| |
| |||||||
Plagegeister aller Art und deren Bekämpfung: Behinderung durch Trojaner?Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen. |
 |
14.08.2015, 16:41
| #1 |
 |  Behinderung durch Trojaner? Guten Tag zusammen Ich plante, in den nächsten Tagen von Windows 8.1 auf 10 zu wechseln, zu diesem Zweck wollte ich vorab das Systemabbild nochmals sichern/aktualisieren (letztes Datum 1.11.2014), in einer frühen Phase des Sicherungsprozesses (prüfen Dateisystem) bricht die Sicherung ab mit folgender Meldung: Die Sicherung ist fehlgeschlagen. Fehler beim Anfordern einer exklusiven Sperre für die EFI-Systempartition (ESP) durch die Windows-Sicherung. Dies kann auftreten, wenn Dateien auf der ESP von einer anderen Anwendung verwendet werden. Wiederholen Sie den Vorgang (0x80780011E) Zugriff verweigert (0x80070005) Mit meinen bescheidenen System-Kenntnisse habe ich daraufhin folgendes gemacht (aufgrund gutgemeinten Empfehlungen aus diversen Foren): • Im TaskManager sämtliche Dienste deaktiviert Als Administrator diverse Eingaben gemacht: • unter cmd: net stop winmgmt cd /d %windir%\system32\wbem ren repository repository.old net start winmgmt exit • dism dism /Online /Cleanup-Image /ScanHealth dism /Online /Cleanup-Image /CheckHealth dism /Online /Cleanup-Image /RestoreHealth sfc /scannow Ich erhielt die Meldung, dass nicht alle Dateien repariert werden konnte. Habe hierzu auch ein CBS-Log… ich kann die Einträge jedoch nicht interpretieren. Da mein System mit einem vorinstallierten Windows 8.1 läuft (habe kein Installationsmedium) wollte ich bei Microsoft eine entsprechende ISO-Datei downloaden (deutsch, Windows 8.1, 64-bit). Während dem aufbereiten des USB-Sticks erhielt ich folgende Meldung: ‚Der Download wurde nicht erfolgreich abgeschlossen. Starten des Servers fehlgeschlagen‘. Mit Hilfe dieser ISO-datei und Inplace Reparatur wollte ich das System auffrischen, ohne meine Programme und Einstellung zu verlieren…. In meiner Not habe ich mich auf Empfehlung hin mit dem Tool HijackThis beholfen, dabei wurden folgende ‚Bedrohungen‘ (Virus) herausgefiltert…: O4 - HKCU..Run: [jaepew.exe] C:UsersXXXXAppDataRoamingokabgf\jaepew.exe O4 - HKCU..Run: [zzihaw.exe] C:UsersXXXXAppDataRoamingzzpuok\zzihaw.exe O4 - HKCU..Run: [buwctr.exe] C:UsersXXXXAppDataRoamingzzpuok\buwctr.exe Ist da was dran? Virus? Meine System-Umgebung: Lenovo Yoga 2 pro, 8MB RAM, Windows 8.1 geschützt durch Malwarebytes (2.1.8.1057) und Bitdefender 2015 Mit meinen beschränkten IT-Wissen bin ich nun definitiv ratlos und bitte um eure Hilfe!! Vielen Dank sugus666 |
|
14.08.2015, 17:00
| #2 |
| /// the machine /// TB-Ausbilder    | Behinderung durch Trojaner? hi,
__________________Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop:  FRST 32-Bit | FRST 64-Bit(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
__________________ |
|
14.08.2015, 17:10
| #3 |
| | Behinderung durch Trojaner? Hallo, hier die FRST
__________________Code:
ATTFilter Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:13-08-2015 Ran by Marcel (administrator) on SUGUS (14-08-2015 18:06:29) Running from F:\90 Daten Systemordner\Downloads_sys Loaded Profiles: Marcel (Available Profiles: Marcel & Administrator) Platform: Windows 8.1 (X64) Language: Englisch (Vereinigte Staaten) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe (Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Fork, Ltd.) C:\Windows\Prey\wpxsvc.exe (CrypKey (Canada) Ltd.) C:\Windows\System32\Crypserv.exe (Joyent, Inc) C:\Windows\Prey\versions\1.4.1\bin\node.exe (Intel Corporation) C:\Windows\System32\DptfParticipantProcessorService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyConfigTDPService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyCriticalService.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmService.exe (Fork, Ltd.) C:\Windows\Prey\versions\1.4.1\node_modules\triggers\bin\lightevt.exe (FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe (Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe (LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe (Nitro PDF Software) C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe (PointGrab LTD) C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe (Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe () C:\Program Files\CyberLink\Shared files\RichVideo64.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\psia.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe (Lenovo) C:\ProgramData\LenovoTransition\Server\x64\ymc.exe () C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe (Microsoft Corporation) C:\Windows\System32\alg.exe (Secunia) C:\Program Files (x86)\Secunia\PSI\sua.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe (Microsoft Corporation) C:\Windows\System32\wimserv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUserAgent.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe (Intel Corporation) C:\Windows\System32\igfxTray.exe (DisplayLink Corp.) C:\Program Files\DisplayLink Core Software\DisplayLinkUI.exe (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\DptfPolicyLpmServiceHelper.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Lenovo) C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Learnpulse) C:\Users\Marcel\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe (Bitdefender) C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe () C:\Brother\BPRSP\resources\BrSupSsp.exe (Docking Station) C:\Program Files (x86)\Lenovo\USB3.0 Dock\igpxtskmgn64win8.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe (Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe (Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe (Lenovo) C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvController.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_232.exe (Nenad Hrg (SoftwareOK.com)) C:\Program Files\Q-Dir\Q-Dir.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13656792 2013-10-04] (Realtek Semiconductor) HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1353432 2013-09-26] (Realtek Semiconductor) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation) HKLM\...\Run: [DptfPolicyLpmServiceHelper] => C:\windows\system32\DptfPolicyLpmServiceHelper.exe [111976 2013-08-02] (Intel Corporation) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [Yoga PhoneCompanion] => C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe [844304 2014-03-28] (Lenovo) HKLM\...\Run: [AutoStartTransition] => C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe [294672 2014-03-28] () HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [59923440 2014-03-28] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-03-28] (Lenovo(beijing) Limited) HKLM\...\Run: [Samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [607584 2015-03-18] (Copyright 2013 SAMSUNG) HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [170280 2015-07-11] (Apple Inc.) HKLM\...\Run: [Bdagent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe [1601496 2015-05-13] (Bitdefender) HKLM-x32\...\Run: [Yoga Picks] => C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe [119280 2014-01-06] (Lenovo) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation) HKLM-x32\...\Run: [BrMfcWnd] => C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [1163264 2012-09-25] () HKLM-x32\...\Run: [ControlCenter3] => C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [114688 2008-12-24] (Brother Industries, Ltd.) HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2322944 2014-04-08] (FileZilla Project) HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.) HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1944576 2013-03-07] (Brother Industries, Ltd.) HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation) HKLM-x32\...