508 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
20:46:02.0676 0x1508 BrUsbSer - ok
20:46:02.0754 0x1508 [ B3BCD755FA9A359D10208CC9F09847CC, 8DE11815A2C76051DFF0F68BC8CF38CADD7BCA3A75EED4CC03B38DEB9F658296 ] BTATH_A2DP C:\Windows\system32\drivers\btath_a2dp.sys
20:46:02.0864 0x1508 BTATH_A2DP - ok
20:46:02.0895 0x1508 [ 9BBBA9D6DBDEFC8A6542BC7A6EBAF710, EE6932310F97F9DC07F8EC66B3939BA73FF8B7C7B9D84CE9852C85B770681A60 ] btath_avdt C:\Windows\system32\drivers\btath_avdt.sys
20:46:02.0942 0x1508 btath_avdt - ok
20:46:02.0988 0x1508 [ D838DD1BCB328EFCFAD7A52DE9E3CAFD, A364C50240069D7606119E4FD3BC839F307947F680295C3A68AE1CE42B9A6108 ] BTATH_BUS C:\Windows\system32\drivers\btath_bus.sys
20:46:03.0051 0x1508 BTATH_BUS - ok
20:46:03.0238 0x1508 [ A441B800E04CF8443FAF519207563ABB, AAA865453E000B38D4DCCB435731F3843394FFA224F577B88DBBB31256F1BC39 ] BTATH_HCRP C:\Windows\system32\drivers\btath_hcrp.sys
20:46:03.0363 0x1508 BTATH_HCRP - ok
20:46:03.0410 0x1508 [ B16F8429A35BBA2A8EF9DB2E08675B97, B38952519A8AC2E0A211F685CB4AC453AA2885AA0DA39DBF92CE61FE649BC309 ] BTATH_LWFLT C:\Windows\system32\DRIVERS\btath_lwflt.sys
20:46:03.0503 0x1508 BTATH_LWFLT - ok
20:46:03.0550 0x1508 [ C24231C6BDFE21735930084A22089AAB, DF5104AC26A8D3E1C204D479F32204FE66B225DBA7EFDAC7149A02D0B5CEB714 ] BTATH_RCP C:\Windows\system32\drivers\btath_rcp.sys
20:46:03.0659 0x1508 BTATH_RCP - ok
20:46:03.0737 0x1508 [ 3632FA4C6B3CE9EC827690DEAC266D8C, 46D34968DA1BE0D793518506D4FCA094C3F15ACF530DB3660C7CD6ECCBF3C1BD ] BtFilter C:\Windows\system32\DRIVERS\btfilter.sys
20:46:03.0878 0x1508 BtFilter - ok
20:46:03.0940 0x1508 [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum C:\Windows\system32\drivers\BthEnum.sys
20:46:04.0034 0x1508 BthEnum - ok
20:46:04.0096 0x1508 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
20:46:04.0174 0x1508 BTHMODEM - ok
20:46:04.0236 0x1508 [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
20:46:04.0268 0x1508 BthPan - ok
20:46:04.0377 0x1508 [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT C:\Windows\System32\Drivers\BTHport.sys
20:46:04.0470 0x1508 BTHPORT - ok
20:46:04.0517 0x1508 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
20:46:04.0611 0x1508 bthserv - ok
20:46:04.0658 0x1508 [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB C:\Windows\System32\Drivers\BTHUSB.sys
20:46:04.0720 0x1508 BTHUSB - ok
20:46:04.0767 0x1508 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
20:46:04.0814 0x1508 cdfs - ok
20:46:04.0860 0x1508 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
20:46:04.0907 0x1508 cdrom - ok
20:46:04.0970 0x1508 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
20:46:05.0016 0x1508 CertPropSvc - ok
20:46:05.0063 0x1508 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
20:46:05.0110 0x1508 circlass - ok
20:46:05.0204 0x1508 [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS C:\Windows\system32\CLFS.sys
20:46:05.0235 0x1508 CLFS - ok
20:46:05.0438 0x1508 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
20:46:05.0453 0x1508 clr_optimization_v2.0.50727_32 - ok
20:46:05.0500 0x1508 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
20:46:05.0562 0x1508 clr_optimization_v2.0.50727_64 - ok
20:46:05.0672 0x1508 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
20:46:05.0703 0x1508 clr_optimization_v4.0.30319_32 - ok
20:46:05.0781 0x1508 [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
20:46:05.0874 0x1508 clr_optimization_v4.0.30319_64 - ok
20:46:05.0921 0x1508 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
20:46:05.0968 0x1508 CmBatt - ok
20:46:06.0030 0x1508 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
20:46:06.0046 0x1508 cmdide - ok
20:46:06.0202 0x1508 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG C:\Windows\system32\Drivers\cng.sys
20:46:06.0233 0x1508 CNG - ok
20:46:06.0358 0x1508 [ 1F394DF3714ED4280047810790E6DF69, 92AD804E0F0559BF76EA8DAE038B4CDE4EBB4C4BD7A53913B714BF936B03B85E ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys
20:46:06.0405 0x1508 CnxtHdAudService - ok
20:46:06.0452 0x1508 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
20:46:06.0483 0x1508 Compbatt - ok
20:46:06.0530 0x1508 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
20:46:06.0608 0x1508 CompositeBus - ok
20:46:06.0639 0x1508 COMSysApp - ok
20:46:06.0670 0x1508 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
20:46:06.0686 0x1508 crcdisk - ok
20:46:06.0748 0x1508 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc C:\Windows\system32\cryptsvc.dll
20:46:06.0795 0x1508 CryptSvc - ok
20:46:06.0935 0x1508 [ 75E3C4BB1ED032310EDCF5691A452B4B, E7FDF778CBD347017A84EB3919C530ED1EACB22277F3EA3B6FF3EA45D9FE8A6D ] DCDhcpService C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe
20:46:06.0982 0x1508 DCDhcpService - detected UnsignedFile.Multi.Generic ( 1 )
20:46:10.0086 0x1508 Detect skipped due to KSN trusted
20:46:10.0086 0x1508 DCDhcpService - ok
20:46:10.0258 0x1508 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
20:46:10.0336 0x1508 DcomLaunch - ok
20:46:10.0383 0x1508 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
20:46:10.0445 0x1508 defragsvc - ok
20:46:10.0508 0x1508 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
20:46:10.0586 0x1508 DfsC - ok
20:46:10.0695 0x1508 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
20:46:10.0742 0x1508 Dhcp - ok
20:46:10.0913 0x1508 [ EA8A3E8C674B03CB4AFA1D344DBD7BC1, 564D9370AE4D12973647997684B9637B2A5A7480F66B87018F789CE4E43C8191 ] DiagTrack C:\Windows\system32\diagtrack.dll
20:46:11.0007 0x1508 DiagTrack - ok
20:46:11.0116 0x1508 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
20:46:11.0241 0x1508 discache - ok
20:46:11.0288 0x1508 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
20:46:11.0319 0x1508 Disk - ok
20:46:11.0397 0x1508 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
20:46:11.0490 0x1508 Dnscache - ok
20:46:11.0537 0x1508 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
20:46:11.0600 0x1508 dot3svc - ok
20:46:11.0662 0x1508 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
20:46:11.0724 0x1508 DPS - ok
20:46:11.0771 0x1508 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
20:46:11.0849 0x1508 drmkaud - ok
20:46:11.0958 0x1508 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
20:46:11.0990 0x1508 DXGKrnl - ok
20:46:12.0021 0x1508 [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress C:\Windows\system32\DRIVERS\e1y60x64.sys
20:46:12.0068 0x1508 e1yexpress - ok
20:46:12.0130 0x1508 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
20:46:12.0177 0x1508 EapHost - ok
20:46:12.0302 0x1508 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
20:46:12.0504 0x1508 ebdrv - ok
20:46:12.0582 0x1508 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] EFS C:\Windows\System32\lsass.exe
20:46:12.0598 0x1508 EFS - ok
20:46:12.0738 0x1508 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
20:46:12.0801 0x1508 ehRecvr - ok
20:46:12.0848 0x1508 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
20:46:12.0894 0x1508 ehSched - ok
20:46:12.0972 0x1508 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
20:46:13.0004 0x1508 elxstor - ok
20:46:13.0035 0x1508 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
20:46:13.0113 0x1508 ErrDev - ok
20:46:13.0300 0x1508 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
20:46:13.0362 0x1508 EventSystem - ok
20:46:13.0425 0x1508 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
20:46:13.0503 0x1508 exfat - ok
20:46:13.0534 0x1508 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
20:46:13.0612 0x1508 fastfat - ok
20:46:13.0706 0x1508 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
20:46:13.0815 0x1508 Fax - ok
20:46:13.0877 0x1508 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
20:46:13.0908 0x1508 fdc - ok
20:46:13.0971 0x1508 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
20:46:14.0018 0x1508 fdPHost - ok
20:46:14.0064 0x1508 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
20:46:14.0111 0x1508 FDResPub - ok
20:46:14.0174 0x1508 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
20:46:14.0205 0x1508 FileInfo - ok
20:46:14.0220 0x1508 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
20:46:14.0330 0x1508 Filetrace - ok
20:46:14.0361 0x1508 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
20:46:14.0423 0x1508 flpydisk - ok
20:46:14.0486 0x1508 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
20:46:14.0501 0x1508 FltMgr - ok
20:46:14.0642 0x1508 [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache C:\Windows\system32\FntCache.dll
20:46:14.0704 0x1508 FontCache - ok
20:46:14.0766 0x1508 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:46:14.0798 0x1508 FontCache3.0.0.0 - ok
20:46:14.0829 0x1508 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
20:46:14.0844 0x1508 FsDepends - ok
20:46:14.0876 0x1508 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
20:46:14.0891 0x1508 Fs_Rec - ok
20:46:14.0938 0x1508 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
20:46:14.0954 0x1508 fvevol - ok
20:46:15.0000 0x1508 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
20:46:15.0016 0x1508 gagp30kx - ok
20:46:15.0110 0x1508 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
20:46:15.0125 0x1508 GEARAspiWDM - ok
20:46:15.0234 0x1508 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
20:46:15.0359 0x1508 gpsvc - ok
20:46:15.0390 0x1508 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
20:46:15.0453 0x1508 hcw85cir - ok
20:46:15.0515 0x1508 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
20:46:15.0578 0x1508 HdAudAddService - ok
20:46:15.0624 0x1508 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
20:46:15.0687 0x1508 HDAudBus - ok
20:46:15.0718 0x1508 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
20:46:15.0780 0x1508 HidBatt - ok
20:46:15.0843 0x1508 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
20:46:15.0874 0x1508 HidBth - ok
20:46:15.0921 0x1508 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
20:46:15.0983 0x1508 HidIr - ok
20:46:16.0046 0x1508 [ 943B20F119F05BCAB4D2593E2D3D4278, 7056691C0EFF0AA236195BD254E452C026EEDFB2E257330F92A072D4CEC3B712 ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
20:46:16.0061 0x1508 hidkmdf - ok
20:46:16.0092 0x1508 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
20:46:16.0155 0x1508 hidserv - ok
20:46:16.0217 0x1508 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
20:46:16.0280 0x1508 HidUsb - ok
20:46:16.0326 0x1508 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
20:46:16.0436 0x1508 hkmsvc - ok
20:46:16.0482 0x1508 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
20:46:16.0560 0x1508 HomeGroupListener - ok
20:46:16.0592 0x1508 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
20:46:16.0623 0x1508 HomeGroupProvider - ok
20:46:16.0670 0x1508 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
20:46:16.0701 0x1508 HpSAMD - ok
20:46:16.0810 0x1508 [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP C:\Windows\system32\drivers\HTTP.sys
20:46:16.0919 0x1508 HTTP - ok
20:46:16.0950 0x1508 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
20:46:16.0966 0x1508 hwpolicy - ok
20:46:17.0013 0x1508 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
20:46:17.0028 0x1508 i8042prt - ok
20:46:17.0060 0x1508 [ F7CE9BE72EDAC499B713ECA6DAE5D26F, AF158C8ADF0815C406435AB051C8D8DD0ECBDBA8644CB75D7611980D70662193 ] iaStor C:\Windows\system32\drivers\iaStor.sys
20:46:17.0091 0x1508 iaStor - ok
20:46:17.0169 0x1508 [ B25F192EA1F84A316EB7C19EFCCCF33D, 00BACE87CCA40722FF3AD7243439201CDCC23D0BA01E25F928BF63DA12816F8F ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
20:46:17.0184 0x1508 IAStorDataMgrSvc - ok
20:46:17.0278 0x1508 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
20:46:17.0325 0x1508 iaStorV - ok
20:46:17.0465 0x1508 [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
20:46:17.0512 0x1508 IconMan_R - ok
20:46:17.0621 0x1508 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
20:46:17.0652 0x1508 idsvc - ok
20:46:17.0684 0x1508 IEEtwCollectorService - ok
20:46:17.0715 0x1508 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
20:46:17.0730 0x1508 iirsp - ok
20:46:17.0808 0x1508 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
20:46:17.0840 0x1508 IKEEXT - ok
20:46:17.0871 0x1508 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
20:46:17.0886 0x1508 intelide - ok
20:46:17.0918 0x1508 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\drivers\intelppm.sys
20:46:17.0980 0x1508 intelppm - ok
20:46:18.0027 0x1508 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
20:46:18.0074 0x1508 IPBusEnum - ok
20:46:18.0089 0x1508 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
20:46:18.0120 0x1508 IpFilterDriver - ok
20:46:18.0214 0x1508 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
20:46:18.0323 0x1508 iphlpsvc - ok
20:46:18.0354 0x1508 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
20:46:18.0401 0x1508 IPMIDRV - ok
20:46:18.0448 0x1508 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
20:46:18.0526 0x1508 IPNAT - ok
20:46:18.0620 0x1508 [ 0F261EC4F514926177C70C1832374231, 7E61B89FE2651C0C7951E10454267174550677DEAB1C497571A9B0B583687304 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
20:46:18.0651 0x1508 iPod Service - ok
20:46:18.0682 0x1508 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
20:46:18.0729 0x1508 IRENUM - ok
20:46:18.0744 0x1508 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
20:46:18.0760 0x1508 isapnp - ok
20:46:18.0791 0x1508 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
20:46:18.0822 0x1508 iScsiPrt - ok
20:46:18.0854 0x1508 [ F415A88162D23977B5EDAE4F0410E903, B86FD88B4285ED96BFDB9430E4DB134AC1B09DBB541929C4D6C1EEAF792D444D ] IviRegMgr C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
20:46:18.0854 0x1508 IviRegMgr - ok
20:46:18.0900 0x1508 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
20:46:18.0916 0x1508 kbdclass - ok
20:46:18.0947 0x1508 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
20:46:19.0010 0x1508 kbdhid - ok
20:46:19.0072 0x1508 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] KeyIso C:\Windows\system32\lsass.exe
20:46:19.0088 0x1508 KeyIso - ok
20:46:19.0197 0x1508 [ F7DFAE6040AC910B7C64EE208A34157D, AEF1100F12391692D9DB78519D843A90C97E199A80DDC4D43E3AF1919A9E8E56 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
20:46:19.0244 0x1508 KSecDD - ok
20:46:19.0275 0x1508 [ 8FE94F2EF9BF444E93E35D87E210D02F, 78E8F6FD7C1EA3556194947707BE6893538A9E25A550C22045866C5B30251D14 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
20:46:19.0290 0x1508 KSecPkg - ok
20:46:19.0384 0x1508 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
20:46:19.0446 0x1508 ksthunk - ok
20:46:19.0493 0x1508 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
20:46:19.0540 0x1508 KtmRm - ok
20:46:19.0602 0x1508 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
20:46:19.0665 0x1508 LanmanServer - ok
20:46:19.0696 0x1508 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
20:46:19.0758 0x1508 LanmanWorkstation - ok
20:46:19.0852 0x1508 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
20:46:19.0930 0x1508 lltdio - ok
20:46:19.0977 0x1508 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
20:46:20.0070 0x1508 lltdsvc - ok
20:46:20.0117 0x1508 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
20:46:20.0195 0x1508 lmhosts - ok
20:46:20.0273 0x1508 [ 98B16E756243BEA9410E32025B19C06F, C4F8663FF4C2F1123CC92D88004090AD06ED12FCD07706AE168333A33B269A53 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
20:46:20.0289 0x1508 LMS - ok
20:46:20.0336 0x1508 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
20:46:20.0336 0x1508 LSI_FC - ok
20:46:20.0382 0x1508 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
20:46:20.0414 0x1508 LSI_SAS - ok
20:46:20.0445 0x1508 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
20:46:20.0460 0x1508 LSI_SAS2 - ok
20:46:20.0507 0x1508 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
20:46:20.0538 0x1508 LSI_SCSI - ok
20:46:20.0585 0x1508 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
20:46:20.0648 0x1508 luafv - ok
20:46:20.0804 0x1508 [ 98E19D3FCAAE0236816E4942C5771F89, D7E6B2EF7F253C0C68363E8AE6744FAC11930350FF568F6144EA6EA3153E4F17 ] McComponentHostServiceSony C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe
20:46:20.0835 0x1508 McComponentHostServiceSony - ok
20:46:20.0866 0x1508 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
20:46:20.0882 0x1508 Mcx2Svc - ok
20:46:20.0897 0x1508 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
20:46:20.0913 0x1508 megasas - ok
20:46:21.0084 0x1508 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
20:46:21.0162 0x1508 MegaSR - ok
20:46:21.0256 0x1508 [ 68B005AF0BC4F8823EAB5B105A40CC28, B92605200BD4AAAAC3F4FE7D9A636A6DA11FD94749719EAD8DC609E86BD38402 ] Megatech-Software-Protection C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE
20:46:21.0303 0x1508 Megatech-Software-Protection - detected UnsignedFile.Multi.Generic ( 1 )
20:46:24.0048 0x1508 Detect skipped due to KSN trusted
20:46:24.0048 0x1508 Megatech-Software-Protection - ok
20:46:24.0111 0x1508 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\drivers\HECIx64.sys
20:46:24.0158 0x1508 MEIx64 - ok
20:46:24.0189 0x1508 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
20:46:24.0251 0x1508 MMCSS - ok