\Run: [My Swisscom Assistant] => C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe [12028512 2015-06-03] (Swisscom (Schweiz) AG) Winlogon\Notify\igfxcui: igfxdev.dll [X] HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Run: [AshSnap] => C:\Program Files (x86)\Ashampoo\Ashampoo Snap 6\ashsnap.exe HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Run: [jaepew.exe] => C:\Users\Marcel\AppData\Roaming\okabgf\\jaepew.exe HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Run: [zzihaw.exe] => C:\Users\Marcel\AppData\Roaming\zzpuok\\zzihaw.exe HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Run: [buwctr.exe] => C:\Users\Marcel\AppData\Roaming\zzpuok\\buwctr.exe HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [787592 2015-06-23] (Sandboxie Holdings, LLC) HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Run: [rfxsrvtray] => C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe [1838872 2013-02-07] (Tobit.Software) HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [53753984 2015-07-18] (Skype Technologies S.A.) HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Run: [Screenpresso] => C:\Users\Marcel\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe [11928080 2015-07-21] (Learnpulse) HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Run: [Bitdefender-Geldb�rse-Agent] => C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe [790880 2015-04-27] (Bitdefender) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Brother BPFSP.lnk [2015-02-13] ShortcutTarget: Brother BPFSP.lnk -> C:\Windows\Installer\{8040527F-DD74-4B45-8A06-C4BF145B6C76}\BrSupSsp.exe_44686FC076524EF5975EF92EE48E2958.exe (Flexera Software LLC) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\igpxtskmgn.lnk [2014-04-22] ShortcutTarget: igpxtskmgn.lnk -> C:\Program Files (x86)\Lenovo\USB3.0 Dock\igpxtskmgn64win8.exe (Docking Station) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ISCTSystray.lnk [2014-03-28] ShortcutTarget: ISCTSystray.lnk -> C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTsysTray8.exe (Intel Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2014-04-22] ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Radio.fx.LNK [2015-05-23] ShortcutTarget: Radio.fx.LNK -> C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe (Tobit.Software) Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2014-10-20] ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files (x86)\Secunia\PSI\psi_tray.exe (Secunia) Startup: C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk [2014-05-08] ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) Startup: C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\start.bat [2014-04-22] () ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => No File ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = hxxp://www.lenovo.com SearchScopes: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001 -> {72A5F580-1FA0-4C34-B0EF-61D4BC34A5E0} URL = BHO: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-06-02] (Bitdefender) BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-08-02] (Oracle Corporation) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-02] (Oracle Corporation) BHO-x32: Bitdefender-Geldbörse -> {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} -> C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-06-02] (Bitdefender) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll [2014-07-25] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Toolbar: HKLM - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\pmbxie.dll [2015-06-02] (Bitdefender) Toolbar: HKLM-x32 - Bitdefender-Geldbörse - {1DAC0C53-7D23-4AB3-856A-B04D98CD982A} - C:\Program Files\Bitdefender\Bitdefender 2015\Antispam32\pmbxie.dll [2015-06-02] (Bitdefender) DPF: HKLM-x32 {A6616B31-4860-41E2-98E3-CA7649AF172F} file:///E:/00%20A%20Temp/001%20USB%20DOking/launch.ocx Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.) Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - No File Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{50F48E8D-CFE6-4E6E-BB98-53B0F9835E00}: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{6016D279-06C1-45A7-B5B4-647B9B6826ED}: [DhcpNameServer] 150.201.1.3 Tcpip\..\Interfaces\{EDFB1538-F0E0-4E62-A777-AE89F68F8592}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\42m9qhu0.default-1437830153415 FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] () FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-02] (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-02] (Oracle Corporation) FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [No File] FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] () FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll [2015-01-06] () FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-07-11] (Google, Inc.) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation) FF Plugin-x32: @mcafee.com/MSC,version=10 -> c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL [No File] FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation) FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll [2013-07-26] (Nitro PDF) FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Extension: My Swisscom Assistant - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\42m9qhu0.default-1437830153415\Extensions\{6A6114A5-EEF5-45F4-BCD1-B00A7B33E04B} [2015-08-02] FF Extension: Open Bookmarks in New Tab - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\42m9qhu0.default-1437830153415\Extensions\openbookmarkintab@piro.sakura.ne.jp.xpi [2015-07-28] FF Extension: Tab Mix Plus - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\42m9qhu0.default-1437830153415\Extensions\{dc572301-7619-498c-a57d-39143191b318}.xpi [2015-07-28] FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-08-08] FF HKLM\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\bdwteff [2015-08-09] FF HKLM-x32\...\Firefox\Extensions: [fmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com FF Extension: Freemake Video Downloader Plugin - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\fmdownloader@gmail.com [2014-04-29] FF HKLM-x32\...\Firefox\Extensions: [ytfmdownloader@gmail.com] - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com FF Extension: Freemake Youtube Download Button - C:\Program Files (x86)\Freemake\Freemake Video Downloader\BrowserPlugin\Firefox\ytfmdownloader@gmail.com [2014-04-29] FF HKLM-x32\...\Firefox\Extensions: [bdwteff@bitdefender.com] - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff FF Extension: Bitdefender Wallet - C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff [2015-08-09] FF HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Firefox\Extensions: [cliqz@cliqz.com] - C:\Users\Marcel\AppData\Roaming\Mozilla\Firefox\Profiles\kwtr2tzx.default\extensions\cliqz@cliqz.com Chrome: ======= CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-10] CHR Extension: (Google Docs) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-10] CHR Extension: (Google Drive) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-10] CHR Extension: (YouTube) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-10] CHR Extension: (Google Search) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-10] CHR Extension: (Google Sheets) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-10] CHR Extension: (Avira Browser Safety) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-10-10] CHR Extension: (avast! Online Security) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-10-10] CHR Extension: (Google Wallet) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-10] CHR Extension: (Gmail) - C:\Users\Marcel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-10] CHR HKLM-x32\...\Chrome\Extension: [fabcmochhfpldjekobfaaggijgohadih] - https://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - https://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [404360 2013-12-21] (Samsung) [File not signed] R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [77128 2015-05-29] (Apple Inc.) R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed] S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 CronService; C:\Windows\Prey\wpxsvc.exe [611854 2015-05-22] (Fork, Ltd.) [File not signed] R2 Crypkey License; C:\windows\system32\crypserv.exe [122880 2008-05-08] (CrypKey (Canada) Ltd.) [File not signed] R2 DisplayLinkService; C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe [9281840 2013-10-11] (DisplayLink Corp.) R2 DptfParticipantProcessorService; C:\Windows\system32\DptfParticipantProcessorService.exe [115632 2013-08-02] (Intel Corporation) R2 DptfPolicyConfigTDPService; C:\Windows\system32\DptfPolicyConfigTDPService.exe [116656 2013-08-02] (Intel Corporation) R2 DptfPolicyCriticalService; C:\Windows\system32\DptfPolicyCriticalService.exe [148688 2013-08-02] (Intel Corporation) R2 DptfPolicyLpmService; C:\Windows\system32\DptfPolicyLpmService.exe [124880 2013-08-02] (Intel Corporation) R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [627712 2014-04-08] (FileZilla Project) [File not signed] S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2014-09-04] (Freemake) [File not signed] R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-05-22] (Ellora Assets Corp.) [File not signed] R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2015-06-16] (SurfRight B.V.) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation) R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [282096 2014-04-15] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-12] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-12] (Intel(R) Corporation) R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management; C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [157128 2013-09-19] (Intel Corporation) R2 ISCTAgent; C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [198120 2013-08-02] () S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [174368 2014-02-28] () R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation) R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584632 2015-03-06] (LENOVO INCORPORATED.) R2 LsvUIService; C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe [70416 2014-03-28] (Lenovo) S3 m2UpdateService_{F8F85656-87B0-43BD-B2BA-3B7982C22B5E}; C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe [12022368 2015-06-03] (Swisscom (Schweiz) AG) R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 NitroReaderDriverReadSpool3; C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [230416 2013-07-26] (Nitro PDF Software) R2 PGService; C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe [163624 2014-01-08] (PointGrab LTD) R2 PhoneCompanionPusher; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe [249872 2014-03-28] (Lenovo) S3 PhoneCompanionVap; C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe [328720 2014-03-28] (Lenovo) S2 Radio.fx; C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe [3999512 2013-06-03] () R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [288472 2013-09-13] (Realtek Semiconductor) R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [616288 2015-03-18] (Copyright 2013 SAMSUNG) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [175752 2015-06-23] (Sandboxie Holdings, LLC) R2 Secunia PSI Agent; C:\Program Files (x86)\Secunia\PSI\PSIA.exe [1229528 2013-12-06] (Secunia) R2 Secunia Update Agent; C:\Program Files (x86)\Secunia\PSI\sua.exe [662232 2013-12-06] (Secunia) R2 UPDATESRV; C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe [67320 2015-04-22] (Bitdefender) R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-03-28] () R2 VSSERV; C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe [1543352 2015-05-25] (Bitdefender) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation) R2 ymc; C:\ProgramData\LenovoTransition\Server\x64\ymc.exe [34576 2014-03-28] (Lenovo) R2 YogaPicks.AppService; C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe [19440 2014-01-07] () S3 McAWFwk; c:\PROGRA~1\COMMON~1\mcafee\actwiz\mcawfwk.exe [X] S4 McOobeSv2; "C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe" /McCoreSvc [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R4 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2015-02-26] () [File not signed] U4 ammntdrv; C:\windows\system32\ammntdrv.sys [151480 2015-02-26] () [File not signed] R0 avc3; C:\Windows\System32\DRIVERS\avc3.sys [1369288 2015-05-28] (BitDefender) R3 avchv; C:\Windows\system32\DRIVERS\avchv.sys [271272 2015-05-29] (BitDefender) R3 avckf; C:\Windows\System32\DRIVERS\avckf.sys [747120 2015-05-28] (BitDefender) S3 AX88772; C:\Windows\system32\DRIVERS\ax88772.sys [113864 2013-07-18] (ASIX Electronics Corp.) S0 bdelam; C:\Windows\System32\drivers\bdelam.sys [23568 2013-09-08] (Bitdefender) R1 bdfwfpf; C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys [115800 2015-05-21] (BitDefender LLC) S3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation) S3 btmaux; C:\Windows\system32\DRIVERS\btmaux.sys [140600 2013-07-23] (Motorola Solutions, Inc.) R3 btmhsf; C:\Windows\system32\DRIVERS\btmhsf.sys [1390904 2013-09-06] (Motorola Solutions, Inc.) R3 DisplayLinkUsbIo_x64; C:\Windows\System32\drivers\DisplayLinkUsbIo_x64_7.4.48800.0.sys [44944 2013-10-07] () R3 dlcdcncm6_x64; C:\Windows\system32\DRIVERS\dlcdcncm6_x64.sys [80688 2013-10-11] (DisplayLink Corp.) R3 dlusbaudio; C:\Windows\system32\DRIVERS\dlusbaudio_x64.sys [203152 2013-10-11] (DisplayLink Corp.) R3 DptfDevPch; C:\Windows\system32\DRIVERS\DptfDevPch.sys [114680 2013-08-02] (Intel Corporation) R3 DptfDevProc; C:\Windows\system32\DRIVERS\DptfDevProc.sys [287160 2013-08-02] (Intel Corporation) R3 DptfManager; C:\Windows\system32\DRIVERS\DptfManager.sys [494272 2013-08-02] (Intel Corporation) R0 gzflt; C:\Windows\System32\DRIVERS\gzflt.sys [160544 2015-02-24] (BitDefender LLC) S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [197704 2013-09-23] (McAfee, Inc.) R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [118728 2013-09-19] (Intel Corporation) R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [21408 2013-08-02] () R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [21920 2013-08-02] () R3 INETMON; C:\windows\System32\Drivers\INETMON.sys [29088 2013-08-02] () R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46568 2013-08-02] () R3 MBAMProtector; C:\windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [113880 2015-08-14] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation) R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-12-19] (Intel Corporation) R3 NETwNb64; C:\Windows\system32\DRIVERS\NETwbw02.sys [3589600 2013-09-19] (Intel Corporation) S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R1 NetworkX; C:\Windows\system32\ckldrv.sys [28664 2008-03-17] () R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.) R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_amd64.sys [18456 2013-12-06] (Secunia) S3 qzozigbn; C:\Windows\System32\Drivers\qzozigbn.sys [423240 2014-05-07] (AVAST Software) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [190088 2015-06-23] (Sandboxie Holdings, LLC) R3 SensorsServiceDriver; C:\Windows\System32\drivers\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation) S3 sidtohjv; C:\Windows\System32\Drivers\sidtohjv.sys [423240 2014-05-04] (AVAST Software) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-08-29] (Synaptics Incorporated) R3 SPUVCbv; C:\Windows\System32\Drivers\SPUVCbv_x64.sys [744928 2015-06-22] (Sunplus) S3 SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [16152 2014-05-07] () R0 trufos; C:\Windows\System32\DRIVERS\trufos.sys [452040 2014-10-15] (BitDefender S.R.L.) R1 veracrypt; C:\Windows\System32\drivers\veracrypt.sys [192344 2015-03-04] (IDRIX) S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink) S3 PCASp60; System32\Drivers\PCASp60.sys [X] S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X] S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-14 