20:46:24.0282 0x1508 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
20:46:24.0376 0x1508 Modem - ok
20:46:24.0438 0x1508 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
20:46:24.0516 0x1508 monitor - ok
20:46:24.0548 0x1508 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
20:46:24.0563 0x1508 mouclass - ok
20:46:24.0610 0x1508 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
20:46:24.0688 0x1508 mouhid - ok
20:46:24.0766 0x1508 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
20:46:24.0797 0x1508 mountmgr - ok
20:46:24.0828 0x1508 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
20:46:24.0844 0x1508 mpio - ok
20:46:24.0875 0x1508 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
20:46:24.0906 0x1508 mpsdrv - ok
20:46:24.0953 0x1508 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
20:46:25.0031 0x1508 MpsSvc - ok
20:46:25.0062 0x1508 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
20:46:25.0109 0x1508 MRxDAV - ok
20:46:25.0140 0x1508 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
20:46:25.0234 0x1508 mrxsmb - ok
20:46:25.0265 0x1508 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
20:46:25.0281 0x1508 mrxsmb10 - ok
20:46:25.0296 0x1508 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
20:46:25.0328 0x1508 mrxsmb20 - ok
20:46:25.0374 0x1508 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
20:46:25.0390 0x1508 msahci - ok
20:46:25.0421 0x1508 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
20:46:25.0421 0x1508 msdsm - ok
20:46:25.0437 0x1508 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
20:46:25.0484 0x1508 MSDTC - ok
20:46:25.0530 0x1508 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
20:46:25.0608 0x1508 Msfs - ok
20:46:25.0640 0x1508 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
20:46:25.0671 0x1508 mshidkmdf - ok
20:46:25.0671 0x1508 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
20:46:25.0686 0x1508 msisadrv - ok
20:46:25.0718 0x1508 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
20:46:25.0764 0x1508 MSiSCSI - ok
20:46:25.0780 0x1508 msiserver - ok
20:46:25.0827 0x1508 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
20:46:25.0874 0x1508 MSKSSRV - ok
20:46:25.0889 0x1508 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
20:46:25.0952 0x1508 MSPCLOCK - ok
20:46:25.0952 0x1508 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
20:46:25.0983 0x1508 MSPQM - ok
20:46:26.0030 0x1508 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
20:46:26.0045 0x1508 MsRPC - ok
20:46:26.0061 0x1508 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
20:46:26.0061 0x1508 mssmbios - ok
20:46:26.0108 0x1508 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
20:46:26.0201 0x1508 MSTEE - ok
20:46:26.0232 0x1508 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
20:46:26.0279 0x1508 MTConfig - ok
20:46:26.0326 0x1508 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
20:46:26.0357 0x1508 Mup - ok
20:46:26.0420 0x1508 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
20:46:26.0466 0x1508 napagent - ok
20:46:26.0529 0x1508 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
20:46:26.0576 0x1508 NativeWifiP - ok
20:46:26.0654 0x1508 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
20:46:26.0685 0x1508 NDIS - ok
20:46:26.0716 0x1508 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
20:46:26.0763 0x1508 NdisCap - ok
20:46:26.0825 0x1508 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
20:46:26.0841 0x1508 NdisTapi - ok
20:46:26.0872 0x1508 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
20:46:26.0903 0x1508 Ndisuio - ok
20:46:26.0981 0x1508 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
20:46:27.0090 0x1508 NdisWan - ok
20:46:27.0122 0x1508 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
20:46:27.0215 0x1508 NDProxy - ok
20:46:27.0309 0x1508 [ 59267D2F0328599AA3B5408C2E06126F, 54D59079F04F9F08F980C1F1A8F8973ACF9C344218818A15A762287EE6F22F02 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
20:46:27.0371 0x1508 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
20:46:30.0150 0x1508 Detect skipped due to KSN trusted
20:46:30.0150 0x1508 Net Driver HPZ12 - ok
20:46:30.0197 0x1508 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
20:46:30.0322 0x1508 NetBIOS - ok
20:46:30.0353 0x1508 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
20:46:30.0431 0x1508 NetBT - ok
20:46:30.0478 0x1508 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] Netlogon C:\Windows\system32\lsass.exe
20:46:30.0493 0x1508 Netlogon - ok
20:46:30.0556 0x1508 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
20:46:30.0634 0x1508 Netman - ok
20:46:30.0727 0x1508 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:46:30.0836 0x1508 NetMsmqActivator - ok
20:46:30.0852 0x1508 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:46:30.0852 0x1508 NetPipeActivator - ok
20:46:30.0914 0x1508 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
20:46:30.0977 0x1508 netprofm - ok
20:46:31.0008 0x1508 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:46:31.0024 0x1508 NetTcpActivator - ok
20:46:31.0039 0x1508 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:46:31.0055 0x1508 NetTcpPortSharing - ok
20:46:31.0086 0x1508 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
20:46:31.0117 0x1508 nfrd960 - ok
20:46:31.0180 0x1508 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc C:\Windows\System32\nlasvc.dll
20:46:31.0258 0x1508 NlaSvc - ok
20:46:31.0273 0x1508 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
20:46:31.0336 0x1508 Npfs - ok
20:46:31.0390 0x1508 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
20:46:31.0481 0x1508 nsi - ok
20:46:31.0491 0x1508 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
20:46:31.0522 0x1508 nsiproxy - ok
20:46:31.0647 0x1508 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
20:46:31.0818 0x1508 Ntfs - ok
20:46:31.0881 0x1508 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
20:46:31.0959 0x1508 Null - ok
20:46:32.0021 0x1508 [ 1F07B814C0BB5AABA703ABFF1F31F2E8, 07F578686CAE0FAB5462B472A03DD1BC5DFE0D5DA6307895534CECC330C3D220 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
20:46:32.0037 0x1508 NVHDA - ok
20:46:32.0458 0x1508 [ DEE6C390A3C573789A6805D5955BA2A1, 0C4543A3DD36B60D1B95A613C35EFCE0A30261B250A271B0061D605B2B5143E2 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
20:46:32.0926 0x1508 nvlddmkm - ok
20:46:33.0113 0x1508 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
20:46:33.0160 0x1508 nvraid - ok
20:46:33.0238 0x1508 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
20:46:33.0285 0x1508 nvstor - ok
20:46:33.0788 0x1508 [ AE7B95A9E45DFC0B25146941EEAB1A32, 4263FF423BCFB06A65729424308FA37D55E17F1EC16FA0D0D2138E332C0E93D5 ] NVSvc C:\Windows\system32\nvvsvc.exe
20:46:33.0819 0x1508 NVSvc - ok
20:46:33.0897 0x1508 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
20:46:33.0928 0x1508 nv_agp - ok
20:46:33.0959 0x1508 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
20:46:34.0022 0x1508 ohci1394 - ok
20:46:34.0803 0x1508 [ D06C2368C93396C6B983CE60523BA99F, ABC90E2DC2DE577AFA37BF34630502AA209C9556DFCC1757844D95D9370FFA8C ] Origin Client Service C:\Program Files (x86)\Origin\OriginClientService.exe
20:46:34.0959 0x1508 Origin Client Service - ok
20:46:35.0051 0x1508 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:46:35.0082 0x1508 ose - ok
20:46:35.0940 0x1508 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:46:36.0459 0x1508 osppsvc - ok
20:46:36.0646 0x1508 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
20:46:36.0693 0x1508 p2pimsvc - ok
20:46:36.0724 0x1508 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
20:46:36.0786 0x1508 p2psvc - ok
20:46:36.0818 0x1508 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
20:46:36.0864 0x1508 Parport - ok
20:46:36.0958 0x1508 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
20:46:36.0974 0x1508 partmgr - ok
20:46:37.0036 0x1508 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc C:\Windows\System32\pcasvc.dll
20:46:37.0098 0x1508 PcaSvc - ok
20:46:37.0145 0x1508 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
20:46:37.0161 0x1508 pci - ok
20:46:37.0208 0x1508 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
20:46:37.0208 0x1508 pciide - ok
20:46:37.0223 0x1508 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
20:46:37.0239 0x1508 pcmcia - ok
20:46:37.0254 0x1508 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
20:46:37.0270 0x1508 pcw - ok
20:46:37.0364 0x1508 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
20:46:37.0379 0x1508 PEAUTH - ok
20:46:37.0488 0x1508 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
20:46:37.0551 0x1508 PerfHost - ok
20:46:37.0644 0x1508 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
20:46:37.0707 0x1508 pla - ok
20:46:37.0769 0x1508 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
20:46:37.0816 0x1508 PlugPlay - ok
20:46:38.0081 0x1508 [ 63694C307273062A2167AE4CE80730EF, 788E762D02A8BE9802143361A5768364A994B20E769A9733FA5827F526432893 ] PMBDeviceInfoProvider C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
20:46:38.0112 0x1508 PMBDeviceInfoProvider - ok
20:46:38.0159 0x1508 [ 5261A2FD55183AC6993145AB6662CDDF, 996358C80674B1310B3C42BB45254AFC7FF90F12176FE76EF3C930D6D3C647FE ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
20:46:38.0190 0x1508 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
20:46:40.0956 0x1508 Detect skipped due to KSN trusted
20:46:40.0956 0x1508 Pml Driver HPZ12 - ok
20:46:41.0018 0x1508 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
20:46:41.0065 0x1508 PNRPAutoReg - ok
20:46:41.0112 0x1508 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
20:46:41.0143 0x1508 PNRPsvc - ok
20:46:41.0174 0x1508 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
20:46:41.0205 0x1508 PolicyAgent - ok
20:46:41.0236 0x1508 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
20:46:41.0283 0x1508 Power - ok
20:46:41.0330 0x1508 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
20:46:41.0408 0x1508 PptpMiniport - ok
20:46:41.0439 0x1508 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
20:46:41.0439 0x1508 Processor - ok
20:46:41.0486 0x1508 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc C:\Windows\system32\profsvc.dll
20:46:41.0548 0x1508 ProfSvc - ok
20:46:41.0548 0x1508 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] ProtectedStorage C:\Windows\system32\lsass.exe
20:46:41.0564 0x1508 ProtectedStorage - ok
20:46:41.0611 0x1508 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
20:46:41.0658 0x1508 Psched - ok
20:46:41.0704 0x1508 [ F036CFB275D0C55F4E45FBBF5F98B3C8, D8D1CA9F65B34A93AB9F7FD9BB6C453B2BF4E8320E620F56055B743DF1D56DE8 ] PSI_SVC_2 C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
20:46:41.0736 0x1508 PSI_SVC_2 - ok
20:46:41.0845 0x1508 [ 07D57B890DD5693A6AB660CBAE8F91B4, 934895A41C116056E22FE3298418332A9F4280F96E96EEE06C977A4925395674 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
20:46:41.0892 0x1508 PxHlpa64 - ok
20:46:42.0016 0x1508 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
20:46:42.0079 0x1508 ql2300 - ok
20:46:42.0126 0x1508 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
20:46:42.0157 0x1508 ql40xx - ok
20:46:42.0188 0x1508 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
20:46:42.0235 0x1508 QWAVE - ok
20:46:42.0266 0x1508 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
20:46:42.0328 0x1508 QWAVEdrv - ok
20:46:42.0360 0x1508 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
20:46:42.0422 0x1508 RasAcd - ok
20:46:42.0453 0x1508 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
20:46:42.0484 0x1508 RasAgileVpn - ok
20:46:42.0516 0x1508 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
20:46:42.0594 0x1508 RasAuto - ok
20:46:42.0625 0x1508 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
20:46:42.0687 0x1508 Rasl2tp - ok
20:46:42.0718 0x1508 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
20:46:42.0781 0x1508 RasMan - ok
20:46:42.0812 0x1508 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
20:46:42.0906 0x1508 RasPppoe - ok
20:46:42.0952 0x1508 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
20:46:42.0999 0x1508 RasSstp - ok
20:46:43.0015 0x1508 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
20:46:43.0077 0x1508 rdbss - ok
20:46:43.0124 0x1508 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
20:46:43.0186 0x1508 rdpbus - ok
20:46:43.0218 0x1508 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
20:46:43.0311 0x1508 RDPCDD - ok
20:46:43.0342 0x1508 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
20:46:43.0358 0x1508 RDPENCDD - ok
20:46:43.0389 0x1508 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
20:46:43.0420 0x1508 RDPREFMP - ok
20:46:43.0592 0x1508 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
20:46:43.0654 0x1508 RdpVideoMiniport - ok
20:46:43.0717 0x1508 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
20:46:43.0795 0x1508 RDPWD - ok
20:46:43.0842 0x1508 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
20:46:43.0857 0x1508 rdyboost - ok
20:46:43.0873 0x1508 [ 4D9AFDDDA0EFE97CDBFD3B5FA48B05F6, A0E808EA9A58FC99D694A9EBF1F7248B79CAA44D9E6E30A07CDEDBC72A8F3610 ] regi C:\Windows\system32\drivers\regi.sys
20:46:43.0873 0x1508 regi - ok
20:46:43.0888 0x1508 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
20:46:43.0951 0x1508 RemoteAccess - ok
20:46:44.0029 0x1508 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
20:46:44.0122 0x1508 RemoteRegistry - ok
20:46:44.0247 0x1508 [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
20:46:44.0263 0x1508 RFCOMM - ok
20:46:44.0325 0x1508 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
20:46:44.0466 0x1508 RpcEptMapper - ok
20:46:44.0544 0x1508 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
20:46:44.0606 0x1508 RpcLocator - ok
20:46:44.0871 0x1508 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
20:46:44.0934 0x1508 RpcSs - ok
20:46:45.0105 0x1508 [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
20:46:45.0183 0x1508 RSPCIESTOR - ok
20:46:45.0199 0x1508 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
20:46:45.0277 0x1508 rspndr - ok
20:46:45.0339 0x1508 [ EA5532868BA76923D75BCB2A1448D810, C1489714C9BC95BB76134E6B8F28C5A3D044E9B2857F01BFEEEE7C8A25C74E7D ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
20:46:45.0402 0x1508 RTL8167 - ok
20:46:45.0495 0x1508 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] SamSs C:\Windows\system32\lsass.exe
20:46:45.0511 0x1508 SamSs - ok
20:46:45.0620 0x1508 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
20:46:45.0637 0x1508 sbp2port - ok
20:46:45.0715 0x1508 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
20:46:45.0777 0x1508 SCardSvr - ok
20:46:45.0808 0x1508 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
20:46:45.0886 0x1508 scfilter - ok
20:46:46.0058 0x1508 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
20:46:46.0183 0x1508 Schedule - ok
20:46:46.0229 0x1508 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
20:46:46.0261 0x1508 SCPolicySvc - ok
20:46:46.0323 0x1508 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
20:46:46.0401 0x1508 sdbus - ok
20:46:46.0495 0x1508 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
20:46:46.0573 0x1508 SDRSVC - ok
20:46:46.0635 0x1508 [ CC781378E7EDA615D2CDCA3B17829FA4, 137BF83A2A3D69335AD031B8D73473526F782CB8917A34B3CD92F923E7660F2A ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
20:46:46.0666 0x1508 SeaPort - ok
20:46:46.0729 0x1508 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
20:46:46.0791 0x1508 secdrv - ok
20:46:46.0838 0x1508 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
20:46:46.0885 0x1508 seclogon - ok
20:46:46.0994 0x1508 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
20:46:47.0150 0x1508 SENS - ok
20:46:47.0228 0x1508 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
20:46:47.0321 0x1508 SensrSvc - ok
20:46:47.0353 0x1508 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys
20:46:47.0431 0x1508 Serenum - ok
20:46:47.0477 0x1508 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys
20:46:47.0524 0x1508 Serial - ok
20:46:47.0571 0x1508 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
20:46:47.0633 0x1508 sermouse - ok
20:46:47.0727 0x1508 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
20:46:47.0821 0x1508 SessionEnv - ok
20:46:47.0883 0x1508 [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP C:\Windows\system32\drivers\SFEP.sys
20:46:47.0945 0x1508 SFEP - ok
20:46:47.0961 0x1508 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
20:46:48.0023 0x1508 sffdisk - ok
20:46:48.0070 0x1508 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
20:46:48.0117 0x1508 sffp_mmc - ok
20:46:48.0226 0x1508 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
20:46:48.0304 0x1508 sffp_sd - ok
20:46:48.0351 0x1508 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
20:46:48.0367 0x1508 sfloppy - ok
20:46:48.0413 0x1508 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
20:46:48.0507 0x1508 SharedAccess - ok
20:46:48.0569 0x1508 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
20:46:48.0647 0x1508 ShellHWDetection - ok
20:46:48.0694 0x1508 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
20:46:48.0694 0x1508 SiSRaid2 - ok
20:46:48.0725 0x1508 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
20:46:48.0741 0x1508 SiSRaid4 - ok