18:05 - 2015-08-14 18:06 - 00000000 ____D C:\FRST 2015-08-14 12:10 - 2015-08-14 12:39 - 00000000 ____D C:\ESD 2015-08-10 12:03 - 2015-08-10 12:03 - 00000439 _____ C:\Users\Marcel\AppData\Roaminguser_gensett.xml 2015-08-09 12:45 - 2015-08-09 12:45 - 00454545 _____ C:\ProgramData\1439116924.bdinstall.bin 2015-08-09 12:43 - 2015-08-09 12:49 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Bitdefender 2015-08-09 12:43 - 2015-08-09 12:43 - 00002228 _____ C:\Users\Public\Desktop\Bitdefender Antivirus Plus 2015.lnk 2015-08-09 12:43 - 2015-08-09 12:43 - 00000000 ____H C:\windows\system32\Drivers\Msft_Kernel_avchv_01009.Wdf 2015-08-09 12:43 - 2015-08-09 12:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bitdefender 2015 2015-08-09 12:43 - 2015-08-09 12:43 - 00000000 ____D C:\ProgramData\BDLogging 2015-08-09 12:43 - 2015-05-29 09:50 - 00271272 _____ (BitDefender) C:\windows\system32\Drivers\avchv.sys 2015-08-09 12:43 - 2015-05-28 14:21 - 00747120 _____ (BitDefender) C:\windows\system32\Drivers\avckf.sys 2015-08-09 12:43 - 2015-05-28 13:37 - 01369288 _____ (BitDefender) C:\windows\system32\Drivers\avc3.sys 2015-08-09 12:43 - 2013-09-08 20:04 - 00023568 _____ (Bitdefender) C:\windows\system32\Drivers\bdelam.sys 2015-08-09 12:43 - 2007-04-11 11:11 - 00511328 _____ (Microsoft Corporation) C:\windows\capicom.dll 2015-08-09 12:42 - 2015-08-09 12:45 - 00000000 ____D C:\ProgramData\Bitdefender 2015-08-09 12:42 - 2015-08-09 12:42 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\QuickScan 2015-08-09 12:42 - 2015-08-09 12:42 - 00000000 ____D C:\Program Files\Bitdefender 2015-08-09 12:42 - 2015-02-24 17:52 - 00160544 _____ (BitDefender LLC) C:\windows\system32\Drivers\gzflt.sys 2015-08-09 12:42 - 2014-10-15 17:14 - 00452040 _____ (BitDefender S.R.L.) C:\windows\system32\Drivers\trufos.sys 2015-08-08 19:53 - 2015-08-09 12:42 - 00000000 ____D C:\Program Files\Common Files\Bitdefender 2015-08-08 19:53 - 2015-07-23 11:30 - 00447944 _____ (AVAST Software) C:\windows\system32\Drivers\aswCD1A.tmp 2015-08-08 19:53 - 2015-07-23 11:30 - 00274808 _____ (AVAST Software) C:\windows\system32\Drivers\aswCD1B.tmp 2015-08-08 19:53 - 2015-07-23 11:30 - 00150160 _____ (AVAST Software) C:\windows\system32\Drivers\aswCD5B.tmp 2015-08-08 19:53 - 2015-07-23 11:30 - 00093528 _____ (AVAST Software) C:\windows\system32\Drivers\aswCCA9.tmp 2015-08-08 19:53 - 2015-07-23 11:30 - 00090968 _____ (AVAST Software) C:\windows\system32\Drivers\aswCCF9.tmp 2015-08-08 19:53 - 2015-07-23 11:30 - 00065224 _____ (AVAST Software) C:\windows\system32\Drivers\aswCD0A.tmp 2015-08-08 19:53 - 2015-07-23 11:30 - 00028656 _____ (AVAST Software) C:\windows\system32\Drivers\aswCCE8.tmp 2015-08-08 19:53 - 2015-07-23 11:29 - 01048856 _____ (AVAST Software) C:\windows\system32\Drivers\aswCC89.tmp 2015-08-08 19:53 - 2015-07-23 11:29 - 00115152 _____ (AVAST Software) C:\windows\system32\Drivers\ngvCC58.tmp 2015-08-08 19:53 - 2015-07-23 11:29 - 00028144 _____ (AVAST Software) C:\windows\system32\Drivers\aswCC78.tmp 2015-08-08 18:50 - 2015-08-14 11:53 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox 2015-08-06 11:47 - 2015-08-10 11:36 - 00001024 ____H C:\SYSTAG.BIN 2015-08-06 11:41 - 2015-08-13 18:06 - 00000082 _____ C:\windows\SysWOW64\winsevr.dat 2015-08-06 11:40 - 2015-08-09 13:59 - 00000000 ____D C:\ProgramData\AomeiBR 2015-08-06 11:40 - 2015-02-26 00:00 - 00151480 _____ C:\windows\system32\ammntdrv.sys 2015-08-06 11:40 - 2015-02-26 00:00 - 00030648 _____ C:\windows\system32\ambakdrv.sys 2015-08-06 11:40 - 2015-02-26 00:00 - 00017848 _____ C:\windows\system32\amwrtdrv.sys 2015-08-05 14:59 - 2015-07-29 01:24 - 00025776 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe 2015-08-05 14:59 - 2015-07-28 16:24 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll 2015-08-05 14:59 - 2015-07-28 16:24 - 01116160 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll 2015-08-05 14:59 - 2015-07-28 16:24 - 00774144 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll 2015-08-05 14:59 - 2015-07-28 16:24 - 00743424 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll 2015-08-05 14:59 - 2015-07-28 16:24 - 00437248 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll 2015-08-05 14:59 - 2015-07-28 16:24 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll 2015-08-05 14:59 - 2015-07-19 03:58 - 00136904 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe 2015-08-05 14:59 - 2015-07-18 20:51 - 03704320 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll 2015-08-05 14:59 - 2015-07-18 20:31 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll 2015-08-05 14:59 - 2015-07-18 20:31 - 00095744 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll 2015-08-05 14:59 - 2015-07-18 20:31 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe 2015-08-05 14:59 - 2015-07-18 20:29 - 00409088 _____ (Microsoft Corporation) C:\windows\system32\WUSettingsProvider.dll 2015-08-05 14:59 - 2015-07-18 20:29 - 00124928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll 2015-08-05 14:59 - 2015-07-18 20:29 - 00029696 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe 2015-08-05 14:59 - 2015-07-18 20:28 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll 2015-08-05 14:59 - 2015-07-18 20:12 - 02228736 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll 2015-08-05 14:59 - 2015-07-18 20:10 - 00891904 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll 2015-08-05 14:59 - 2015-07-18 20:09 - 00721920 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll 2015-08-05 14:59 - 2015-06-12 19:03 - 18823680 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll 2015-08-05 14:59 - 2015-06-12 18:36 - 15159296 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll 2015-08-05 14:59 - 2015-06-09 20:27 - 00411133 _____ C:\windows\system32\ApnDatabase.xml 2015-08-05 14:59 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys 2015-08-05 14:59 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys 2015-08-05 14:59 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\windows\system32\rascfg.dll 2015-08-05 14:59 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\windows\SysWOW64\rascfg.dll 2015-08-05 14:59 - 2014-11-17 22:17 - 00672984 _____ (Microsoft Corporation) C:\windows\system32\MDMAgent.exe 2015-08-05 14:59 - 2014-11-17 22:17 - 00273240 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlows.exe 2015-08-05 14:59 - 2014-11-14 08:54 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\SystemSettings.Handlers.dll 2015-08-05 14:59 - 2014-11-14 08:46 - 02171904 _____ (Microsoft Corporation) C:\windows\system32\SystemSettingsAdminFlowUI.dll 2015-08-05 14:58 - 2015-07-14 23:59 - 01113944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys 2015-08-05 14:58 - 2015-07-14 23:59 - 00487256 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll 2015-08-05 14:58 - 2015-07-14 23:59 - 00393560 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll 2015-08-05 14:58 - 2015-06-11 22:12 - 02476376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys 2015-08-05 14:58 - 2015-06-11 22:12 - 00428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS 2015-08-05 14:58 - 2015-06-10 00:39 - 00081920 ____C (Microsoft Corporation) C:\windows\system32\Drivers\BTHUSB.SYS 2015-08-05 14:58 - 2015-06-10 00:39 - 00053248 ____C (Microsoft Corporation) C:\windows\system32\Drivers\bthenum.sys 2015-08-05 14:58 - 2015-06-10 00:38 - 01201664 ____C (Microsoft Corporation) C:\windows\system32\Drivers\bthport.sys 2015-08-05 14:58 - 2015-05-12 02:24 - 00536920 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll 2015-08-05 14:58 - 2015-05-01 03:13 - 06521800 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe 2015-08-05 14:58 - 2015-05-01 03:13 - 01488000 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll 2015-08-05 14:58 - 2015-05-01 03:13 - 00261376 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll 2015-08-05 14:58 - 2014-11-15 21:05 - 00801584 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll 2015-08-05 14:58 - 2014-11-15 08:29 - 00962216 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll 2015-08-05 14:58 - 2014-11-14 08:57 - 01027584 _____ (Microsoft Corporation) C:\windows\system32\MFMediaEngine.dll 2015-08-05 14:58 - 2014-11-14 07:03 - 00885760 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFMediaEngine.dll 2015-08-05 14:58 - 2014-11-10 20:06 - 00473408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys 2015-08-05 14:58 - 2014-11-10 20:06 - 00136512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wfplwfs.sys 2015-08-05 14:58 - 2014-11-10 04:57 - 00096768 _____ (Microsoft Corporation) C:\windows\system32\Drivers\agilevpn.sys 2015-08-05 14:58 - 2014-11-10 03:37 - 00845312 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL 2015-08-05 14:58 - 2014-11-10 03:34 - 01084416 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL 2015-08-05 14:58 - 2014-11-10 03:26 - 00422400 _____ (Microsoft Corporation) C:\windows\system32\FWPUCLNT.DLL 2015-08-05 14:58 - 2014-11-10 03:20 - 00420864 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll 2015-08-05 14:58 - 2014-11-10 03:09 - 00272384 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL 2015-08-05 14:58 - 2014-11-10 03:08 - 00702464 _____ (Microsoft Corporation) C:\windows\system32\rasapi32.dll 2015-08-05 14:58 - 2014-11-10 03:06 - 00713216 _____ (Microsoft Corporation) C:\windows\system32\nshwfp.dll 2015-08-05 14:58 - 2014-11-10 02:57 - 00624640 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasapi32.dll 2015-08-05 14:58 - 2014-11-10 02:57 - 00561664 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll 2015-08-05 14:58 - 2014-11-08 06:00 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndistapi.sys 2015-08-05 14:58 - 2014-11-08 05:58 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rasl2tp.sys 2015-08-05 14:58 - 2014-11-08 05:56 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\kmddsp.tsp 2015-08-05 14:58 - 2014-11-08 05:56 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\rasmxs.dll 2015-08-05 14:58 - 2014-11-08 05:56 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\rasser.dll 2015-08-05 14:58 - 2014-11-08 05:24 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\rasdiag.dll 2015-08-05 14:58 - 2014-11-08 05:13 - 00039424 _____ (Microsoft Corporation) C:\windows\SysWOW64\kmddsp.tsp 2015-08-05 14:58 - 2014-11-08 05:13 - 00033280 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasmxs.dll 2015-08-05 14:58 - 2014-11-08 05:13 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasser.dll 2015-08-05 14:58 - 2014-11-08 04:48 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasdiag.dll 2015-08-05 14:58 - 2014-11-08 04:38 - 00166912 _____ (Microsoft Corporation) C:\windows\system32\AppxAllUserStore.dll 2015-08-05 14:58 - 2014-11-08 04:17 - 00143360 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxAllUserStore.dll 2015-08-05 14:58 - 2014-11-08 04:03 - 00733696 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll 2015-08-05 14:58 - 2014-11-08 03:58 - 04837376 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll 2015-08-05 14:58 - 2014-11-08 03:49 - 01154048 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe 2015-08-05 14:58 - 2014-11-07 05:58 - 00952896 _____ (Microsoft Corporation) C:\windows\system32\mfmp4srcsnk.dll 2015-08-05 14:58 - 2014-11-07 05:20 - 00786120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfmp4srcsnk.dll 2015-08-05 14:58 - 2014-11-05 04:12 - 00211968 _____ (Microsoft Corporation) C:\windows\system32\QSHVHOST.DLL 2015-08-05 14:58 - 2014-11-05 04:12 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\QSVRMGMT.DLL 2015-08-05 14:58 - 2014-11-05 04:06 - 00514048 _____ (Microsoft Corporation) C:\windows\system32\DevicePairing.dll 2015-08-05 14:58 - 2014-11-05 03:44 - 00657920 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll 2015-08-05 14:58 - 2014-11-05 03:43 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll 2015-08-05 14:58 - 2014-11-05 03:41 - 00558080 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll 2015-08-05 14:58 - 2014-11-05 03:39 - 00155648 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSHVHOST.DLL 2015-08-05 14:58 - 2014-11-05 03:39 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSVRMGMT.DLL 2015-08-05 14:58 - 2014-11-05 03:33 - 00465408 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairing.dll 2015-08-05 14:58 - 2014-11-05 03:21 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll 2015-08-05 14:58 - 2014-11-05 03:20 - 00498688 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll 2015-08-05 14:58 - 2014-11-05 03:18 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll 2015-08-05 14:58 - 2014-11-05 03:14 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\WSDMon.dll 2015-08-05 14:58 - 2014-11-05 03:06 - 00555520 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll 2015-08-05 14:58 - 2014-11-04 21:33 - 00058176 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dam.sys 2015-08-05 14:58 - 2014-11-04 08:27 - 00128512 _____ (Microsoft Corporation) C:\windows\splwow64.exe 2015-08-05 14:58 - 2014-11-04 07:01 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\spoolsv.exe 2015-08-05 14:58 - 2014-10-29 05:05 - 00551232 ____C (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys 2015-08-05 14:58 - 2014-10-29 03:55 - 00242176 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll 2015-08-05 14:58 - 2014-10-29 03:13 - 00169984 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll 2015-08-05 14:58 - 2014-10-21 03:59 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\eventcls.dll 2015-08-05 14:58 - 2014-10-21 03:19 - 00015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\eventcls.dll 2015-08-05 14:58 - 2014-10-21 02:50 - 00074752 _____ (Microsoft Corporation) C:\windows\system32\vsstrace.dll 2015-08-05 14:58 - 2014-10-21 02:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\vssapi.dll 2015-08-05 14:58 - 2014-10-21 02:31 - 00055296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vsstrace.dll 2015-08-05 14:58 - 2014-10-21 02:30 - 01454080 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe 2015-08-05 14:58 - 2014-10-21 02:20 - 01142272 _____ (Microsoft Corporation) C:\windows\SysWOW64\vssapi.dll 2015-08-05 14:58 - 2014-10-17 06:56 - 00039744 ____C (Microsoft Corporation) C:\windows\system32\Drivers\intelpep.sys 2015-08-05 14:58 - 2014-10-17 05:35 - 00086336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pdc.sys 2015-08-04 23:56 - 2015-08-04 23:56 - 00000000 _____ C:\Recovery.txt 2015-08-04 17:40 - 2015-08-04 17:47 - 00000000 ____D C:\windows\pss 2015-08-04 16:15 - 2004-06-11 15:33 - 00290304 _____ (Microsoft Corporation) C:\windows\system32\subinacl.exe 2015-08-04 15:49 - 2015-08-04 15:48 - 00000413 _____ C:\windows\system32\reset.cmd 2015-08-04 15:46 - 2015-08-04 15:46 - 00000413 _____ C:\Users\Marcel\reset.cmd 2015-08-04 11:55 - 2015-08-04 11:58 - 00000000 ____D C:\RecImg Snapshots 2015-08-04 11:55 - 2015-08-04 11:55 - 00000000 ____D C:\Users\Marcel\AppData\Local\SlimWare_Utilities,_Inc 2015-08-04 11:55 - 2015-08-04 11:55 - 00000000 ____D C:\Users\Marcel\AppData\Local\SlimWare Utilities, Inc 2015-08-04 11:54 - 2015-08-04 11:54 - 00002489 _____ C:\Users\Public\Desktop\RecImgManager.lnk 2015-08-04 11:54 - 2015-08-04 11:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RecImgManager 2015-08-04 11:54 - 2015-08-04 11:54 - 00000000 ____D C:\Program Files (x86)\RecImg Manager 2015-08-03 16:23 - 2015-08-14 17:57 - 00000884 _____ C:\windows\Tasks\Adobe Flash Player Updater.job 2015-08-03 16:23 - 2015-08-12 09:57 - 00003772 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater 2015-08-02 20:28 - 2015-08-02 20:29 - 00000000 __HDC C:\ProgramData\{6CB5ECC3-726C-4C15-8975-7E16BF2A0EE8} 2015-08-02 20:28 - 2015-08-02 20:28 - 00001446 _____ C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\My Swisscom Assistant.lnk 2015-08-02 20:28 - 2015-08-02 20:28 - 00001426 _____ C:\Users\Public\Desktop\My Swisscom Assistant.lnk 2015-08-02 20:28 - 2015-08-02 20:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Swisscom 2015-08-02 13:29 - 2015-08-02 13:29 - 00001097 _____ C:\Users\Public\Desktop\VLC media player.lnk 2015-08-02 13:16 - 2015-08-02 13:16 - 00000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2015-08-02 13:07 - 2015-08-02 13:07 - 00000451 _____ C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat 2015-08-02 13:07 - 2015-08-02 13:07 - 00000244 _____ C:\windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat 2015-08-02 13:06 - 2015-08-02 13:06 - 00000728 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel(R) HD Graphics Control Panel.lnk 2015-08-02 13:06 - 2015-08-02 13:06 - 00000716 _____ C:\Users\Public\Desktop\Intel(R) HD Graphics Control Panel.lnk 2015-08-02 13:05 - 2014-03-07 09:18 - 00186638 _____ C:\windows\system32\resTHA.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00179511 _____ C:\windows\system32\resELL.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00175392 _____ C:\windows\system32\resRUS.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00161268 _____ C:\windows\system32\resARA.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00160719 _____ C:\windows\system32\resHEB.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00160698 _____ C:\windows\system32\resJPN.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00156105 _____ C:\windows\system32\resFRA.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00156088 _____ C:\windows\system32\resHUN.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00154381 _____ C:\windows\system32\resKOR.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00154314 _____ C:\windows\system32\resITA.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00154287 _____ C:\windows\system32\resDEU.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00154148 _____ C:\windows\system32\resROM.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00154037 _____ C:\windows\system32\resESN.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00153601 _____ C:\windows\system32\resPLK.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00153459 _____ C:\windows\system32\resSKY.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00153260 _____ C:\windows\system32\resNLD.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00152700 _____ C:\windows\system32\resPTB.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00152545 _____ C:\windows\system32\resTRK.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00152536 _____ C:\windows\system32\resCSY.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00152411 _____ C:\windows\system32\resPTG.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00151989 _____ C:\windows\system32\resFIN.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00151552 _____ C:\windows\system32\resHRV.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00151097 _____ C:\windows\system32\resSVE.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00150924 _____ C:\windows\system32\resSLV.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00150001 _____ C:\windows\system32\resNOR.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00149488 _____ C:\windows\system32\resDAN.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00148173 _____ C:\windows\system32\resENU.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00146403 _____ C:\windows\system32\resCHT.cui 2015-08-02 13:05 - 2014-03-07 09:18 - 00145574 _____ C:\windows\system32\resCHS.cui 2015-08-02 13:04 - 2014-04-15 09:45 - 04340720 _____ (Intel Corporation) C:\windows\system32\Gfxv4_0.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 04337136 _____ (Intel Corporation) C:\windows\system32\Gfxv2_0.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 02478768 _____ (Intel Corporation) C:\windows\system32\IntelWiDiVAD64.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00929776 _____ (Intel Corporation) C:\windows\system32\GfxUIEx.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00543728 _____ (Intel Corporation) C:\windows\system32\DPTopologyApp.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00543216 _____ (Intel Corporation) C:\windows\system32\DPTopologyAppv2_0.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00501744 _____ (Intel Corporation) C:\windows\system32\igfxEM.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00440816 _____ (Intel Corporation) C:\windows\system32\igfxTray.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00416240 _____ (Intel Corporation) C:\windows\system32\IntelWiDiUMS64.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00393200 _____ (Intel Corporation) C:\windows\system32\CustomModeApp.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00392688 _____ (Intel Corporation) C:\windows\system32\CustomModeAppv2_0.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00282096 _____ (Intel Corporation) C:\windows\system32\igfxCUIService.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00279024 _____ (Intel Corporation) C:\windows\SysWOW64\IntelCpHeciSvc.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00243696 _____ (Intel Corporation) C:\windows\system32\igfxHK.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00191472 _____ (Intel Corporation) C:\windows\system32\igfxext.exe 2015-08-02 13:04 - 2014-04-15 09:45 - 00153072 _____ (Intel Corporation) C:\windows\system32\difx64.exe 2015-08-02 13:04 - 2014-03-07 09:26 - 00182784 _____ (Intel Corporation) C:\windows\system32\igfxCoIn_v3496.dll 2015-08-02 13:04 - 2014-03-07 09:22 - 00002576 _____ C:\windows\system32\iglhxs64.vp 2015-08-02 13:04 - 2014-03-07 09:21 - 27362968 _____ (Intel Corporation) C:\windows\system32\igd10iumd64.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 27362968 _____ (Intel Corporation) C:\windows\system32\dlumdfb11.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 27362968 _____ (Intel Corporation) C:\windows\system32\dlumdfb10.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 26996776 _____ (Intel Corporation) C:\windows\SysWOW64\igd10iumd32.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 26996776 _____ (Intel Corporation) C:\windows\SysWOW64\dlumdfb11.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 26996776 _____ (Intel Corporation) C:\windows\SysWOW64\dlumdfb10.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 26168168 _____ (Intel Corporation) C:\windows\system32\igdumdim64.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 26168168 _____ (Intel Corporation) C:\windows\system32\dlumdfb9.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 25710824 _____ (Intel Corporation) C:\windows\SysWOW64\igdumdim32.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 25710824 _____ (Intel Corporation) C:\windows\SysWOW64\dlumdfb9.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 01137080 _____ (Intel Corporation) C:\windows\system32\iglhsip64.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 01132960 _____ (Intel Corporation) C:\windows\SysWOW64\iglhsip32.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 00425856 _____ C:\windows\system32\igdmd64.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 00342944 _____ C:\windows\SysWOW64\igdmd32.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 00218808 _____ (Intel Corporation) C:\windows\system32\iglhcp64.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 00187408 _____ (Intel Corporation) C:\windows\system32\igfxcmrt64.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 00183800 _____ (Intel Corporation) C:\windows\SysWOW64\iglhcp32.