20:46:48.0975 0x1508 [ F6EF225A23D336CA30001E5007644C24, B0A4B1256C1074F1B4F73E3BBA16FD4683D6EEA583DEEF8E11EFD29BA7541F2A ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
20:46:49.0037 0x1508 SkypeUpdate - ok
20:46:49.0100 0x1508 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
20:46:49.0178 0x1508 Smb - ok
20:46:49.0256 0x1508 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
20:46:49.0271 0x1508 SNMPTRAP - ok
20:46:49.0443 0x1508 [ DDF2EC98AF6FC70608A4F9CE4DB52758, A3F18822C9D0EE508CCAA5323937D631950320D9642C46FD93DB764A06A78F0D ] SOHCImp C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
20:46:49.0474 0x1508 SOHCImp - ok
20:46:49.0521 0x1508 [ 5FA03F5EA6EFEF6D17B4A1A48C40A23C, E99AD063DA8E89ECD2993D1B1AAB346A3EB4E48D687E7378C03037DD00600BB8 ] SOHDs C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
20:46:49.0537 0x1508 SOHDs - ok
20:46:49.0739 0x1508 [ 65E5659E9C2A0762D05657C0E22A7CA2, A6EE72878CFA901A94485C7BEC7675702ED207DB54F5A8ED70835B6A8A8F5754 ] SpfService C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
20:46:49.0802 0x1508 SpfService - ok
20:46:49.0958 0x1508 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
20:46:49.0989 0x1508 spldr - ok
20:46:50.0067 0x1508 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
20:46:50.0161 0x1508 Spooler - ok
20:46:50.0707 0x1508 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
20:46:50.0941 0x1508 sppsvc - ok
20:46:50.0972 0x1508 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
20:46:51.0034 0x1508 sppuinotify - ok
20:46:51.0159 0x1508 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
20:46:51.0253 0x1508 srv - ok
20:46:51.0284 0x1508 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
20:46:51.0377 0x1508 srv2 - ok
20:46:51.0409 0x1508 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
20:46:51.0471 0x1508 srvnet - ok
20:46:51.0658 0x1508 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
20:46:51.0736 0x1508 SSDPSRV - ok
20:46:51.0814 0x1508 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
20:46:51.0970 0x1508 SstpSvc - ok
20:46:52.0017 0x1508 StarOpen - ok
20:46:52.0220 0x1508 [ EBAA82F7C9B97C0E450449178E007340, D470927CC216C4E3EA23236E6C6464187CD3A49C3A4A456F488FEC8E713EA31B ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
20:46:52.0251 0x1508 Steam Client Service - ok
20:46:52.0469 0x1508 [ 336B906017B254C2AA445DC707019513, 69D267E621ADCC4DE9AE3446054FD04D06E6CF0AA9CAA3019FF19BEE7D264CAE ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
20:46:52.0501 0x1508 Stereo Service - ok
20:46:52.0563 0x1508 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
20:46:52.0610 0x1508 stexstor - ok
20:46:52.0688 0x1508 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
20:46:52.0750 0x1508 stisvc - ok
20:46:52.0828 0x1508 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
20:46:52.0891 0x1508 swenum - ok
20:46:52.0969 0x1508 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
20:46:53.0062 0x1508 swprv - ok
20:46:53.0296 0x1508 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
20:46:53.0499 0x1508 SysMain - ok
20:46:53.0546 0x1508 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
20:46:53.0593 0x1508 TabletInputService - ok
20:46:53.0624 0x1508 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
20:46:53.0655 0x1508 TapiSrv - ok
20:46:53.0655 0x1508 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
20:46:53.0702 0x1508 TBS - ok
20:46:54.0076 0x1508 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
20:46:54.0341 0x1508 Tcpip - ok
20:46:54.0497 0x1508 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
20:46:54.0560 0x1508 TCPIP6 - ok
20:46:54.0607 0x1508 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
20:46:54.0669 0x1508 tcpipreg - ok
20:46:54.0763 0x1508 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
20:46:54.0825 0x1508 TDPIPE - ok
20:46:54.0841 0x1508 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
20:46:54.0872 0x1508 TDTCP - ok
20:46:54.0950 0x1508 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx C:\Windows\system32\DRIVERS\tdx.sys
20:46:54.0981 0x1508 tdx - ok
20:46:55.0028 0x1508 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
20:46:55.0043 0x1508 TermDD - ok
20:46:55.0137 0x1508 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService C:\Windows\System32\termsrv.dll
20:46:55.0199 0x1508 TermService - ok
20:46:55.0246 0x1508 [ 48D9D00C2E0E72C3D4F52772C80355F6, 86F281C7F5FA2FCF1A36C69DD6561531E48483CACB8A873B955F7E93D9A1D259 ] TFsExDisk C:\Windows\System32\Drivers\TFsExDisk.sys
20:46:55.0262 0x1508 TFsExDisk - ok
20:46:55.0277 0x1508 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
20:46:55.0371 0x1508 Themes - ok
20:46:55.0402 0x1508 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
20:46:55.0449 0x1508 THREADORDER - ok
20:46:55.0558 0x1508 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
20:46:55.0652 0x1508 TrkWks - ok
20:46:55.0792 0x1508 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
20:46:55.0917 0x1508 TrustedInstaller - ok
20:46:56.0026 0x1508 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
20:46:56.0073 0x1508 tssecsrv - ok
20:46:56.0120 0x1508 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
20:46:56.0229 0x1508 TsUsbFlt - ok
20:46:56.0323 0x1508 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
20:46:56.0385 0x1508 TsUsbGD - ok
20:46:56.0432 0x1508 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
20:46:56.0525 0x1508 tunnel - ok
20:46:56.0635 0x1508 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
20:46:56.0681 0x1508 uagp35 - ok
20:46:56.0806 0x1508 [ 1FE69F3C1CA1CF4B7EC7E2E9090FFFDC, 30BD61BA46955BD6A48EC78538FAAB46026DD048347F8280352335EB0ECE16AD ] uCamMonitor C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
20:46:56.0853 0x1508 uCamMonitor - ok
20:46:56.0978 0x1508 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
20:46:57.0071 0x1508 udfs - ok
20:46:57.0134 0x1508 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
20:46:57.0212 0x1508 UI0Detect - ok
20:46:57.0290 0x1508 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
20:46:57.0352 0x1508 uliagpkx - ok
20:46:57.0446 0x1508 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
20:46:57.0539 0x1508 umbus - ok
20:46:57.0633 0x1508 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
20:46:57.0742 0x1508 UmPass - ok
20:46:58.0148 0x1508 [ 7A78ED1088890114DFDE2C4AB038D6B6, B52357594A90A8BCF5F96FA630F52BB1274A2FE814AF0270D21C892871D076FC ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
20:46:58.0210 0x1508 UNS - ok
20:46:58.0351 0x1508 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
20:46:58.0460 0x1508 upnphost - ok
20:46:58.0522 0x1508 [ 43228F8EDD1B0BCDD3145AD246E63D39, 108D8793E9F94C0A0E895398599B359121751F2E7BAA8B7BD24838AEF646726D ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
20:46:58.0600 0x1508 USBAAPL64 - ok
20:46:58.0678 0x1508 [ B0435098C81D04CAFFF80DDB746CD3A2, A17B207740382E38729571F0B0BC98FF874E856A7C7CE9EB930328A2AD88F52A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
20:46:58.0741 0x1508 usbaudio - ok
20:46:58.0787 0x1508 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
20:46:58.0865 0x1508 usbccgp - ok
20:46:58.0912 0x1508 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
20:46:59.0006 0x1508 usbcir - ok
20:46:59.0053 0x1508 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
20:46:59.0115 0x1508 usbehci - ok
20:46:59.0224 0x1508 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
20:46:59.0287 0x1508 usbhub - ok
20:46:59.0349 0x1508 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
20:46:59.0365 0x1508 usbohci - ok
20:46:59.0411 0x1508 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
20:46:59.0474 0x1508 usbprint - ok
20:46:59.0567 0x1508 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
20:46:59.0645 0x1508 USBSTOR - ok
20:46:59.0708 0x1508 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
20:46:59.0786 0x1508 usbuhci - ok
20:46:59.0848 0x1508 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
20:46:59.0911 0x1508 usbvideo - ok
20:47:00.0004 0x1508 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
20:47:00.0145 0x1508 UxSms - ok
20:47:00.0254 0x1508 [ DCB1F83AD167D16D263CE57C94E9EEDF, 2389268A1F83F0D354111553FB5F48E77A8FE4C0A1C22376A313A961252ED259 ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
20:47:00.0285 0x1508 VAIO Event Service - ok
20:47:00.0332 0x1508 [ 9262D6E2C239EDD6D87B080F2BCCEC9F, 4947F2C3DD9D2D08CBB03FCA822C78B24F841464FF52FDBFF7D34AC7EB484104 ] VaultSvc C:\Windows\system32\lsass.exe
20:47:00.0347 0x1508 VaultSvc - ok
20:47:00.0488 0x1508 [ D00058C1FFF3F3DE990444A5734E9639, 450192C5F458888D71328994E29A6CB0E04F387BF63D49E7EABA1E1AECD680F9 ] VCFw C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
20:47:00.0519 0x1508 VCFw - ok
20:47:00.0613 0x1508 [ F19275655B42086C884ABCDAE2C659AE, D5D36DFF2D316C390E0336B51EE9C4B23705A52A3BBCCB13CC0B95FCF5761344 ] VcmIAlzMgr C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
20:47:00.0644 0x1508 VcmIAlzMgr - ok
20:47:00.0691 0x1508 [ 2F06D134554BA84FE253DBC481DCFE6D, A88780610A1B4FAFF1818CF3D86AC83B27DDDCD9CDB9F1A38C5BBFEE5632CF5E ] VcmINSMgr C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe
20:47:00.0737 0x1508 VcmINSMgr - ok
20:47:00.0784 0x1508 [ 32A3735F6874B7783C6209ED5CA36D9D, B6DA3D749A000D99B6F0BF475C47AC0867595B634CC6502C8758B241759F531C ] VcmXmlIfHelper C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe
20:47:00.0815 0x1508 VcmXmlIfHelper - ok
20:47:00.0925 0x1508 [ 8F0840FF3A11D6B3F767AD6C79AC2A40, 23A9AFB841CAD5E3FA8360BB2C9531DACCF8D113145CFFE2C9D7BDE507C77509 ] VCService C:\Program Files\Sony\VAIO Care\VCService.exe
20:47:00.0971 0x1508 VCService - ok
20:47:01.0003 0x1508 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
20:47:01.0018 0x1508 vdrvroot - ok
20:47:01.0096 0x1508 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
20:47:01.0205 0x1508 vds - ok
20:47:01.0283 0x1508 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
20:47:01.0315 0x1508 vga - ok
20:47:01.0330 0x1508 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
20:47:01.0424 0x1508 VgaSave - ok
20:47:01.0471 0x1508 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
20:47:01.0486 0x1508 vhdmp - ok
20:47:01.0517 0x1508 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
20:47:01.0549 0x1508 viaide - ok
20:47:01.0580 0x1508 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
20:47:01.0611 0x1508 volmgr - ok
20:47:01.0627 0x1508 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
20:47:01.0673 0x1508 volmgrx - ok
20:47:01.0720 0x1508 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
20:47:01.0751 0x1508 volsnap - ok
20:47:01.0814 0x1508 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
20:47:01.0939 0x1508 vsmraid - ok
20:47:02.0079 0x1508 [ 86958A24639B8E3A84F14307CE35650B, C16CC385239B441FD3B363EB17D0EA5C792F274347EA028758103E7DC85B9318 ] VSNService C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
20:47:02.0126 0x1508 VSNService - ok
20:47:02.0251 0x1508 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
20:47:02.0344 0x1508 VSS - ok
20:47:02.0516 0x1508 [ 27A74F6B08144A7201B16A3C7C7FA3DA, 0719FEAD940A29BEDDEA17754CB8765804098574329AD1D4BDB54E64E9054F5D ] VUAgent C:\Program Files\Sony\VAIO Update\VUAgent.exe
20:47:02.0563 0x1508 VUAgent - ok
20:47:02.0609 0x1508 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
20:47:02.0641 0x1508 vwifibus - ok
20:47:02.0672 0x1508 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
20:47:02.0703 0x1508 vwififlt - ok
20:47:02.0750 0x1508 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\Windows\system32\DRIVERS\vwifimp.sys
20:47:02.0781 0x1508 vwifimp - ok
20:47:02.0843 0x1508 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
20:47:02.0921 0x1508 W32Time - ok
20:47:02.0968 0x1508 [ 0D67B715AE6729D0B518D20B7A7BAD1C, 05B044CB816CBF54DCB634AC765A5937C76B471722C6D6E1A9C27E7EBAB68913 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
20:47:02.0968 0x1508 WacHidRouter - ok
20:47:02.0999 0x1508 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
20:47:03.0015 0x1508 WacomPen - ok
20:47:03.0062 0x1508 [ 1042B08B4336EF3CE34E09435BB33A4A, A42B447B4A9B364BAE329F75D36A906999E8CB754F1B10DE322B6611FF9764F7 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
20:47:03.0062 0x1508 wacomrouterfilter - ok
20:47:03.0124 0x1508 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
20:47:03.0187 0x1508 WANARP - ok
20:47:03.0187 0x1508 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
20:47:03.0218 0x1508 Wanarpv6 - ok
20:47:03.0280 0x1508 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
20:47:03.0358 0x1508 wbengine - ok
20:47:03.0374 0x1508 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
20:47:03.0389 0x1508 WbioSrvc - ok
20:47:03.0421 0x1508 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
20:47:03.0499 0x1508 wcncsvc - ok
20:47:03.0545 0x1508 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
20:47:03.0577 0x1508 WcsPlugInService - ok
20:47:03.0608 0x1508 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
20:47:03.0623 0x1508 Wd - ok
20:47:03.0701 0x1508 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
20:47:03.0733 0x1508 Wdf01000 - ok
20:47:03.0795 0x1508 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\Windows\system32\wdi.dll
20:47:03.0857 0x1508 WdiServiceHost - ok
20:47:03.0857 0x1508 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost C:\Windows\system32\wdi.dll
20:47:03.0889 0x1508 WdiSystemHost - ok
20:47:03.0920 0x1508 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
20:47:03.0998 0x1508 WebClient - ok
20:47:04.0029 0x1508 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
20:47:04.0138 0x1508 Wecsvc - ok
20:47:04.0169 0x1508 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
20:47:04.0263 0x1508 wercplsupport - ok
20:47:04.0310 0x1508 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
20:47:04.0388 0x1508 WerSvc - ok
20:47:04.0435 0x1508 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
20:47:04.0450 0x1508 WfpLwf - ok
20:47:04.0481 0x1508 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
20:47:04.0481 0x1508 WIMMount - ok
20:47:04.0513 0x1508 WinDefend - ok
20:47:04.0513 0x1508 WinHttpAutoProxySvc - ok
20:47:04.0575 0x1508 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
20:47:04.0622 0x1508 Winmgmt - ok
20:47:04.0762 0x1508 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM C:\Windows\system32\WsmSvc.dll
20:47:04.0856 0x1508 WinRM - ok
20:47:04.0934 0x1508 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\drivers\WinUsb.sys
20:47:04.0965 0x1508 WinUsb - ok
20:47:05.0043 0x1508 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
20:47:05.0105 0x1508 Wlansvc - ok
20:47:05.0261 0x1508 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
20:47:05.0308 0x1508 wlidsvc - ok
20:47:05.0371 0x1508 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
20:47:05.0386 0x1508 WmiAcpi - ok
20:47:05.0433 0x1508 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
20:47:05.0464 0x1508 wmiApSrv - ok
20:47:05.0495 0x1508 WMPNetworkSvc - ok
20:47:05.0511 0x1508 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
20:47:05.0527 0x1508 WPCSvc - ok
20:47:05.0542 0x1508 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
20:47:05.0573 0x1508 WPDBusEnum - ok
20:47:05.0605 0x1508 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
20:47:05.0667 0x1508 ws2ifsl - ok
20:47:05.0698 0x1508 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
20:47:05.0761 0x1508 wscsvc - ok
20:47:05.0776 0x1508 WSearch - ok
20:47:06.0041 0x1508 [ CD16EB55F78AB1C92A0711F92B04B570, 387FCC84DD142AF66E15871F9D9EF67096EDFBECC6DEB9A8FB75A09168737723 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
20:47:06.0088 0x1508 WTabletServiceCon - ok
20:47:06.0275 0x1508 [ 0814A74C853F50B354F08F83DDA9F7FB, 0A63BAA8DE451B8C2C71FEF961718E769B9BAC305C76D24048C664CB27D0DF28 ] wuauserv C:\Windows\system32\wuaueng.dll
20:47:06.0385 0x1508 wuauserv - ok
20:47:06.0416 0x1508 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
20:47:06.0494 0x1508 WudfPf - ok
20:47:06.0541 0x1508 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\drivers\WUDFRd.sys
20:47:06.0603 0x1508 WUDFRd - ok
20:47:06.0634 0x1508 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
20:47:06.0681 0x1508 wudfsvc - ok
20:47:06.0712 0x1508 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
20:47:06.0806 0x1508 WwanSvc - ok
20:47:06.0837 0x1508 ================ Scan global ===============================
20:47:06.0868 0x1508 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
20:47:06.0947 0x1508 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
20:47:06.0978 0x1508 [ D17DD01601460F5899E5C154B3FD0BFA, B2FCFDE4B6F87634EA1F6D8AEA6D9B3C641D41D999C68B76F95491539B19D422 ] C:\Windows\system32\winsrv.dll
20:47:07.0010 0x1508 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
20:47:07.0088 0x1508 [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
20:47:07.0103 0x1508 [ Global ] - ok
20:47:07.0119 0x1508 ================ Scan MBR ==================================
20:47:07.0134 0x1508 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
20:47:07.0602 0x1508 \Device\Harddisk0\DR0 - ok
20:47:07.0618 0x1508 ================ Scan VBR ==================================
20:47:07.0649 0x1508 [ 4EF1C6241D115E4A753CF2B80CBBBA0B ] \Device\Harddisk0\DR0\Partition1
20:47:07.0649 0x1508 \Device\Harddisk0\DR0\Partition1 - ok
20:47:07.0665 0x1508 [ 6E8F6629BBBB8E5B2C3994BE0A379506 ] \Device\Harddisk0\DR0\Partition2
20:47:07.0665 0x1508 \Device\Harddisk0\DR0\Partition2 - ok
20:47:07.0665 0x1508 ================ Scan generic autorun ======================
20:47:07.0727 0x1508 [ 7D1B808410A734E427A229B31EAE8891, 36BB31B9119062A53D2AB6CCBFF820D8195776836D84AF7008CE1F18D2519009 ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
20:47:07.0758 0x1508 cAudioFilterAgent - ok
20:47:07.0836 0x1508 [ B055BE4B6D723FBB68D1FC4611C7D332, 2B32189994CF8AB54C9F8575CED866138C1CC26F2FECE78F3E6B5C63EBF2AB14 ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
20:47:07.0852 0x1508 AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
20:47:17.0945 0x1508 AtherosBtStack ( UnsignedFile.Multi.Generic ) - warning
20:47:21.0190 0x1508 [ 6144904300988F59D6775C0A7D200C16, 223247E5718580482D5E5EBDD74938B32C13D12584BEF9C2E9A4173C52CEC2C1 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
20:47:21.0237 0x1508 AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
20:47:23.0982 0x1508 Detect skipped due to KSN trusted
20:47:23.0982 0x1508 AthBtTray - ok
20:47:23.0982 0x1508 Apoint - ok
20:47:24.0029 0x1508 [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
20:47:24.0092 0x1508 Logitech Download Assistant - ok
20:47:24.0310 0x1508 [ F9C48B76DA59CF5FF2ED937B62F5ED39, BABC2638F6C92947C79C918DFD3E605B196672B23745226DFA64F68867B7C257 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
20:47:24.0341 0x1508 AdobeAAMUpdater-1.0 - ok
20:47:24.0419 0x1508 [ C0B97E53A0E39A48EEA2DCD500EEA07A, 111FBD91850E52E61E6A4D8065BF56C9C6B89C55BA6312F726125F1CE4B09EE1 ] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
20:47:24.0450 0x1508 IAStorIcon - ok
20:47:24.0575 0x1508 [ 440699F90786EF6A7722B4417BB0F5C7, 75C8743E944E847541848AE972B90480AD33CA7607ECA9D4FF4C90D442AEC8FB ] C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
20:47:24.0669 0x1508 ISBMgr.exe - ok
20:47:24.0794 0x1508 [ 48B9248CED8A5DE4EB0917CB676CB8D5, E39AF20AE2D8B768C9E6CD060BEB7E24F71B1398472274BA7178AB9ADF8A3248 ] C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
20:47:24.0903 0x1508 PMBVolumeWatcher - ok
20:47:25.0090 0x1508 [ 66177D4C99FD8B578C7C56DE445E4D5D, 003D0254D7C693A72DE84CB76858F8D67D9FD62206F1B56DF7F5D0FA834C3BA7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
20:47:25.0121 0x1508 avgnt - ok
20:47:25.0168 0x1508 [ C26B09276755E0698B31CF0BAE0BF182, A95B567626C0573DF0F136818AA7E487BC4995552E9B7A041437539E49B99473 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:47:25.0184 0x1508 APSDaemon - ok
20:47:25.0308 0x1508 [ 1AA5F0A2E3E65A9F6B35C19A7C9D7762, AB08124D101C4FE8B6D4A6056783D2EAD5C049BE39A3DE772E008CD43E36F443 ] C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe
20:47:25.0340 0x1508 Nikon Message Center 2 - detected UnsignedFile.Multi.Generic ( 1 )
20:47:28.0070 0x1508 Detect skipped due to KSN trusted
20:47:28.0070 0x1508 Nikon Message Center 2 - ok
20:47:28.0210 0x1508 [ C6352C29C56077749CEEDD08680D347D, DF520DA9E9F8D34004E497969FC4AB0D9F057EEE5D8A0BBB91C5EBC983011ABD ] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
20:47:28.0241 0x1508 BambooCore - ok
20:47:28.0304 0x1508 [ 34084D25BE6F48D072AA54DE630438FD, 522C96429FC679C2D07E9254E8D1793FEC018D65CD43D88FE9851CC8CEB61A07 ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:47:28.0319 0x1508 SunJavaUpdateSched - ok
20:47:28.0413 0x1508 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:47:28.0662 0x1508 Sidebar - ok
20:47:28.0694 0x1508 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:47:28.0725 0x1508 mctadmin - ok
20:47:28.0772 0x1508 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:47:28.0803 0x1508 Sidebar - ok
20:47:28.0818 0x1508 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:47:28.0834 0x1508 mctadmin - ok
20:47:28.0896 0x1508 [ FED1E7E085EE23781A61B6153FEAB2E8, 7DA193CADA7B9840D27F9A5D7C180A9AA3C141CC097DD2CE3CB4B70DFFD48ADA ] C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
20:47:28.0912 0x1508 Elbserver - ok
20:47:28.0943 0x1508 [ A76A095006D172C1F3545F4F93B24652, 3925EF68807A5C950BB09DC1862E44D73411892AEE689192D5C81DC6B022DB26 ] C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
20:47:28.0959 0x1508 VRLPHelper - ok
20:47:29.0052 0x1508 [ 1E377D64DACD4E4656C86241CE5A1233, F0AE582DBCF2525F580DA6D441B4F24BAE551CD35C0F2B19B2B0127787F2AE3A ] C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
20:47:29.0130 0x1508 AutoStartNPSAgent - ok
20:47:29.0130 0x1508 Waiting for KSN requests completion. In queue: 16
20:47:30.0144 0x1508 Waiting for KSN requests completion. In queue: 16
20:47:31.0158 0x1508 Waiting for KSN requests completion. In queue: 16
20:47:32.0313 0x1508 AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 15.0.10.414 ), 0x40000 ( disabled : updated )
20:47:32.0360 0x1508 Win FW state via NFP2: enabled
20:47:35.0090 0x1508 ============================================================
20:47:35.0090 0x1508 Scan finished
20:47:35.0090 0x1508 ============================================================
20:47:35.0105 0x1dd4 Detected object count: 1
20:47:35.0105 0x1dd4 Actual detected object count: 1
20:47:45.0526 0x1dd4 AtherosBtStack ( UnsignedFile.Multi.Generic ) - skipped by user
20:47:45.0526 0x1dd4 AtherosBtStack ( UnsignedFile.Multi.Generic ) - User select action: Skip
20:50:30.0986 0x1808 Deinitialize success
|
|
09.06.2015, 10:22
| #9 |
| /// the machine /// TB-Ausbilder | Telekom Abuse-Meldung Bedep hi, Scan mit Combofix
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
11.06.2015, 19:07
| #10 |
| | Telekom Abuse-Meldung Bedep Hallo Schrauber, AVIRA habe ich zwar ausgeschaltet, hat aber dann doch eine Meldung gebracht, dass es einen Zugrifff auf die Registry blockiert hat. Ist das ein Problem? Hier ist das Logfile von Combofix [CODE] Combofix Logfile: Code:
ATTFilter ComboFix 15-06-09.01 - edv 11.06.2015 19:49:24.1.4 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.49.1031.18.8174.6114 [GMT 2:00]
ausgeführt von:: c:\users\Doro\Desktop\ComboFix.exe
AV: Avira Antivirus *Disabled/Updated* {4D041356-F94D-285F-8768-AAE50FA36859}
SP: Avira Antivirus *Disabled/Updated* {F665F2B2-DF77-27D1-BDD8-9197742422E4}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((( Weitere Löschungen ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\edv\AppData\Roaming\Origin
c:\users\edv\AppData\Roaming\Origin\local.xml
c:\users\edv\AppData\Roaming\Origin\local_2fd73f83fdb46b6033ae9c73092d850b.xml
c:\windows\msdownld.tmp
.
.
((((((((((((((((((((((( Dateien erstellt von 2015-05-11 bis 2015-06-11 ))))))))))))))))))))))))))))))
.
.
2015-06-11 17:58 . 2015-06-11 17:58 -------- d-----w- c:\users\Default\AppData\Local\temp
2015-06-11 17:58 . 2015-06-11 17:58 -------- d-----w- c:\users\edv\AppData\Local\temp
2015-06-10 13:23 . 2015-05-25 18:19 1461760 ----a-w- c:\windows\system32\lsasrv.dll
2015-06-09 19:15 . 2015-06-09 19:15 -------- d-----w- c:\users\Doro\AppData\Roaming\java
2015-06-09 15:14 . 2015-05-18 02:57 12214312 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{E12C7810-F763-4678-8E09-D33D0D7F9BC4}\mpengine.dll
2015-06-08 16:12 . 2015-06-08 16:12 -------- d-----w- c:\programdata\Malwarebytes
2015-06-08 16:11 . 2015-06-09 11:31 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2015-06-08 16:11 . 2015-06-08 17:26 136408 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2015-06-08 16:10 . 2015-06-08 18:35 107736 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2015-06-07 08:43 . 2015-06-07 09:08 -------- d-----w- C:\FRST
2015-06-07 08:10 . 2015-06-07 08:10 -------- d-----w- c:\program files (x86)\Common Files\Java
2015-06-07 08:07 . 2015-06-07 08:06 97888 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2015-06-07 08:06 . 2015-06-07 08:10 -------- d-----w- c:\programdata\Oracle
2015-06-07 07:39 . 2015-06-07 08:25 -------- d-----w- c:\programdata\HitmanPro
2015-06-06 05:27 . 2015-06-06 06:08 -------- d-----w- C:\AdwCleaner
2015-06-05 19:12 . 2015-06-06 06:07 -------- d-----w- C:\8b16ce2242485f5693f09a69
2015-06-05 18:51 . 2015-06-05 18:51 -------- d-sh--w- c:\users\edv\AppData\Local\EmieBrowserModeList
2015-05-22 17:16 . 2015-05-22 17:16 18652352 ----a-w- c:\program files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2015-05-13 22:57 . 2015-05-01 13:17 124112 ----a-w- c:\windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 22:57 . 2015-05-01 13:16 102608 ----a-w- c:\windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 19:53 . 2015-04-18 03:10 460800 ----a-w- c:\windows\system32\certcli.dll
2015-05-13 19:53 . 2015-04-18 02:56 342016 ----a-w- c:\windows\SysWow64\certcli.dll
2015-05-13 19:49 . 2015-04-13 03:28 328704 ----a-w- c:\windows\system32\services.exe
.
.
.
(((((((((((((((((((((((((((((((((((( Find3M Bericht ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2015-06-10 14:39 . 2012-12-08 11:26 140135120 ----a-w- c:\windows\system32\MRT.exe
2015-06-10 13:07 . 2013-03-25 12:32 153256 ----a-w- c:\windows\system32\drivers\avgntflt.sys
2015-06-10 13:07 . 2013-03-25 12:32 132656 ----a-w- c:\windows\system32\drivers\avipbb.sys
2015-06-06 05:23 . 2013-03-13 13:12 778416 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2015-06-06 05:23 . 2013-03-13 13:12 142512 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2015-05-25 18:01 . 2015-06-10 13:23 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2015-05-24 18:50 . 2012-12-27 20:59 952 --sha-w- c:\programdata\KGyGaAvL.sys
2015-04-14 01:38 . 2015-04-14 01:38 1217192 ----a-w- c:\windows\SysWow64\FM20.DLL
2015-03-25 03:24 . 2015-04-15 16:36 98304 ----a-w- c:\windows\system32\wudriver.dll
2015-03-25 03:24 . 2015-04-15 16:36 37376 ----a-w- c:\windows\system32\wups2.dll
2015-03-25 03:24 . 2015-04-15 16:36 35328 ----a-w- c:\windows\system32\wups.dll
2015-03-25 03:24 . 2015-04-15 16:36 3298816 ----a-w- c:\windows\system32\wucltux.dll
2015-03-25 03:24 . 2015-04-15 16:36 2553856 ----a-w- c:\windows\system32\wuaueng.dll
2015-03-25 03:24 . 2015-04-15 16:36 191488 ----a-w- c:\windows\system32\wuwebv.dll
2015-03-25 03:24 . 2015-04-15 16:36 696320 ----a-w- c:\windows\system32\wuapi.dll
2015-03-25 03:24 . 2015-04-15 16:36 60416 ----a-w- c:\windows\system32\WinSetupUI.dll
2015-03-25 03:23 . 2015-04-15 16:36 12288 ----a-w- c:\windows\system32\wu.upgrade.ps.dll
2015-03-25 03:23 . 2015-04-15 16:36 36864 ----a-w- c:\windows\system32\wuapp.exe
2015-03-25 03:23 . 2015-04-15 16:36 135168 ----a-w- c:\windows\system32\wuauclt.exe
2015-03-25 03:00 . 2015-04-15 16:36 92672 ----a-w- c:\windows\SysWow64\wudriver.dll
2015-03-25 03:00 . 2015-04-15 16:36 566784 ----a-w- c:\windows\SysWow64\wuapi.dll
2015-03-25 03:00 . 2015-04-15 16:36 29696 ----a-w- c:\windows\SysWow64\wups.dll
2015-03-25 03:00 . 2015-04-15 16:36 173056 ----a-w- c:\windows\SysWow64\wuwebv.dll
2015-03-25 03:00 . 2015-04-15 16:36 33792 ----a-w- c:\windows\SysWow64\wuapp.exe
.
.
(((((((((((((((((((((((((((( Autostartpunkte der Registrierung ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt.
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Elbserver"="c:\program files (x86)\Sony\Media Gallery\ElbServer.exe" [2011-04-02 83344]
"VRLPHelper"="c:\program files (x86)\Sony\Media Gallery\VRLPHelper.exe" [2011-04-02 186768]
"AutoStartNPSAgent"="c:\program files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe" [2010-07-04 95576]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"IAStorIcon"="c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" [2010-09-13 283160]
"ISBMgr.exe"="c:\program files (x86)\Sony\ISB Utility\ISBMgr.exe" [2011-02-15 2757312]
"PMBVolumeWatcher"="c:\program files (x86)\Sony\PMB\PMBVolumeWatcher.exe" [2010-11-26 648032]
"avgnt"="c:\program files (x86)\Avira\AntiVir Desktop\avgnt.exe" [2015-06-10 730416]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2012-11-28 59280]
"Nikon Message Center 2"="c:\program files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe" [2011-10-30 571392]
"BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2012-10-16 646744]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2015-04-30 334896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
Sony MSS.lnk - c:\program files (x86)\Sony\MSS\3.0.271\SSScheduler.exe [2012-3-13 274328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon]
"Userinit"="userinit.exe"
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]
"mixer1"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
@=""
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 Megatech-Software-Protection;Megatech Software Protection;c:\program files (x86)\Megatech\MProtect\MPServ.EXE;c:\program files (x86)\Megatech\MProtect\MPServ.EXE [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\System32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
R3 btath_avdt;Atheros Bluetooth AVDT Service;c:\windows\system32\drivers\btath_avdt.sys;c:\windows\SYSNATIVE\drivers\btath_avdt.sys [x]
R3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\drivers\btath_hcrp.sys;c:\windows\SYSNATIVE\drivers\btath_hcrp.sys [x]
R3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
R3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\drivers\btath_rcp.sys;c:\windows\SYSNATIVE\drivers\btath_rcp.sys [x]
R3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
R3 DCDhcpService;DCDhcpService;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe;c:\program files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [x]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver;c:\windows\system32\DRIVERS\e1y60x64.sys;c:\windows\SYSNATIVE\DRIVERS\e1y60x64.sys [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 McComponentHostServiceSony;McAfee Security Scan Component Host Service for Sony;c:\program files (x86)\Sony\MSS\3.0.271\McCHSvc.exe;c:\program files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 TFsExDisk;TFsExDisk;c:\windows\System32\Drivers\TFsExDisk.sys;c:\windows\SYSNATIVE\Drivers\TFsExDisk.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 VcmINSMgr;VAIO Content Metadata Intelligent Network Service Manager;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe;c:\program files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe [x]
R3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe;c:\program files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe [x]
R3 VCService;VCService;c:\program files\Sony\VAIO Care\VCService.exe;c:\program files\Sony\VAIO Care\VCService.exe [x]
R3 VUAgent;VUAgent;c:\program files\Sony\VAIO Update\VUAgent.exe;c:\program files\Sony\VAIO Update\VUAgent.exe [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 avkmgr;avkmgr;c:\windows\system32\DRIVERS\avkmgr.sys;c:\windows\SYSNATIVE\DRIVERS\avkmgr.sys [x]
S2 AdobeActiveFileMonitor11.0;Adobe Active File Monitor V11;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe;c:\program files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [x]
S2 AntiVirMailService;Avira Email-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avmailc7.exe [x]
S2 AntiVirSchedulerService;Avira Planer;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe;c:\program files (x86)\Avira\AntiVir Desktop\sched.exe [x]
S2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Bluetooth Suite\adminservice.exe [x]
S2 avnetflt;avnetflt;c:\windows\system32\DRIVERS\avnetflt.sys;c:\windows\SYSNATIVE\DRIVERS\avnetflt.sys [x]
S2 DiagTrack;Diagnostics Tracking Service;c:\windows\System32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
S2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe;c:\program files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe [x]
S2 regi;regi;c:\windows\system32\drivers\regi.sys;c:\windows\SYSNATIVE\drivers\regi.sys [x]
S2 SampleCollector;VAIO Care Performance Service;c:\program files\Sony\VAIO Care\VCPerfService.exe;c:\program files\Sony\VAIO Care\VCPerfService.exe [x]
S2 SOHCImp;VAIO Content Importer;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 uCamMonitor;CamMonitor;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe;c:\program files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [x]
S2 UNS;Intel(R) Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [x]
S2 VCFw;VAIO Content Folder Watcher;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe;c:\program files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [x]
S2 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe;c:\program files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe [x]
S2 VSNService;VSNService;c:\program files\Sony\VAIO Smart Network\VSNService.exe;c:\program files\Sony\VAIO Smart Network\VSNService.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S3 ArcSoftKsUFilter;ArcSoft Magic-I Visual Effect;c:\windows\system32\DRIVERS\ArcSoftKsUFilter.sys;c:\windows\SYSNATIVE\DRIVERS\ArcSoftKsUFilter.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\drivers\btath_bus.sys;c:\windows\SYSNATIVE\drivers\btath_bus.sys [x]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 SFEP;Sony Firmware Extension Parser;c:\windows\system32\drivers\SFEP.sys;c:\windows\SYSNATIVE\drivers\SFEP.sys [x]
S3 SOHDs;VAIO Device Searcher;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe;c:\program files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe [x]
S3 SpfService;VAIO Entertainment Common Service;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe;c:\program files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2015-06-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-13 05:23]
.