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 00158032 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmrt32.dll 2015-08-02 13:04 - 2014-03-07 09:21 - 00080312 _____ C:\windows\system32\igfxexps.dll 2015-08-02 13:04 - 2014-03-07 09:18 - 08160256 _____ (Intel Corporation) C:\windows\system32\ig75icd64.dll 2015-08-02 13:04 - 2014-03-07 09:18 - 03729920 _____ (Intel Corporation) C:\windows\system32\Drivers\igdkmd64.sys 2015-08-02 13:04 - 2014-03-07 09:18 - 00223744 _____ C:\windows\system32\igdde64.dll 2015-08-02 13:04 - 2014-03-07 09:18 - 00160256 _____ C:\windows\system32\igdail64.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00734208 _____ (Intel Corporation) C:\windows\system32\MetroIntelGenericUIFramework.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00653824 _____ (Intel Corporation) C:\windows\system32\igfxDH.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00372736 _____ (Intel Corporation) C:\windows\system32\igfxOSP.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00267264 _____ (Intel Corporation) C:\windows\system32\igfxDI.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00254976 _____ C:\windows\system32\igfxCPL.cpl 2015-08-02 13:04 - 2014-03-07 09:17 - 00209920 _____ (Intel Corporation) C:\windows\system32\igfxDTCM.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00151040 _____ (Intel Corporation) C:\windows\system32\igfxLHM.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00069632 _____ ( ) C:\windows\system32\igfxDHLibv2_0.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00068608 _____ C:\windows\system32\igfxCUIServicePS.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00057344 _____ ( ) C:\windows\system32\igfxDHLib.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00010752 _____ ( ) C:\windows\system32\igfxDILib.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00010240 _____ ( ) C:\windows\system32\igfxEMLibv2_0.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00010240 _____ ( ) C:\windows\system32\igfxEMLib.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00010240 _____ ( ) C:\windows\system32\igfxDILibv2_0.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00005120 _____ ( ) C:\windows\system32\igfxLHMLibv2_0.dll 2015-08-02 13:04 - 2014-03-07 09:17 - 00005120 _____ ( ) C:\windows\system32\igfxLHMLib.dll 2015-08-02 13:04 - 2014-03-07 09:15 - 06448128 _____ (Intel Corporation) C:\windows\SysWOW64\ig75icd32.dll 2015-08-02 13:04 - 2014-03-07 09:14 - 00183296 _____ C:\windows\SysWOW64\igdde32.dll 2015-08-02 13:04 - 2014-03-07 09:14 - 00142848 _____ C:\windows\SysWOW64\igdail32.dll 2015-08-02 13:04 - 2014-03-07 09:14 - 00068608 _____ C:\windows\SysWOW64\igfxexps32.dll 2015-08-02 13:04 - 2014-03-07 09:08 - 18028544 _____ (Intel Corporation) C:\windows\SysWOW64\igdfcl32.dll 2015-08-02 13:04 - 2014-03-07 09:08 - 01555456 _____ (Intel Corporation) C:\windows\SysWOW64\igdrcl32.dll 2015-08-02 13:04 - 2014-03-07 09:08 - 00291840 _____ (Intel Corporation) C:\windows\SysWOW64\igdbcl32.dll 2015-08-02 13:04 - 2014-03-07 09:08 - 00265216 _____ (Intel Corporation) C:\windows\SysWOW64\IntelOpenCL32.dll 2015-08-02 13:04 - 2014-03-07 09:07 - 23046144 _____ (Intel Corporation) C:\windows\system32\igdfcl64.dll 2015-08-02 13:04 - 2014-03-07 09:07 - 01673728 _____ (Intel Corporation) C:\windows\system32\igdrcl64.dll 2015-08-02 13:04 - 2014-03-07 09:07 - 00330752 _____ (Intel Corporation) C:\windows\system32\igdbcl64.dll 2015-08-02 13:04 - 2014-03-07 09:07 - 00320512 _____ (Intel Corporation) C:\windows\system32\IntelOpenCL64.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 04011168 _____ (Intel Corporation) C:\windows\system32\IntelWiDiAAC64.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 02020864 _____ (Intel Corporation) C:\windows\system32\igfxcmjit64.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 01753088 _____ (Intel Corporation) C:\windows\SysWOW64\igfxcmjit32.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 01455264 _____ (Intel Corporation) C:\windows\system32\IntelWiDiSecureSourceFilter64.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 00790688 _____ (Intel Corporation) C:\windows\system32\IntelWiDiWinNextAgent64.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 00646304 _____ (Intel Corporation) C:\windows\system32\IntelWiDiAudioFilter64.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 00603296 _____ (Intel Corporation) C:\windows\system32\IntelWiDiMux64.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 00344736 _____ (Intel Corporation) C:\windows\system32\IntelWiDiSilenceFilter64.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 00210592 _____ (Intel Corporation) C:\windows\system32\IntelWiDiUtils64.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 00182784 _____ (Intel Corporation) C:\windows\system32\igfx11cmrt64.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 00177824 _____ (Intel Corporation) C:\windows\system32\IntelWiDiDDEAgent64.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 00155136 _____ (Intel Corporation) C:\windows\SysWOW64\igfx11cmrt32.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 00128672 _____ (Intel Corporation) C:\windows\system32\IntelWiDiMCUMD64.dll 2015-08-02 13:04 - 2014-03-07 08:59 - 00094368 _____ (Intel Corporation) C:\windows\system32\IntelWiDiLogServer64.dll 2015-08-01 12:12 - 2015-08-14 18:00 - 00000482 _____ C:\windows\Tasks\ParetoLogic Registration3.job 2015-08-01 12:12 - 2015-08-01 12:12 - 00003128 _____ C:\windows\System32\Tasks\ParetoLogic Registration3 2015-08-01 12:12 - 2015-08-01 12:12 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\ParetoLogic 2015-08-01 12:12 - 2015-08-01 12:12 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\DriverCure 2015-08-01 12:11 - 2015-08-14 10:43 - 00000508 _____ C:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job 2015-08-01 12:11 - 2015-08-02 10:28 - 00000456 _____ C:\windows\Tasks\ParetoLogic Update Version3.job 2015-08-01 12:11 - 2015-08-01 12:18 - 00000000 ____D C:\ProgramData\ParetoLogic 2015-08-01 12:11 - 2015-08-01 12:12 - 00003250 _____ C:\windows\System32\Tasks\ParetoLogic Update Version3 2015-08-01 12:11 - 2015-08-01 12:12 - 00002916 _____ C:\windows\System32\Tasks\ParetoLogic Update Version3 Startup Task 2015-07-26 10:55 - 2015-07-26 10:55 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie 2015-07-23 11:43 - 2015-07-23 11:43 - 00000247 _____ C:\windows\system32\2015-07-23-09-43-53.085-aswFe.exe-3804.log 2015-07-23 11:41 - 2015-07-23 11:43 - 00000247 _____ C:\windows\system32\2015-07-23-09-41-13.081-aswFe.exe-9512.log 2015-07-23 11:41 - 2015-07-23 11:41 - 00000197 _____ C:\windows\system32\2015-07-23-09-41-11.086-AvastVBoxSVC.exe-16680.log 2015-07-23 11:34 - 2015-07-23 11:34 - 00000197 _____ C:\windows\system32\2015-07-23-09-34-30.052-AvastVBoxSVC.exe-14416.log 2015-07-23 11:34 - 2015-07-23 11:34 - 00000197 _____ C:\windows\system32\2015-07-23-09-34-05.007-AvastVBoxSVC.exe-8076.log 2015-07-23 11:32 - 2015-07-23 11:32 - 00000197 _____ C:\windows\system32\2015-07-23-09-32-39.008-AvastVBoxSVC.exe-18932.log 2015-07-23 11:29 - 2015-07-23 11:29 - 00043112 _____ (AVAST Software) C:\windows\avastSS.scr 2015-07-21 14:58 - 2015-07-14 16:14 - 00358912 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll 2015-07-21 14:58 - 2015-07-14 16:14 - 00301056 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll 2015-07-21 14:58 - 2015-07-14 16:14 - 00035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll 2015-07-21 14:58 - 2015-07-14 16:13 - 00044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll 2015-07-21 10:25 - 2015-07-21 10:25 - 00002266 _____ C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Screenpresso.lnk 2015-07-18 11:03 - 2015-07-18 11:03 - 00000197 _____ C:\windows\system32\2015-07-18-09-03-12.008-AvastVBoxSVC.exe-5080.log 2015-07-16 09:07 - 2015-06-27 01:21 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll 2015-07-16 09:07 - 2015-05-12 15:19 - 00294912 _____ (Microsoft Corporation) C:\windows\system32\SystemEventsBrokerServer.dll 