2014-07-11 c:\windows\Tasks\AdobeAAMUpdater-1.0-edv-VAIO-Doro.job
- c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe [2011-06-16 14:43]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"cAudioFilterAgent"="c:\program files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe" [2011-03-29 518784]
"AtherosBtStack"="c:\program files (x86)\Bluetooth Suite\BtvStack.exe" [2011-04-29 790688]
"AthBtTray"="c:\program files (x86)\Bluetooth Suite\AthBtTray.exe" [2011-04-29 657568]
"Logitech Download Assistant"="c:\windows\System32\LogiLDA.dll" [2012-09-20 1832760]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-06-16 499608]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.de/
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: An OneNote s&enden - c:\progra~2\MICROS~4\Office14\ONBttnIE.dll/105
IE: Nach Microsoft E&xcel exportieren - c:\progra~2\MICROS~4\Office14\EXCEL.EXE/3000
TCP: DhcpNameServer = 192.168.2.1
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKLM-Run-NPSStartup - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-Apoint - c:\program files (x86)\Apoint\Apoint.exe
AddRemove-_{53A908D4-99C6-469B-BC13-F4189F260742} - c:\program files (x86)\Corel\Corel Painter Essentials 4\MSILauncher {53A908D4-99C6-469B-BC13-F4189F260742}
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\SampleCollector]
"ImagePath"="\"c:\program files\Sony\VAIO Care\VCPerfService.exe\" \"/service\" \"/sstates\" \"/sampleinterval=10000\" \"/procinterval=5\" \"/dllinterval=120\" \"/counter=\Processor(_Total)\% Processor Time:1\" \"/counter=\PhysicalDisk(_Total)\Disk Bytes/sec:1\" \"/counter=\Network Interface(*)\Bytes Total/sec:1\" \"/expandcounter=\Processor Information(*)\Processor Frequency:1\" \"&\" \"/expandcounter=\Processor(*)\% Idle Time:1\" \"/expandcounter=\Processor(*)\% C1 Time:1\" \"/expandcounter=\Processor(*)\% C2 Time:1\" \"/expandcounter=\Processor(*)\%C3 & Time:1\" \"/expandcounter=\Processor(*)\% Processor Time:1\" \"/directory=c:\programdata\Sony Corporation\VAIO Care\inteldata\""
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-2530222425-496541977-1974725369-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:75,d1,12,7e,34,97,8f,eb,86,d4,f0,b9,95,01,10,7d,41,81,93,50,15,c5,a2,
87,3b,ab,d5,36,dc,43,32,53,15,4d,e2,cf,a6,1e,9f,3b,dd,88,44,2d,90,3e,68,e0,\
"??"=hex:9f,8a,c9,fa,ca,a5,e6,98,4f,38,ff,15,c4,57,6b,b8
.
[HKEY_USERS\S-1-5-21-2530222425-496541977-1974725369-1001\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
@Allowed: (Read) (RestrictedCode)
"??"=hex:2d,1a,de,42,7c,a2,fd,7c,71,f0,2e,cc,69,2d,6f,f4,59,42,d3,5f,b0,a9,ec,
25,40,83,6f,62,f8,84,16,c6,cf,3f,b2,f9,f6,57,3f,dc,ee,ad,e9,66,0e,0c,bc,59,\
"??"=hex:77,fc,75,1d,5b,b6,55,94,f1,3f,18,6e,39,25,65,c8
.
[HKEY_USERS\S-1-5-21-2530222425-496541977-1974725369-1001\Software\SecuROM\License information*]
@Allowed: (Read) (RestrictedCode)
"datasecu"=hex:5a,a9,4c,76,57,86,64,0a,5e,f4,72,c4,7b,c0,66,45,e1,df,68,74,94,
1a,77,83,95,3b,f3,a3,9e,f3,fe,d2,1d,c1,47,9d,ae,53,f9,65,e8,de,84,a2,e8,4a,\
"rkeysecu"=hex:cb,bd,f2,61,5a,4e,c6,95,f2,29,8b,82,ba,6b,3d,44
.
[HKEY_USERS\S-1-5-21-2530222425-496541977-1974725369-1001_Classes\CLSID]
@DACL=(02 0000)
.
[HKEY_USERS\S-1-5-21-2530222425-496541977-1974725369-1001_Classes\CLSID\{BF16CF00-728C-4FC9-98E5-D0B35B384597}]
@DACL=(02 0000)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_17_0_0_188_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.17"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_17_0_0_188.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2015-06-11 20:00:53
ComboFix-quarantined-files.txt 2015-06-11 18:00
.
Vor Suchlauf: 21 Verzeichnis(se), 505.476.685.824 Bytes frei
Nach Suchlauf: 27 Verzeichnis(se), 516.528.361.472 Bytes frei
.
- - End Of File - - 3BB0FED4BF6EBF43BB09A7F4FF3EC919
|
|
12.06.2015, 17:00
| #11 |
| /// the machine /// TB-Ausbilder | Telekom Abuse-Meldung Bedep Downloade Dir bitte  Malwarebytes Anti-Malware
Downloade Dir bitte  AdwCleaner auf deinen Desktop.
Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
und ein frisches FRST log bitte.
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
12.06.2015, 20:16
| #12 |
| | Telekom Abuse-Meldung Bedep Hallo Schrauber, hier kommt die mbam.txt Code:
ATTFilter Malwarebytes Anti-Malware www.malwarebytes.org Suchlauf Datum: 12.06.2015 Suchlauf-Zeit: 19:41:59 Logdatei: mbam.txt Administrator: Ja Version: 2.01.6.1022 Malware Datenbank: v2015.06.12.05 Rootkit Datenbank: v2015.06.02.01 Lizenz: Testversion Malware Schutz: Aktiviert Bösartiger Webseiten Schutz: Aktiviert Selbstschutz: Deaktiviert Betriebssystem: Windows 7 Service Pack 1 CPU: x64 Dateisystem: NTFS Benutzer: edv Suchlauf-Art: Bedrohungs-Suchlauf Ergebnis: Abgeschlossen Durchsuchte Objekte: 437880 Verstrichene Zeit: 45 Min, 30 Sek Speicher: Aktiviert Autostart: Aktiviert Dateisystem: Aktiviert Archive: Aktiviert Rootkits: Deaktiviert Heuristik: Aktiviert PUP: Aktiviert PUM: Aktiviert Prozesse: 0 (Keine schädliche Elemente gefunden) Module: 0 (Keine schädliche Elemente gefunden) Registrierungsschlüssel: 0 (Keine schädliche Elemente gefunden) Registrierungswerte: 0 (Keine schädliche Elemente gefunden) Registrierungsdaten: 0 (Keine schädliche Elemente gefunden) Ordner: 0 (Keine schädliche Elemente gefunden) Dateien: 0 (Keine schädliche Elemente gefunden) Physische Sektoren: 0 (Keine schädliche Elemente gefunden) (end) AdwCleaner Logfile: Code:
ATTFilter # AdwCleaner v4.206 - Bericht erstellt 12/06/2015 um 20:36:52
# Aktualisiert 01/06/2015 von Xplode
# Datenbank : 2015-06-09.1 [Server]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (x64)
# Benutzername : edv - EDV-VAIO
# Gestarted von : C:\Users\edv\Desktop\AdwCleaner_4.206.exe
# Option : Suchlauf
***** [ Dienste ] *****
***** [ Dateien / Ordner ] *****
***** [ Geplante Tasks ] *****
***** [ Verknüpfungen ] *****
***** [ Registrierungsdatenbank ] *****
***** [ Internetbrowser ] *****
-\\ Internet Explorer v11.0.9600.17840
*************************
AdwCleaner[R0].txt - [2584 Bytes] - [06/06/2015 07:27:11]
AdwCleaner[R1].txt - [864 Bytes] - [12/06/2015 20:35:15]
AdwCleaner[R2].txt - [727 Bytes] - [12/06/2015 20:36:52]
AdwCleaner[S0].txt - [2588 Bytes] - [06/06/2015 08:07:18]
########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [844 Bytes] ##########
[/CODE] und auch JRT hat keine Bedrohung mehr entdeckt. Code:
ATTFilter ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.9.1 (06.08.2015:1)
OS: Windows 7 Home Premium x64
Ran by edv on 12.06.2015 at 20:41:10,41
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\Program Files (x86)\myfree codec
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.06.2015 at 20:43:26,30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Viele Grüße Armin und jetzt noch die FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015
Ran by edv (administrator) on EDV-VAIO on 12-06-2015 21:08:37
Running from C:\Users\edv\Desktop
Loaded Profiles: edv (Available Profiles: edv & Doro)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [83344 2011-04-02] (Sony Corporation)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Run: [VRLPHelper] => C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [186768 2011-04-02] (Sony Corporation)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sony MSS.lnk [2013-10-03]
ShortcutTarget: Sony MSS.lnk -> C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe (McAfee, Inc.)
GroupPolicyUsers\S-1-5-21-2530222425-496541977-1974725369-1001\User: Group Policy Restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> DefaultScope {EAC08BFF-D954-4947-8611-54AF6BA6F353} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> {084EDD55-2778-4146-BBD8-5A71FAED0F71} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> {A6D487EE-965A-49EF-A45B-33BE5ED01C2E} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> {EAC08BFF-D954-4947-8611-54AF6BA6F353} URL = https://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll [2013-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll [2013-06-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-05-12] (NVIDIA Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2530222425-496541977-1974725369-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.)
R2 Megatech-Software-Protection; C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE [36864 2007-12-12] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
U2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [File not signed]
S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-12] (Avira Operations GmbH & Co. KG)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-12 21:08 - 2015-06-12 21:10 - 00018394 _____ C:\Users\edv\Desktop\FRST.txt
2015-06-12 21:07 - 2015-06-12 21:07 - 00000000 ___RD C:\Users\edv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-06-12 21:05 - 2015-06-12 21:05 - 00005914 _____ C:\Windows\DPINST.LOG
2015-06-12 21:04 - 2015-06-12 21:04 - 20621696 _____ (Sony Corporation) C:\Users\edv\Downloads\EP0000260372.exe
2015-06-12 20:41 - 2015-06-12 20:41 - 00000207 _____ C:\Windows\tweaking.com-regbackup-EDV-VAIO-Windows-7-Home-Premium-(64-bit).dat
2015-06-12 20:41 - 2015-06-12 20:41 - 00000000 ____D C:\RegBackup
2015-06-12 15:02 - 2015-06-12 15:02 - 00000000 ___RD C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-06-11 20:56 - 2015-06-11 21:06 - 00000000 ____D C:\ComboFix
2015-06-11 19:47 - 2015-06-11 21:06 - 00000000 ____D C:\Qoobox
2015-06-11 19:47 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-11 19:47 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-11 19:47 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-11 19:46 - 2015-06-11 19:59 - 00000000 ____D C:\Windows\erdnt
2015-06-10 15:24 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 15:24 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 15:24 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 15:24 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 15:24 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 15:24 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 15:24 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 15:24 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 15:24 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 15:24 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 15:24 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 15:24 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 15:24 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 15:24 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 15:24 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 15:24 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 15:23 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 15:23 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 15:23 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 15:23 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 15:23 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 15:23 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 15:23 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 15:23 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 15:23 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 15:23 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 15:23 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 15:23 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 15:23 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 15:23 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 15:23 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 15:23 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 15:23 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 15:23 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 15:23 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 15:23 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 15:23 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 15:23 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 15:23 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:23 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 15:23 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 15:23 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 15:22 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 15:22 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 15:22 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 15:22 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 15:22 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 15:22 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 15:22 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 15:22 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 15:22 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 15:22 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 15:22 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 15:22 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 15:22 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 15:22 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 15:22 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 15:22 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 15:22 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 15:22 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 15:22 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 15:22 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 15:22 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 15:22 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 15:22 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 15:22 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 15:22 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 15:22 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 15:22 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 15:22 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 15:22 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 15:22 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 15:22 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 15:22 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 15:22 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 15:22 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 15:22 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 15:22 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 15:22 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 15:22 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 15:22 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 15:22 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 15:22 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 15:22 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 15:22 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 15:22 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 15:22 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 15:22 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 15:22 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 15:22 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 15:22 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 15:22 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 15:22 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 15:22 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 15:22 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 15:22 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 15:22 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 15:22 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 15:22 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 15:22 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 15:22 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 15:22 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 15:09 - 2015-06-10 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-09 21:15 - 2015-06-09 21:15 - 00000000 ____D C:\Users\Doro\AppData\Roaming\java
2015-06-08 18:12 - 2015-06-12 19:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-08 18:11 - 2015-06-09 13:31 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-07 13:58 - 2015-06-07 13:58 - 00000000 ____D C:\Users\Doro\AppData\Local\{4B877244-C3BE-4EEE-BA31-CB9D1FC44E3F}
2015-06-07 12:07 - 2015-06-07 12:07 - 00047168 _____ C:\Users\edv\Downloads\GMER 07062015 1207.log
2015-06-07 11:45 - 2015-06-07 11:45 - 00380416 _____ C:\Users\edv\Downloads\Gmer-19357.exe
2015-06-07 11:07 - 2015-06-07 11:08 - 00056039 _____ C:\Users\edv\Downloads\FRST.txt
2015-06-07 11:07 - 2015-06-07 11:08 - 00053329 _____ C:\Users\edv\Downloads\Addition.txt
2015-06-07 11:06 - 2015-06-07 11:06 - 02108928 _____ (Farbar) C:\Users\edv\Desktop\FRST64.exe
2015-06-07 10:44 - 2015-06-07 10:44 - 00047855 _____ C:\Users\Doro\Downloads\Addition.txt
2015-06-07 10:43 - 2015-06-12 21:08 - 00000000 ____D C:\FRST
2015-06-07 10:43 - 2015-06-07 10:49 - 00057233 _____ C:\Users\Doro\Downloads\FRST.txt
2015-06-07 10:43 - 2015-06-07 10:43 - 02108928 _____ (Farbar) C:\Users\Doro\Downloads\FRST64.exe
2015-06-07 10:25 - 2015-06-07 10:25 - 00002182 _____ C:\Windows\system32\.crusader
2015-06-07 10:07 - 2015-06-07 10:06 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-07 10:06 - 2015-06-07 10:10 - 00000000 ____D C:\ProgramData\Oracle
2015-06-07 10:06 - 2015-06-07 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-07 10:03 - 2015-06-07 10:05 - 37328992 _____ (Oracle Corporation) C:\Users\Doro\Downloads\jre-8u45-windows-i586.exe
2015-06-07 09:56 - 2015-06-07 09:56 - 00007448 _____ C:\Users\edv\Downloads\HitmanPro_20150607_0956.log
2015-06-07 09:39 - 2015-06-07 10:25 - 00000000 ____D C:\ProgramData\HitmanPro
2015-06-07 09:38 - 2015-06-07 09:39 - 11024496 _____ (SurfRight B.V.) C:\Users\Doro\Downloads\hitmanpro_x64.exe
2015-06-06 14:17 - 2015-06-06 14:17 - 00000000 ____D C:\Users\Doro\AppData\Local\{36E1CA0F-C2DF-4928-8771-42F945B0094D}
2015-06-06 07:27 - 2015-06-12 20:37 - 00000000 ____D C:\AdwCleaner
2015-06-06 07:26 - 2015-06-06 07:27 - 02231296 _____ C:\Users\edv\Downloads\adwcleaner_4.206.exe
2015-06-05 21:12 - 2015-06-06 08:07 - 00000000 ____D C:\8b16ce2242485f5693f09a69
2015-06-05 21:11 - 2015-06-05 21:12 - 51789024 _____ (Microsoft Corporation) C:\Users\Doro\Downloads\Windows-KB890830-x64-V5.24.exe
2015-06-05 20:51 - 2015-06-12 19:39 - 00000000 __SHD C:\Users\edv\AppData\Local\EmieBrowserModeList
2015-06-05 18:26 - 2015-06-05 18:26 - 02209056 _____ C:\Users\Doro\Downloads\avira-eu-cleaner_de.exe
2015-06-04 21:37 - 2015-06-04 21:38 - 00000000 ____D C:\Users\Doro\AppData\Local\{4022981E-5180-4166-8206-1F74C75AB632}
2015-06-01 14:51 - 2015-06-01 14:51 - 00001395 _____ C:\Users\edv\Desktop\Ultima 8.lnk
2015-06-01 14:51 - 2015-06-01 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima 8
2015-06-01 11:41 - 2015-06-01 11:43 - 00000000 ____D C:\Users\Doro\Documents\Berufe
2015-05-14 00:57 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 00:57 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 21:53 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 21:53 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 21:49 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 21:48 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 21:48 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 21:48 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 21:48 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 21:48 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 21:48 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 21:48 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 21:48 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 21:48 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 21:48 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 21:48 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 21:48 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 21:48 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 21:48 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 21:48 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 21:48 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 21:48 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-12 21:07 - 2012-02-05 13:03 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-12 21:06 - 2014-03-23 09:49 - 00047171 _____ C:\Windows\setupact.log
2015-06-12 21:06 - 2014-03-22 14:22 - 01808633 _____ C:\Windows\WindowsUpdate.log
2015-06-12 21:06 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-12 21:06 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-12 20:57 - 2012-02-05 21:44 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-06-12 20:57 - 2012-02-05 21:44 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-06-12 20:57 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-12 20:54 - 2012-09-12 17:12 - 00000000 ____D C:\Users\edv\Documents\Bluetooth Folder
2015-06-12 20:45 - 2014-03-23 09:48 - 00223854 _____ C:\Windows\PFRO.log
2015-06-12 19:39 - 2014-04-24 08:28 - 00000000 __SHD C:\Users\edv\AppData\Local\EmieUserList
2015-06-12 19:39 - 2014-04-24 08:28 - 00000000 __SHD C:\Users\edv\AppData\Local\EmieSiteList
2015-06-12 15:04 - 2013-09-02 19:58 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-11 21:05 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-06-11 21:03 - 2013-06-16 13:46 - 00000000 ____D C:\Users\Doro\wiederherstellung
2015-06-11 20:00 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-11 20:00 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-06-11 15:38 - 2013-11-18 16:01 - 00000000 ____D C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-06-10 19:35 - 2014-11-13 20:40 - 00000000 __SHD C:\Users\Doro\AppData\Local\EmieBrowserModeList
2015-06-10 19:35 - 2014-04-19 14:18 - 00000000 __SHD C:\Users\Doro\AppData\Local\EmieUserList
2015-06-10 19:35 - 2014-04-19 14:18 - 00000000 __SHD C:\Users\Doro\AppData\Local\EmieSiteList
2015-06-10 18:36 - 2009-07-14 06:45 - 00535256 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 18:33 - 2015-04-16 14:44 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 18:33 - 2014-04-30 23:38 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 16:47 - 2012-12-08 14:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 16:39 - 2013-08-04 13:42 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 16:39 - 2012-12-08 13:26 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 16:38 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-06-10 16:12 - 2012-12-26 01:00 - 00000000 ____D C:\Users\Doro\AppData\Roaming\Skype
2015-06-10 15:07 - 2013-03-25 14:32 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-10 15:07 - 2013-03-25 14:32 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-09 21:15 - 2012-12-31 20:16 - 00000000 ____D C:\Users\Doro\AppData\Roaming\.minecraft
2015-06-09 21:05 - 2014-07-31 20:10 - 00000000 ____D C:\Users\Doro\Documents\Wichtig
2015-06-09 21:05 - 2013-06-16 14:06 - 00000000 ____D C:\Users\Doro\Documents\Schule
2015-06-09 19:25 - 2013-02-06 20:12 - 00000000 ____D C:\Users\Doro\AppData\Local\CrashDumps
2015-06-09 17:52 - 2013-08-06 14:16 - 00000000 ____D C:\Users\Doro\Documents\Outlook-Dateien
2015-06-08 21:19 - 2014-07-31 20:10 - 00000000 ____D C:\Users\Doro\Documents\Shit
2015-06-08 21:19 - 2014-07-31 20:09 - 00000000 ____D C:\Users\Doro\Documents\Exel
2015-06-08 20:03 - 2013-06-16 14:00 - 00000000 ____D C:\Users\Doro\Documents\samsung
2015-06-08 18:10 - 2013-06-15 20:56 - 00000000 ____D C:\Users\edv\AppData\Roaming\Samsung
2015-06-08 18:10 - 2013-06-15 20:56 - 00000000 ____D C:\Users\edv\AppData\Local\Samsung
2015-06-08 18:10 - 2013-06-15 19:25 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-06-08 18:09 - 2013-06-15 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-06-08 18:09 - 2013-06-15 19:25 - 00000000 ____D C:\ProgramData\Samsung
2015-06-08 18:06 - 2012-09-12 17:09 - 00000000 ____D C:\Users\edv
2015-06-07 10:05 - 2012-02-05 13:06 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-06 14:22 - 2014-06-09 13:18 - 00000000 ____D C:\Users\Doro\AppData\Local\Windows Live
2015-06-06 10:24 - 2014-08-04 13:20 - 00000000 ____D C:\Users\Doro\Documents\Bluetooth Folder
2015-06-06 07:23 - 2013-06-15 22:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-06 07:23 - 2013-03-13 15:12 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-06 07:23 - 2013-03-13 15:12 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-06 07:23 - 2013-02-23 16:54 - 00000000 ____D C:\Users\edv\AppData\Local\Adobe
2015-06-06 07:20 - 2013-06-16 11:52 - 00000000 ____D C:\Users\edv\AppData\Local\CrashDumps
2015-06-05 13:36 - 2012-12-08 12:52 - 00000000 ____D C:\Users\edv\AppData\Roaming\Avira
2015-06-04 21:06 - 2013-09-26 16:37 - 00000000 ____D C:\Users\Doro\Documents\Storys
2015-06-01 16:27 - 2014-03-22 14:37 - 00000000 ____D C:\Users\Doro\AppData\Local\Origin
2015-06-01 14:51 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-01 14:50 - 2015-04-06 15:43 - 00001266 _____ C:\Users\edv\Desktop\Die Sims 4.lnk
2015-06-01 14:50 - 2014-03-22 14:35 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-06-01 14:34 - 2014-03-22 14:26 - 00000000 ____D C:\ProgramData\Origin
2015-05-27 09:26 - 2014-07-11 16:31 - 00001261 _____ C:\Users\Doro\Desktop\Corel Painter Essentials 4.lnk
2015-05-24 20:50 - 2012-12-27 22:59 - 00000952 ___SH C:\ProgramData\KGyGaAvL.sys
2015-05-22 17:28 - 2015-04-06 22:03 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-22 17:28 - 2015-04-06 22:03 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-16 16:45 - 2015-02-20 09:05 - 00000000 ____D C:\ProgramData\TEMP
2015-05-15 13:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-05-14 07:32 - 2011-12-28 21:21 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 07:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 00:57 - 2013-03-13 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 00:56 - 2013-03-13 16:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 00:56 - 2013-03-13 16:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 07:14 - 2012-12-24 20:22 - 00000000 ____D C:\Users\Doro\AppData\Roaming\Atheros
==================== Files in the root of some directories =======
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\Sounds
2014-05-29 15:42 - 2014-05-29 15:42 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\Soundtrack
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\Space Choir
2014-05-29 15:37 - 2014-05-29 15:37 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\String Comparison
2012-12-27 22:59 - 2015-05-24 20:50 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2013-06-15 22:29 - 2013-06-15 22:38 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2014-05-29 15:37 - 2014-05-29 15:37 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-05-29 15:42 - 2014-05-29 15:42 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-05-29 15:41 - 2014-05-29 15:45 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-05-29 15:41 - 2014-05-29 15:41 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\ProgramData\Specifications
2014-05-29 15:42 - 2014-05-29 15:42 - 0000268 ___RH () C:\ProgramData\Speech Enhancer
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\ProgramData\Sports
2014-05-29 15:37 - 2014-05-29 15:41 - 0000012 ___RH () C:\ProgramData\SupportPrinters
2014-05-29 15:42 - 2014-05-29 15:42 - 0000012 ___RH () C:\ProgramData\Sync Services
2014-05-29 15:41 - 2014-05-29 15:41 - 0000012 ___RH () C:\ProgramData\Synth Leads
2014-05-29 15:37 - 2014-05-29 15:37 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
Some files in TEMP:
====================
C:\Users\Doro\AppData\Local\temp\avgnt.exe
C:\Users\edv\AppData\Local\temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2013-07-13 20:25
==================== End of log ============================
|
|
12.06.2015, 20:17
| #13 |
| | Telekom Abuse-Meldung Bedep und jetzt noch die neue FRST.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-06-2015
Ran by edv (administrator) on EDV-VAIO on 12-06-2015 21:08:37
Running from C:\Users\edv\Desktop
Loaded Profiles: edv (Available Profiles: edv & Doro)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
(Samsung Electronics Co., Ltd.) C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [83344 2011-04-02] (Sony Corporation)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Run: [VRLPHelper] => C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [186768 2011-04-02] (Sony Corporation)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Run: [AutoStartNPSAgent] => C:\Program Files (x86)\Samsung\Samsung New PC Studio\NPSAgent.exe [95576 2010-07-04] (Samsung Electronics Co., Ltd.)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sony MSS.lnk [2013-10-03]
ShortcutTarget: Sony MSS.lnk -> C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe (McAfee, Inc.)
GroupPolicyUsers\S-1-5-21-2530222425-496541977-1974725369-1001\User: Group Policy Restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> DefaultScope {EAC08BFF-D954-4947-8611-54AF6BA6F353} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> {084EDD55-2778-4146-BBD8-5A71FAED0F71} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> {A6D487EE-965A-49EF-A45B-33BE5ED01C2E} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> {EAC08BFF-D954-4947-8611-54AF6BA6F353} URL = https://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll [2011-03-01] (Microsoft Corporation.)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll [2013-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll [2013-06-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-05-12] (NVIDIA Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2530222425-496541977-1974725369-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.)
R2 Megatech-Software-Protection; C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE [36864 2007-12-12] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
U2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [File not signed]
S2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-12] (Avira Operations GmbH & Co. KG)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-12 21:08 - 2015-06-12 21:10 - 00018394 _____ C:\Users\edv\Desktop\FRST.txt
2015-06-12 21:07 - 2015-06-12 21:07 - 00000000 ___RD C:\Users\edv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-06-12 21:05 - 2015-06-12 21:05 - 00005914 _____ C:\Windows\DPINST.LOG
2015-06-12 21:04 - 2015-06-12 21:04 - 20621696 _____ (Sony Corporation) C:\Users\edv\Downloads\EP0000260372.exe
2015-06-12 20:41 - 2015-06-12 20:41 - 00000207 _____ C:\Windows\tweaking.com-regbackup-EDV-VAIO-Windows-7-Home-Premium-(64-bit).dat
2015-06-12 20:41 - 2015-06-12 20:41 - 00000000 ____D C:\RegBackup
2015-06-12 15:02 - 2015-06-12 15:02 - 00000000 ___RD C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-06-11 20:56 - 2015-06-11 21:06 - 00000000 ____D C:\ComboFix
2015-06-11 19:47 - 2015-06-11 21:06 - 00000000 ____D C:\Qoobox
2015-06-11 19:47 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-11 19:47 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-11 19:47 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-11 19:46 - 2015-06-11 19:59 - 00000000 ____D C:\Windows\erdnt
2015-06-10 15:24 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 15:24 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 15:24 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 15:24 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 15:24 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 15:24 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 15:24 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 15:24 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 15:24 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 15:24 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 15:24 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 15:24 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 15:24 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 15:24 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 15:24 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 15:24 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 15:23 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 15:23 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 15:23 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 15:23 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 15:23 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 15:23 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 15:23 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 15:23 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 15:23 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 15:23 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 15:23 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 15:23 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 15:23 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 15:23 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 15:23 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 15:23 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 15:23 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 15:23 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 15:23 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 15:23 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 15:23 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 15:23 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 15:23 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:23 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 15:23 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 15:23 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 15:22 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 15:22 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 15:22 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 15:22 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 15:22 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 15:22 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 15:22 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 15:22 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 15:22 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 15:22 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 15:22 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 15:22 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 15:22 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 15:22 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 15:22 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 15:22 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 15:22 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 15:22 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 15:22 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 15:22 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 15:22 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 15:22 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 15:22 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 15:22 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 15:22 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 15:22 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 15:22 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 15:22 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 15:22 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 15:22 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 15:22 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 15:22 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 15:22 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 15:22 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 15:22 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 15:22 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 15:22 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 15:22 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 15:22 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 15:22 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 15:22 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 15:22 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 15:22 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 15:22 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 15:22 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 15:22 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 15:22 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 15:22 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 15:22 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 15:22 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 15:22 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 15:22 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 15:22 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 15:22 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 15:22 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 15:22 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 15:22 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 15:22 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 15:22 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 15:22 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 15:09 - 2015-06-10 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-09 21:15 - 2015-06-09 21:15 - 00000000 ____D C:\Users\Doro\AppData\Roaming\java
2015-06-08 18:12 - 2015-06-12 19:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-08 18:11 - 2015-06-09 13:31 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-07 13:58 - 2015-06-07 13:58 - 00000000 ____D C:\Users\Doro\AppData\Local\{4B877244-C3BE-4EEE-BA31-CB9D1FC44E3F}
2015-06-07 12:07 - 2015-06-07 12:07 - 00047168 _____ C:\Users\edv\Downloads\GMER 07062015 1207.log
2015-06-07 11:45 - 2015-06-07 11:45 - 00380416 _____ C:\Users\edv\Downloads\Gmer-19357.exe
2015-06-07 11:07 - 2015-06-07 11:08 - 00056039 _____ C:\Users\edv\Downloads\FRST.txt
2015-06-07 11:07 - 2015-06-07 11:08 - 00053329 _____ C:\Users\edv\Downloads\Addition.txt
2015-06-07 11:06 - 2015-06-07 11:06 - 02108928 _____ (Farbar) C:\Users\edv\Desktop\FRST64.exe
2015-06-07 10:44 - 2015-06-07 10:44 - 00047855 _____ C:\Users\Doro\Downloads\Addition.txt
2015-06-07 10:43 - 2015-06-12 21:08 - 00000000 ____D C:\FRST
2015-06-07 10:43 - 2015-06-07 10:49 - 00057233 _____ C:\Users\Doro\Downloads\FRST.txt
2015-06-07 10:43 - 2015-06-07 10:43 - 02108928 _____ (Farbar) C:\Users\Doro\Downloads\FRST64.exe
2015-06-07 10:25 - 2015-06-07 10:25 - 00002182 _____ C:\Windows\system32\.crusader
2015-06-07 10:07 - 2015-06-07 10:06 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-07 10:06 - 2015-06-07 10:10 - 00000000 ____D C:\ProgramData\Oracle
2015-06-07 10:06 - 2015-06-07 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-07 10:03 - 2015-06-07 10:05 - 37328992 _____ (Oracle Corporation) C:\Users\Doro\Downloads\jre-8u45-windows-i586.exe
2015-06-07 09:56 - 2015-06-07 09:56 - 00007448 _____ C:\Users\edv\Downloads\HitmanPro_20150607_0956.log
2015-06-07 09:39 - 2015-06-07 10:25 - 00000000 ____D C:\ProgramData\HitmanPro
2015-06-07 09:38 - 2015-06-07 09:39 - 11024496 _____ (SurfRight B.V.) C:\Users\Doro\Downloads\hitmanpro_x64.exe
2015-06-06 14:17 - 2015-06-06 14:17 - 00000000 ____D C:\Users\Doro\AppData\Local\{36E1CA0F-C2DF-4928-8771-42F945B0094D}
2015-06-06 07:27 - 2015-06-12 20:37 - 00000000 ____D C:\AdwCleaner
2015-06-06 07:26 - 2015-06-06 07:27 - 02231296 _____ C:\Users\edv\Downloads\adwcleaner_4.206.exe
2015-06-05 21:12 - 2015-06-06 08:07 - 00000000 ____D C:\8b16ce2242485f5693f09a69
2015-06-05 21:11 - 2015-06-05 21:12 - 51789024 _____ (Microsoft Corporation) C:\Users\Doro\Downloads\Windows-KB890830-x64-V5.24.exe
2015-06-05 20:51 - 2015-06-12 19:39 - 00000000 __SHD C:\Users\edv\AppData\Local\EmieBrowserModeList
2015-06-05 18:26 - 2015-06-05 18:26 - 02209056 _____ C:\Users\Doro\Downloads\avira-eu-cleaner_de.exe
2015-06-04 21:37 - 2015-06-04 21:38 - 00000000 ____D C:\Users\Doro\AppData\Local\{4022981E-5180-4166-8206-1F74C75AB632}
2015-06-01 14:51 - 2015-06-01 14:51 - 00001395 _____ C:\Users\edv\Desktop\Ultima 8.lnk
2015-06-01 14:51 - 2015-06-01 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima 8
2015-06-01 11:41 - 2015-06-01 11:43 - 00000000 ____D C:\Users\Doro\Documents\Berufe
2015-05-14 00:57 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 00:57 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 21:53 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 21:53 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 21:49 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 21:48 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 21:48 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 21:48 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 21:48 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 21:48 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 21:48 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 21:48 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 21:48 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 21:48 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 21:48 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 21:48 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 21:48 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 21:48 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 21:48 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 21:48 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 21:48 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 21:48 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-12 21:07 - 2012-02-05 13:03 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-12 21:06 - 2014-03-23 09:49 - 00047171 _____ C:\Windows\setupact.log
2015-06-12 21:06 - 2014-03-22 14:22 - 01808633 _____ C:\Windows\WindowsUpdate.log
2015-06-12 21:06 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-12 21:06 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-12 20:57 - 2012-02-05 21:44 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-06-12 20:57 - 2012-02-05 21:44 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-06-12 20:57 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-12 20:54 - 2012-09-12 17:12 - 00000000 ____D C:\Users\edv\Documents\Bluetooth Folder
2015-06-12 20:45 - 2014-03-23 09:48 - 00223854 _____ C:\Windows\PFRO.log
2015-06-12 19:39 - 2014-04-24 08:28 - 00000000 __SHD C:\Users\edv\AppData\Local\EmieUserList
2015-06-12 19:39 - 2014-04-24 08:28 - 00000000 __SHD C:\Users\edv\AppData\Local\EmieSiteList
2015-06-12 15:04 - 2013-09-02 19:58 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-11 21:05 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-06-11 21:03 - 2013-06-16 13:46 - 00000000 ____D C:\Users\Doro\wiederherstellung
2015-06-11 20:00 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-11 20:00 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-06-11 15:38 - 2013-11-18 16:01 - 00000000 ____D C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-06-10 19:35 - 2014-11-13 20:40 - 00000000 __SHD C:\Users\Doro\AppData\Local\EmieBrowserModeList
2015-06-10 19:35 - 2014-04-19 14:18 - 00000000 __SHD C:\Users\Doro\AppData\Local\EmieUserList
2015-06-10 19:35 - 2014-04-19 14:18 - 00000000 __SHD C:\Users\Doro\AppData\Local\EmieSiteList
2015-06-10 18:36 - 2009-07-14 06:45 - 00535256 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-10 18:33 - 2015-04-16 14:44 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 18:33 - 2014-04-30 23:38 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 16:47 - 2012-12-08 14:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 16:39 - 2013-08-04 13:42 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 16:39 - 2012-12-08 13:26 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 16:38 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-06-10 16:12 - 2012-12-26 01:00 - 00000000 ____D C:\Users\Doro\AppData\Roaming\Skype
2015-06-10 15:07 - 2013-03-25 14:32 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-10 15:07 - 2013-03-25 14:32 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-09 21:15 - 2012-12-31 20:16 - 00000000 ____D C:\Users\Doro\AppData\Roaming\.minecraft
2015-06-09 21:05 - 2014-07-31 20:10 - 00000000 ____D C:\Users\Doro\Documents\Wichtig
2015-06-09 21:05 - 2013-06-16 14:06 - 00000000 ____D C:\Users\Doro\Documents\Schule
2015-06-09 19:25 - 2013-02-06 20:12 - 00000000 ____D C:\Users\Doro\AppData\Local\CrashDumps
2015-06-09 17:52 - 2013-08-06 14:16 - 00000000 ____D C:\Users\Doro\Documents\Outlook-Dateien
2015-06-08 21:19 - 2014-07-31 20:10 - 00000000 ____D C:\Users\Doro\Documents\Shit
2015-06-08 21:19 - 2014-07-31 20:09 - 00000000 ____D C:\Users\Doro\Documents\Exel
2015-06-08 20:03 - 2013-06-16 14:00 - 00000000 ____D C:\Users\Doro\Documents\samsung
2015-06-08 18:10 - 2013-06-15 20:56 - 00000000 ____D C:\Users\edv\AppData\Roaming\Samsung
2015-06-08 18:10 - 2013-06-15 20:56 - 00000000 ____D C:\Users\edv\AppData\Local\Samsung
2015-06-08 18:10 - 2013-06-15 19:25 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-06-08 18:09 - 2013-06-15 19:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2015-06-08 18:09 - 2013-06-15 19:25 - 00000000 ____D C:\ProgramData\Samsung
2015-06-08 18:06 - 2012-09-12 17:09 - 00000000 ____D C:\Users\edv
2015-06-07 10:05 - 2012-02-05 13:06 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-06 14:22 - 2014-06-09 13:18 - 00000000 ____D C:\Users\Doro\AppData\Local\Windows Live
2015-06-06 10:24 - 2014-08-04 13:20 - 00000000 ____D C:\Users\Doro\Documents\Bluetooth Folder
2015-06-06 07:23 - 2013-06-15 22:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-06 07:23 - 2013-03-13 15:12 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-06 07:23 - 2013-03-13 15:12 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-06 07:23 - 2013-02-23 16:54 - 00000000 ____D C:\Users\edv\AppData\Local\Adobe
2015-06-06 07:20 - 2013-06-16 11:52 - 00000000 ____D C:\Users\edv\AppData\Local\CrashDumps
2015-06-05 13:36 - 2012-12-08 12:52 - 00000000 ____D C:\Users\edv\AppData\Roaming\Avira
2015-06-04 21:06 - 2013-09-26 16:37 - 00000000 ____D C:\Users\Doro\Documents\Storys
2015-06-01 16:27 - 2014-03-22 14:37 - 00000000 ____D C:\Users\Doro\AppData\Local\Origin
2015-06-01 14:51 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-01 14:50 - 2015-04-06 15:43 - 00001266 _____ C:\Users\edv\Desktop\Die Sims 4.lnk
2015-06-01 14:50 - 2014-03-22 14:35 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-06-01 14:34 - 2014-03-22 14:26 - 00000000 ____D C:\ProgramData\Origin
2015-05-27 09:26 - 2014-07-11 16:31 - 00001261 _____ C:\Users\Doro\Desktop\Corel Painter Essentials 4.lnk
2015-05-24 20:50 - 2012-12-27 22:59 - 00000952 ___SH C:\ProgramData\KGyGaAvL.sys
2015-05-22 17:28 - 2015-04-06 22:03 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-22 17:28 - 2015-04-06 22:03 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-16 16:45 - 2015-02-20 09:05 - 00000000 ____D C:\ProgramData\TEMP
2015-05-15 13:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-05-14 07:32 - 2011-12-28 21:21 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 07:32 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 00:57 - 2013-03-13 16:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-14 00:56 - 2013-03-13 16:05 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 00:56 - 2013-03-13 16:05 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-13 07:14 - 2012-12-24 20:22 - 00000000 ____D C:\Users\Doro\AppData\Roaming\Atheros
==================== Files in the root of some directories =======
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\Sounds
2014-05-29 15:42 - 2014-05-29 15:42 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\Soundtrack
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\Space Choir
2014-05-29 15:37 - 2014-05-29 15:37 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\String Comparison
2012-12-27 22:59 - 2015-05-24 20:50 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2013-06-15 22:29 - 2013-06-15 22:38 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2014-05-29 15:37 - 2014-05-29 15:37 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-05-29 15:42 - 2014-05-29 15:42 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-05-29 15:41 - 2014-05-29 15:45 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-05-29 15:41 - 2014-05-29 15:41 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\ProgramData\Specifications
2014-05-29 15:42 - 2014-05-29 15:42 - 0000268 ___RH () C:\ProgramData\Speech Enhancer
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\ProgramData\Sports
2014-05-29 15:37 - 2014-05-29 15:41 - 0000012 ___RH () C:\ProgramData\SupportPrinters
2014-05-29 15:42 - 2014-05-29 15:42 - 0000012 ___RH () C:\ProgramData\Sync Services
2014-05-29 15:41 - 2014-05-29 15:41 - 0000012 ___RH () C:\ProgramData\Synth Leads
2014-05-29 15:37 - 2014-05-29 15:37 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
Some files in TEMP:
====================
C:\Users\Doro\AppData\Local\temp\avgnt.exe
C:\Users\edv\AppData\Local\temp\avgnt.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2013-07-13 20:25
==================== End of log ============================
|
|
13.06.2015, 13:58
| #14 |
| /// the machine /// TB-Ausbilder | Telekom Abuse-Meldung BedepESET Online Scanner
Downloade Dir bitte  SecurityCheck und:
und ein frisches FRST log bitte. Noch Probleme? 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
14.06.2015, 17:05
| #15 |
| | Telekom Abuse-Meldung Bedep Hallo Schrauber, das ist das erste logfile: Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=22d6503f2ca7504b8a2b00ec9f5ba19d
# end=init
# utc_time=2015-06-14 08:10:48
# local_time=2015-06-14 10:10:48 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 24317
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=22d6503f2ca7504b8a2b00ec9f5ba19d
# end=updated
# utc_time=2015-06-14 08:17:46
# local_time=2015-06-14 10:17:46 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=22d6503f2ca7504b8a2b00ec9f5ba19d
# engine=24317
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2015-06-14 10:17:01
# local_time=2015-06-14 12:17:01 (+0100, Mitteleuropäische Sommerzeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 162609 185906871 0 0
# scanned=310300
# found=5
# cleaned=0
# scan_time=7154
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir"
sh=97BCCD25561F44E9B13F05F6EEF083C9CE9BA529 ft=1 fh=641f1fb3d2e699c4 vn="Win32/Toolbar.Conduit.Y evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert0.dll.vir"
sh=8293F38C031276F10D601D1CBBC22957F30294CD ft=1 fh=c71c00118dece0bc vn="Variante von Win32/Toolbar.SearchSuite.W evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Users\Doro\AppData\Local\iLivid\Helper.dll.vir"
sh=50121A8013695622410A62839BC86BE58DD627C8 ft=1 fh=60f61490c3d768f0 vn="Variante von Win32/Kryptik.ANR Trojaner" ac=I fn="C:\Users\Doro\wiederherstellung\DestroyProcess.exe"
sh=8D637963089C3798931212F59B157E0E575B7087 ft=1 fh=60270b7ce59463b4 vn="Win32/Toolbar.Conduit evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Doro\wiederherstellung\setup.exe"
Code:
ATTFilter Results of screen317's Security Check version 1.002
Windows 7 Service Pack 1 x64 (UAC is enabled)
Internet Explorer 11
``````````````Antivirus/Firewall Check:``````````````
Avira Antivirus
Antivirus up to date!
`````````Anti-malware/Other Utilities Check:`````````
Java 8 Update 45
Adobe Flash Player 11.7.700.224 Flash Player out of Date!
Adobe Reader 10.1.4 Adobe Reader out of Date!
````````Process Check: objlist.exe by Laurent````````
Avira Antivir avgnt.exe
Avira Antivir avguard.exe
`````````````````System Health check`````````````````
Total Fragmentation on Drive C:
````````````````````End of Log``````````````````````
und hier noch die neue frst.txt FRST Logfile: Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-06-2015
Ran by edv (administrator) on EDV-VAIO on 14-06-2015 18:00:30
Running from C:\Users\edv\Desktop
Loaded Profiles: edv (Available Profiles: edv & Doro)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(Protexis Inc.) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
(Atheros Communications) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe
(Sony Corporation) C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Sony Corporation) C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Sony Corporation) C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Personalization Manager\VpmIfPav.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
() C:\Program Files\Sony\VAIO Care\VCPerfService.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe
(Sony Corporation) C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe
(ArcSoft, Inc.) C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
() C:\Program Files\Sony\VAIO Care\listener.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil64_17_0_0_188_ActiveX.exe
(Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [518784 2011-03-29] (Conexant Systems, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [790688 2011-04-29] (Atheros Communications)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [657568 2011-04-29] (Atheros Commnucations)
HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2011-10-17] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-06-16] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2010-09-13] (Intel Corporation)
HKLM-x32\...\Run: [ISBMgr.exe] => C:\Program Files (x86)\Sony\ISB Utility\ISBMgr.exe [2757312 2011-02-15] (Sony Corporation)
HKLM-x32\...\Run: [PMBVolumeWatcher] => C:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe [648032 2010-11-27] (Sony Corporation)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [730416 2015-06-10] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-11-28] (Apple Inc.)
HKLM-x32\...\Run: [Nikon Message Center 2] => C:\Program Files (x86)\Nikon\Nikon Message Center 2\NkMC2.exe [571392 2011-10-30] (Nikon Corporation)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-04-30] (Oracle Corporation)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Run: [Elbserver] => C:\Program Files (x86)\Sony\Media Gallery\ElbServer.exe [83344 2011-04-02] (Sony Corporation)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Run: [VRLPHelper] => C:\Program Files (x86)\Sony\Media Gallery\VRLPHelper.exe [186768 2011-04-02] (Sony Corporation)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Sony MSS.lnk [2013-10-03]
ShortcutTarget: Sony MSS.lnk -> C:\Program Files (x86)\Sony\MSS\3.0.271\SSScheduler.exe (McAfee, Inc.)
GroupPolicyUsers\S-1-5-21-2530222425-496541977-1974725369-1001\User: Group Policy Restriction detected <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKU\S-1-5-21-2530222425-496541977-1974725369-1000\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://sony.msn.com
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> DefaultScope {EAC08BFF-D954-4947-8611-54AF6BA6F353} URL = https://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> {084EDD55-2778-4146-BBD8-5A71FAED0F71} URL = hxxp://rover.ebay.com/rover/1/707-37276-16609-27/4?mpre=hxxp://shop.ebay.de/?oemInLn=ieSrch-Q311&_nkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> {A6D487EE-965A-49EF-A45B-33BE5ED01C2E} URL = hxxp://services.zinio.com/search?s={searchTerms}&rf=sonyslices
SearchScopes: HKU\S-1-5-21-2530222425-496541977-1974725369-1000 -> {EAC08BFF-D954-4947-8611-54AF6BA6F353} URL = https://www.google.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-07-27] (Adobe Systems Incorporated)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2011-04-29] (Atheros Commnucations)
BHO-x32: Windows Live ID-Anmelde-Hilfsprogramm -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_7_700_224.dll [2013-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_224.dll [2013-06-16] ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2012-10-31] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-06-07] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-06-07] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2012-05-12] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2012-05-12] (NVIDIA Corporation)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-07-27] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2530222425-496541977-1974725369-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2012-12-25] (Wacom)
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
R2 AdobeActiveFileMonitor11.0; C:\Program Files (x86)\Adobe\Elements 11 Organizer\PhotoshopElementsFileAgent.exe [171600 2012-09-23] (Adobe Systems Incorporated)
R2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [827184 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [450808 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1188360 2015-06-10] (Avira Operations GmbH & Co. KG)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-04-29] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [91296 2011-04-29] (Atheros Commnucations) [File not signed]
S3 DCDhcpService; C:\Program Files\Sony\VAIO Smart Network\WFDA\DCDhcpService.exe [104096 2011-07-19] (Atheros Communication Inc.) [File not signed]
S3 McComponentHostServiceSony; C:\Program Files (x86)\Sony\MSS\3.0.271\McCHSvc.exe [237328 2012-03-30] (McAfee, Inc.)
R2 Megatech-Software-Protection; C:\Program Files (x86)\Megatech\MProtect\MPServ.EXE [36864 2007-12-12] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1931632 2015-04-10] (Electronic Arts)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
R2 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [156672 2012-08-06] () [File not signed]
R2 uCamMonitor; C:\Program Files (x86)\ArcSoft\Magic-i Visual Effects 2\uCamMonitor.exe [105024 2011-02-23] (ArcSoft, Inc.)
R2 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S3 VUAgent; C:\Program Files\Sony\VAIO Update\VUAgent.exe [1368624 2013-08-01] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R3 ArcSoftKsUFilter; C:\Windows\System32\DRIVERS\ArcSoftKsUFilter.sys [19968 2009-05-26] (ArcSoft, Inc.)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [153256 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132656 2015-06-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2013-10-07] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [44088 2015-03-12] (Avira Operations GmbH & Co. KG)
R0 PxHlpa64; C:\Windows\System32\Drivers\PxHlpa64.sys [56336 2012-08-10] (Corel Corporation)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-14 18:00 - 2015-06-14 18:01 - 00018994 _____ C:\Users\edv\Desktop\FRST.txt
2015-06-14 18:00 - 2015-06-14 18:00 - 00000000 ____D C:\Users\edv\Desktop\FRST-OlderVersion
2015-06-14 17:47 - 2015-06-14 17:47 - 00000000 ___RD C:\Users\edv\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-06-14 10:10 - 2015-06-14 10:10 - 00000000 ____D C:\Program Files (x86)\ESET
2015-06-13 08:47 - 2015-06-13 08:47 - 00000000 ___RD C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2015-06-12 21:05 - 2015-06-12 21:23 - 00011472 _____ C:\Windows\DPINST.LOG
2015-06-12 21:04 - 2015-06-12 21:04 - 20621696 _____ (Sony Corporation) C:\Users\edv\Downloads\EP0000260372.exe
2015-06-12 20:41 - 2015-06-12 20:41 - 00000207 _____ C:\Windows\tweaking.com-regbackup-EDV-VAIO-Windows-7-Home-Premium-(64-bit).dat
2015-06-12 20:41 - 2015-06-12 20:41 - 00000000 ____D C:\RegBackup
2015-06-11 20:56 - 2015-06-11 21:06 - 00000000 ____D C:\ComboFix
2015-06-11 19:47 - 2015-06-11 21:06 - 00000000 ____D C:\Qoobox
2015-06-11 19:47 - 2011-06-26 08:45 - 00256000 _____ C:\Windows\PEV.exe
2015-06-11 19:47 - 2010-11-07 19:20 - 00208896 _____ C:\Windows\MBR.exe
2015-06-11 19:47 - 2009-04-20 06:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00098816 _____ C:\Windows\sed.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00080412 _____ C:\Windows\grep.exe
2015-06-11 19:47 - 2000-08-31 02:00 - 00068096 _____ C:\Windows\zip.exe
2015-06-11 19:46 - 2015-06-11 19:59 - 00000000 ____D C:\Windows\erdnt
2015-06-10 15:24 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-10 15:24 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-10 15:24 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-10 15:24 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-10 15:24 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-10 15:24 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-10 15:24 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-10 15:24 - 2015-04-29 20:22 - 14635008 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-06-10 15:24 - 2015-04-29 20:21 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-06-10 15:24 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-06-10 15:24 - 2015-04-29 20:21 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-06-10 15:24 - 2015-04-29 20:19 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-06-10 15:24 - 2015-04-29 20:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2015-06-10 15:24 - 2015-04-29 20:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2015-06-10 15:24 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2015-06-10 15:24 - 2015-04-29 20:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2015-06-10 15:24 - 2015-04-29 20:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2015-06-10 15:23 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-10 15:23 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-10 15:23 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-10 15:23 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-10 15:23 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-10 15:23 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-10 15:23 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-10 15:23 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-10 15:23 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-10 15:23 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-10 15:23 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-10 15:23 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-10 15:23 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-10 15:23 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-10 15:23 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-10 15:23 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-10 15:23 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-10 15:23 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-10 15:23 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-10 15:23 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-10 15:23 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-10 15:23 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-10 15:23 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 19:08 - 03206144 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-06-10 15:23 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-10 15:23 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-10 15:23 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-10 15:23 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-10 15:23 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-10 15:23 - 2015-04-24 20:17 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2015-06-10 15:23 - 2015-04-24 19:56 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2015-06-10 15:23 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-10 15:22 - 2015-06-01 21:16 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-06-10 15:22 - 2015-06-01 20:07 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-06-10 15:22 - 2015-05-27 16:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-06-10 15:22 - 2015-05-27 16:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-06-10 15:22 - 2015-05-23 05:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-06-10 15:22 - 2015-05-23 05:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-06-10 15:22 - 2015-05-23 05:15 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-06-10 15:22 - 2015-05-23 05:15 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-06-10 15:22 - 2015-05-23 05:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-06-10 15:22 - 2015-05-23 05:13 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-06-10 15:22 - 2015-05-23 05:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-06-10 15:22 - 2015-05-23 05:09 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-06-10 15:22 - 2015-05-23 05:08 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-06-10 15:22 - 2015-05-23 05:06 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-06-10 15:22 - 2015-05-23 05:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-06-10 15:22 - 2015-05-23 05:05 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-06-10 15:22 - 2015-05-23 05:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-06-10 15:22 - 2015-05-23 04:57 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-06-10 15:22 - 2015-05-23 04:52 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-06-10 15:22 - 2015-05-23 04:49 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-06-10 15:22 - 2015-05-23 04:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-06-10 15:22 - 2015-05-23 04:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-06-10 15:22 - 2015-05-23 04:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-06-10 15:22 - 2015-05-23 04:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-06-10 15:22 - 2015-05-23 04:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-06-10 15:22 - 2015-05-23 04:37 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-06-10 15:22 - 2015-05-23 04:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-06-10 15:22 - 2015-05-23 04:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-06-10 15:22 - 2015-05-23 04:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-06-10 15:22 - 2015-05-23 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-06-10 15:22 - 2015-05-22 21:16 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-06-10 15:22 - 2015-05-22 21:16 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-06-10 15:22 - 2015-05-22 21:01 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-06-10 15:22 - 2015-05-22 21:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-06-10 15:22 - 2015-05-22 21:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-06-10 15:22 - 2015-05-22 21:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-06-10 15:22 - 2015-05-22 21:00 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-06-10 15:22 - 2015-05-22 20:59 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-06-10 15:22 - 2015-05-22 20:53 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-06-10 15:22 - 2015-05-22 20:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-06-10 15:22 - 2015-05-22 20:52 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-06-10 15:22 - 2015-05-22 20:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-06-10 15:22 - 2015-05-22 20:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-06-10 15:22 - 2015-05-22 20:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-06-10 15:22 - 2015-05-22 20:47 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-06-10 15:22 - 2015-05-22 20:47 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-06-10 15:22 - 2015-05-22 20:40 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-06-10 15:22 - 2015-05-22 20:36 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-06-10 15:22 - 2015-05-22 20:29 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-06-10 15:22 - 2015-05-22 20:25 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-06-10 15:22 - 2015-05-22 20:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-06-10 15:22 - 2015-05-22 20:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-06-10 15:22 - 2015-05-22 20:07 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-06-10 15:22 - 2015-05-22 20:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-06-10 15:22 - 2015-05-22 20:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-06-10 15:22 - 2015-05-22 20:05 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-06-10 15:22 - 2015-05-22 19:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-06-10 15:22 - 2015-05-22 19:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-06-10 15:22 - 2015-05-22 19:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-06-10 15:22 - 2015-05-22 19:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-06-10 15:09 - 2015-06-10 15:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-06-09 21:15 - 2015-06-09 21:15 - 00000000 ____D C:\Users\Doro\AppData\Roaming\java
2015-06-08 18:12 - 2015-06-12 19:40 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-06-08 18:11 - 2015-06-09 13:31 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-06-07 13:58 - 2015-06-07 13:58 - 00000000 ____D C:\Users\Doro\AppData\Local\{4B877244-C3BE-4EEE-BA31-CB9D1FC44E3F}
2015-06-07 12:07 - 2015-06-07 12:07 - 00047168 _____ C:\Users\edv\Downloads\GMER 07062015 1207.log
2015-06-07 11:45 - 2015-06-07 11:45 - 00380416 _____ C:\Users\edv\Downloads\Gmer-19357.exe
2015-06-07 11:07 - 2015-06-07 11:08 - 00056039 _____ C:\Users\edv\Downloads\FRST.txt
2015-06-07 11:07 - 2015-06-07 11:08 - 00053329 _____ C:\Users\edv\Downloads\Addition.txt
2015-06-07 11:06 - 2015-06-14 18:00 - 02109952 _____ (Farbar) C:\Users\edv\Desktop\FRST64.exe
2015-06-07 10:44 - 2015-06-07 10:44 - 00047855 _____ C:\Users\Doro\Downloads\Addition.txt
2015-06-07 10:43 - 2015-06-14 18:00 - 00000000 ____D C:\FRST
2015-06-07 10:43 - 2015-06-07 10:49 - 00057233 _____ C:\Users\Doro\Downloads\FRST.txt
2015-06-07 10:43 - 2015-06-07 10:43 - 02108928 _____ (Farbar) C:\Users\Doro\Downloads\FRST64.exe
2015-06-07 10:25 - 2015-06-07 10:25 - 00002182 _____ C:\Windows\system32\.crusader
2015-06-07 10:07 - 2015-06-07 10:06 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-06-07 10:06 - 2015-06-07 10:10 - 00000000 ____D C:\ProgramData\Oracle
2015-06-07 10:06 - 2015-06-07 10:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-06-07 10:03 - 2015-06-07 10:05 - 37328992 _____ (Oracle Corporation) C:\Users\Doro\Downloads\jre-8u45-windows-i586.exe
2015-06-07 09:56 - 2015-06-07 09:56 - 00007448 _____ C:\Users\edv\Downloads\HitmanPro_20150607_0956.log
2015-06-07 09:39 - 2015-06-07 10:25 - 00000000 ____D C:\ProgramData\HitmanPro
2015-06-07 09:38 - 2015-06-07 09:39 - 11024496 _____ (SurfRight B.V.) C:\Users\Doro\Downloads\hitmanpro_x64.exe
2015-06-06 14:17 - 2015-06-06 14:17 - 00000000 ____D C:\Users\Doro\AppData\Local\{36E1CA0F-C2DF-4928-8771-42F945B0094D}
2015-06-06 07:27 - 2015-06-12 20:37 - 00000000 ____D C:\AdwCleaner
2015-06-06 07:26 - 2015-06-06 07:27 - 02231296 _____ C:\Users\edv\Downloads\adwcleaner_4.206.exe
2015-06-05 21:12 - 2015-06-06 08:07 - 00000000 ____D C:\8b16ce2242485f5693f09a69
2015-06-05 21:11 - 2015-06-05 21:12 - 51789024 _____ (Microsoft Corporation) C:\Users\Doro\Downloads\Windows-KB890830-x64-V5.24.exe
2015-06-05 20:51 - 2015-06-12 19:39 - 00000000 __SHD C:\Users\edv\AppData\Local\EmieBrowserModeList
2015-06-05 18:26 - 2015-06-05 18:26 - 02209056 _____ C:\Users\Doro\Downloads\avira-eu-cleaner_de.exe
2015-06-04 21:37 - 2015-06-04 21:38 - 00000000 ____D C:\Users\Doro\AppData\Local\{4022981E-5180-4166-8206-1F74C75AB632}
2015-06-01 14:51 - 2015-06-01 14:51 - 00001395 _____ C:\Users\edv\Desktop\Ultima 8.lnk
2015-06-01 14:51 - 2015-06-01 14:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ultima 8
2015-06-01 11:41 - 2015-06-01 11:43 - 00000000 ____D C:\Users\Doro\Documents\Berufe
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-06-14 17:59 - 2012-12-24 20:21 - 00000000 ____D C:\Users\Doro
2015-06-14 17:47 - 2014-03-22 14:22 - 01884090 _____ C:\Windows\WindowsUpdate.log
2015-06-14 17:47 - 2012-09-12 17:12 - 00000000 ____D C:\Users\edv\Documents\Bluetooth Folder
2015-06-14 10:15 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-14 10:15 - 2009-07-14 06:45 - 00020720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-14 10:11 - 2012-02-05 21:44 - 00699666 _____ C:\Windows\system32\perfh007.dat
2015-06-14 10:11 - 2012-02-05 21:44 - 00149774 _____ C:\Windows\system32\perfc007.dat
2015-06-14 10:11 - 2009-07-14 07:13 - 01620612 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-14 10:06 - 2012-09-12 17:10 - 00120120 _____ C:\Users\edv\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-14 10:05 - 2014-03-23 09:49 - 00047759 _____ C:\Windows\setupact.log
2015-06-14 10:05 - 2012-02-05 13:03 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-12 21:48 - 2014-07-10 21:17 - 00000000 ____D C:\Users\Doro\Documents\Lyrics
2015-06-12 21:43 - 2012-12-24 20:22 - 00120120 _____ C:\Users\Doro\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-12 21:40 - 2009-07-14 06:45 - 00512176 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-12 21:38 - 2014-11-03 17:17 - 00000000 ____D C:\Program Files (x86)\Megatech
2015-06-12 21:36 - 2014-11-03 17:26 - 00000028 _____ C:\Windows\ODBC.INI
2015-06-12 21:28 - 2013-06-15 20:56 - 00000000 ____D C:\Users\edv\AppData\Roaming\Samsung
2015-06-12 20:45 - 2014-03-23 09:48 - 00223854 _____ C:\Windows\PFRO.log
2015-06-12 19:39 - 2014-04-24 08:28 - 00000000 __SHD C:\Users\edv\AppData\Local\EmieUserList
2015-06-12 19:39 - 2014-04-24 08:28 - 00000000 __SHD C:\Users\edv\AppData\Local\EmieSiteList
2015-06-12 15:04 - 2013-09-02 19:58 - 00000000 ____D C:\Program Files (x86)\Steam
2015-06-11 21:05 - 2009-07-14 04:34 - 00000215 _____ C:\Windows\system.ini
2015-06-11 20:00 - 2009-07-14 06:57 - 00001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2015-06-11 20:00 - 2009-07-14 05:20 - 00000000 __RHD C:\Users\Default
2015-06-11 15:38 - 2013-11-18 16:01 - 00000000 ____D C:\Users\Doro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2015-06-10 19:35 - 2014-11-13 20:40 - 00000000 __SHD C:\Users\Doro\AppData\Local\EmieBrowserModeList
2015-06-10 19:35 - 2014-04-19 14:18 - 00000000 __SHD C:\Users\Doro\AppData\Local\EmieUserList
2015-06-10 19:35 - 2014-04-19 14:18 - 00000000 __SHD C:\Users\Doro\AppData\Local\EmieSiteList
2015-06-10 18:33 - 2015-04-16 14:44 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-10 18:33 - 2014-04-30 23:38 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-10 18:33 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-10 16:47 - 2012-12-08 14:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-06-10 16:39 - 2013-08-04 13:42 - 00000000 ____D C:\Windows\system32\MRT
2015-06-10 16:39 - 2012-12-08 13:26 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-06-10 16:38 - 2009-07-14 04:34 - 00000478 _____ C:\Windows\win.ini
2015-06-10 16:12 - 2012-12-26 01:00 - 00000000 ____D C:\Users\Doro\AppData\Roaming\Skype
2015-06-10 15:07 - 2013-03-25 14:32 - 00153256 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-06-10 15:07 - 2013-03-25 14:32 - 00132656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-06-09 21:15 - 2012-12-31 20:16 - 00000000 ____D C:\Users\Doro\AppData\Roaming\.minecraft
2015-06-09 21:05 - 2014-07-31 20:10 - 00000000 ____D C:\Users\Doro\Documents\Wichtig
2015-06-09 21:05 - 2013-06-16 14:06 - 00000000 ____D C:\Users\Doro\Documents\Schule
2015-06-09 19:25 - 2013-02-06 20:12 - 00000000 ____D C:\Users\Doro\AppData\Local\CrashDumps
2015-06-09 17:52 - 2013-08-06 14:16 - 00000000 ____D C:\Users\Doro\Documents\Outlook-Dateien
2015-06-08 21:19 - 2014-07-31 20:10 - 00000000 ____D C:\Users\Doro\Documents\Shit
2015-06-08 21:19 - 2014-07-31 20:09 - 00000000 ____D C:\Users\Doro\Documents\Exel
2015-06-08 20:03 - 2013-06-16 14:00 - 00000000 ____D C:\Users\Doro\Documents\samsung
2015-06-08 18:10 - 2013-06-15 20:56 - 00000000 ____D C:\Users\edv\AppData\Local\Samsung
2015-06-08 18:10 - 2013-06-15 19:25 - 00000000 ____D C:\Program Files (x86)\Samsung
2015-06-08 18:09 - 2013-06-15 19:25 - 00000000 ____D C:\ProgramData\Samsung
2015-06-08 18:06 - 2012-09-12 17:09 - 00000000 ____D C:\Users\edv
2015-06-07 10:05 - 2012-02-05 13:06 - 00000000 ____D C:\Program Files (x86)\Java
2015-06-06 14:22 - 2014-06-09 13:18 - 00000000 ____D C:\Users\Doro\AppData\Local\Windows Live
2015-06-06 10:24 - 2014-08-04 13:20 - 00000000 ____D C:\Users\Doro\Documents\Bluetooth Folder
2015-06-06 07:23 - 2013-06-15 22:37 - 00000884 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-06 07:23 - 2013-03-13 15:12 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-06-06 07:23 - 2013-03-13 15:12 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-06-06 07:23 - 2013-02-23 16:54 - 00000000 ____D C:\Users\edv\AppData\Local\Adobe
2015-06-06 07:20 - 2013-06-16 11:52 - 00000000 ____D C:\Users\edv\AppData\Local\CrashDumps
2015-06-05 13:36 - 2012-12-08 12:52 - 00000000 ____D C:\Users\edv\AppData\Roaming\Avira
2015-06-04 21:06 - 2013-09-26 16:37 - 00000000 ____D C:\Users\Doro\Documents\Storys
2015-06-01 16:27 - 2014-03-22 14:37 - 00000000 ____D C:\Users\Doro\AppData\Local\Origin
2015-06-01 14:51 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-06-01 14:50 - 2015-04-06 15:43 - 00001266 _____ C:\Users\edv\Desktop\Die Sims 4.lnk
2015-06-01 14:50 - 2014-03-22 14:35 - 00000000 ____D C:\Program Files (x86)\Origin Games
2015-06-01 14:34 - 2014-03-22 14:26 - 00000000 ____D C:\ProgramData\Origin
2015-05-27 09:26 - 2014-07-11 16:31 - 00001261 _____ C:\Users\Doro\Desktop\Corel Painter Essentials 4.lnk
2015-05-24 20:50 - 2012-12-27 22:59 - 00000952 ___SH C:\ProgramData\KGyGaAvL.sys
2015-05-22 17:28 - 2015-04-06 22:03 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-22 17:28 - 2015-04-06 22:03 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-16 16:45 - 2015-02-20 09:05 - 00000000 ____D C:\ProgramData\TEMP
2015-05-15 13:44 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
==================== Files in the root of some directories =======
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\Sounds
2014-05-29 15:42 - 2014-05-29 15:42 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\Soundtrack
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\Space Choir
2014-05-29 15:37 - 2014-05-29 15:37 - 0000268 ___RH () C:\Users\edv\AppData\Roaming\String Comparison
2012-12-27 22:59 - 2015-05-24 20:50 - 0000952 ___SH () C:\ProgramData\KGyGaAvL.sys
2013-06-15 22:29 - 2013-06-15 22:38 - 0000000 _____ () C:\ProgramData\LauncherAccess.dt
2014-05-29 15:37 - 2014-05-29 15:37 - 0000020 ____H () C:\ProgramData\PKP_DLeo.DAT
2014-05-29 15:42 - 2014-05-29 15:42 - 0000020 ____H () C:\ProgramData\PKP_DLes.DAT
2014-05-29 15:41 - 2014-05-29 15:45 - 0000020 ____H () C:\ProgramData\PKP_DLet.DAT
2014-05-29 15:41 - 2014-05-29 15:41 - 0000020 ____H () C:\ProgramData\PKP_DLev.DAT
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\ProgramData\Specifications
2014-05-29 15:42 - 2014-05-29 15:42 - 0000268 ___RH () C:\ProgramData\Speech Enhancer
2014-05-29 15:41 - 2014-05-29 15:41 - 0000268 ___RH () C:\ProgramData\Sports
2014-05-29 15:37 - 2014-05-29 15:41 - 0000012 ___RH () C:\ProgramData\SupportPrinters
2014-05-29 15:42 - 2014-05-29 15:42 - 0000012 ___RH () C:\ProgramData\Sync Services
2014-05-29 15:41 - 2014-05-29 15:41 - 0000012 ___RH () C:\ProgramData\Synth Leads
2014-05-29 15:37 - 2014-05-29 15:37 - 0000012 ___RH () C:\ProgramData\Vocal Transformer
Some files in TEMP:
====================
C:\Users\Doro\AppData\Local\temp\avgnt.exe
C:\Users\edv\AppData\Local\temp\avgnt.exe
C:\Users\edv\AppData\Local\temp\GdiPlus.dll
C:\Users\edv\AppData\Local\temp\InstallerMessageBox.exe
C:\Users\edv\AppData\Local\temp\NPSInstallerProxy.exe
C:\Users\edv\AppData\Local\temp\NPSInstallerProxyMessageBoxHookDll.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2013-07-13 20:25
==================== End of log ============================
|
|
| Themen zu Telekom Abuse-Meldung Bedep |
| aktiv, avira, cookies, ebenfalls, entfernen, firewall, gen, hallo zusammen, hilft, hängen, infiziert, mail, malware, namens, nichts, rechner, rechnern, schädling, software, telekom, tracking, trojaner, virus, zusammen, zusätzlich |
Linear-Darstellung