2015-07-16 09:07 - 2015-05-07 19:50 - 22292672 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll 2015-07-16 09:07 - 2015-05-07 19:00 - 03109376 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll 2015-07-16 09:07 - 2015-05-07 18:53 - 19734960 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll 2015-07-16 09:07 - 2015-05-07 18:12 - 02706432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll 2015-07-16 09:07 - 2015-05-07 17:21 - 00522240 _____ (Microsoft Corporation) C:\windows\system32\GeofenceMonitorService.dll 2015-07-16 09:07 - 2015-05-07 17:05 - 00367104 _____ (Microsoft Corporation) C:\windows\SysWOW64\GeofenceMonitorService.dll 2015-07-16 09:07 - 2015-05-03 17:09 - 00274944 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll 2015-07-16 09:07 - 2015-05-03 16:58 - 00210944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll 2015-07-16 09:07 - 2015-05-03 16:55 - 00971776 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll 2015-07-16 09:07 - 2015-05-03 16:49 - 00811008 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll 2015-07-16 09:07 - 2015-05-03 02:39 - 00227328 _____ (Microsoft Corporation) C:\windows\system32\profsvc.dll 2015-07-16 09:07 - 2015-04-30 01:22 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\WiFiDisplay.dll 2015-07-16 09:07 - 2015-04-28 15:13 - 00513480 _____ C:\windows\SysWOW64\locale.nls 2015-07-16 09:07 - 2015-04-28 15:13 - 00513480 _____ C:\windows\system32\locale.nls 2015-07-16 09:07 - 2015-04-25 04:25 - 00020992 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usb8023.sys 2015-07-16 09:07 - 2014-11-04 21:25 - 00059712 ____C (Microsoft Corporation) C:\windows\system32\Drivers\kbdclass.sys 2015-07-16 09:07 - 2014-11-04 21:25 - 00051008 ____C (Microsoft Corporation) C:\windows\system32\Drivers\mouclass.sys 2015-07-16 09:07 - 2014-11-04 08:55 - 00026112 ____C (Microsoft Corporation) C:\windows\system32\Drivers\sermouse.sys 2015-07-16 09:07 - 2014-11-04 08:54 - 00108544 ____C (Microsoft Corporation) C:\windows\system32\Drivers\i8042prt.sys 2015-07-16 09:07 - 2014-11-04 08:54 - 00032256 ____C (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys 2015-07-16 09:07 - 2014-11-04 08:54 - 00030208 ____C (Microsoft Corporation) C:\windows\system32\Drivers\mouhid.sys 2015-07-16 09:06 - 2015-05-11 18:34 - 00332800 _____ (Microsoft Corporation) C:\windows\system32\fhcpl.dll 2015-07-16 09:06 - 2015-05-03 17:07 - 07784448 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll 2015-07-16 09:06 - 2015-05-03 16:57 - 05264384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll 2015-07-16 09:06 - 2015-04-23 17:47 - 03084288 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll 2015-07-16 09:06 - 2015-04-23 17:16 - 02471424 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll 2015-07-15 20:31 - 2015-07-15 20:31 - 00000197 _____ C:\windows\system32\2015-07-15-18-31-24.055-AvastVBoxSVC.exe-5388.log 2015-07-15 20:30 - 2015-07-15 20:30 - 01003064 _____ C:\windows\Minidump\071515-19171-01.dmp 2015-07-15 15:43 - 2015-07-23 16:40 - 00000000 ____D C:\Users\Marcel\dwhelper 2015-07-15 09:32 - 2015-07-02 00:08 - 05923840 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll 2015-07-15 09:32 - 2015-07-01 23:14 - 04520448 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll 2015-07-15 09:32 - 2015-06-28 07:07 - 00442712 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll 2015-07-15 09:32 - 2015-06-28 07:07 - 00178008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys 2015-07-15 09:32 - 2015-06-28 07:06 - 01311960 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll 2015-07-15 09:32 - 2015-06-28 07:06 - 00332120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll 2015-07-15 09:32 - 2015-06-27 18:42 - 00747520 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll 2015-07-15 09:32 - 2015-06-27 05:13 - 00202240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys 2015-07-15 09:32 - 2015-06-27 05:12 - 00401408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys 2015-07-15 09:32 - 2015-06-27 05:12 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys 2015-07-15 09:32 - 2015-06-27 04:40 - 00445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll 2015-07-15 09:32 - 2015-06-27 04:05 - 01441792 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll 2015-07-15 09:32 - 2015-06-27 04:00 - 00989184 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll 2015-07-15 09:32 - 2015-06-27 03:53 - 00324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll 2015-07-15 09:32 - 2015-06-27 03:26 - 00802816 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll 2015-07-15 09:32 - 2015-06-25 04:31 - 04177920 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys 2015-07-15 09:32 - 2015-06-16 00:41 - 00065024 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe 2015-07-15 09:32 - 2015-06-16 00:24 - 03320320 _____ (Microsoft Corporation) C:\windows\system32\msi.dll 2015-07-15 09:32 - 2015-06-15 23:16 - 00059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe 2015-07-15 09:32 - 2015-06-15 23:09 - 03607552 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll 2015-07-15 09:32 - 2015-06-15 22:50 - 02774528 _____ (Microsoft Corporation) C:\windows\system32\authui.dll 2015-07-15 09:32 - 2015-06-15 21:57 - 02460160 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll 2015-07-15 09:32 - 2015-05-30 23:18 - 00037888 _____ (Microsoft Corporation) C:\windows\system32\werdiagcontroller.dll 2015-07-15 09:32 - 2015-05-30 21:36 - 00230400 _____ (Microsoft Corporation) C:\windows\system32\AudioEndpointBuilder.dll 2015-07-15 09:32 - 2015-05-30 21:35 - 00911360 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll 2015-07-15 09:31 - 2015-07-09 20:40 - 00359936 _____ (Microsoft Corporation) C:\windows\system32\WinSetupUI.dll 2015-07-15 09:31 - 2015-07-02 23:21 - 19877376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll 2015-07-15 09:31 - 2015-07-02 22:50 - 02279424 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll 2015-07-15 09:31 - 2015-07-02 22:49 - 25193984 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll 2015-07-15 09:31 - 2015-07-02 22:23 - 02885632 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll 2015-07-15 09:31 - 2015-07-02 22:19 - 12855296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll 2015-07-15 09:31 - 2015-07-02 21:55 - 01310720 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll 2015-07-15 09:31 - 2015-07-02 21:20 - 14453248 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll 2015-07-15 09:31 - 2015-07-02 20:59 - 01545728 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll 2015-07-15 09:31 - 2015-06-27 05:08 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\wups.dll 2015-07-15 09:31 - 2015-06-27 05:08 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll 2015-07-15 09:31 - 2015-06-27 04:14 - 00027136 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll 2015-07-15 09:30 - 2015-06-16 07:36 - 01661576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll 2015-07-15 09:30 - 2015-06-16 07:36 - 01212248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll 2015-07-15 09:30 - 2015-06-16 00:39 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll 2015-07-15 09:30 - 2015-06-16 00:38 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll 2015-07-15 09:30 - 2015-06-16 00:26 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll 2015-07-15 09:30 - 2015-06-16 00:24 - 00816640 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll 2015-07-15 09:30 - 2015-06-16 00:02 - 00087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx 2015-07-15 09:30 - 2015-06-15 23:58 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll 2015-07-15 09:30 - 2015-06-15 23:57 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll 2015-07-15 09:30 - 2015-06-15 23:56 - 00145408 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll 2015-07-15 09:30 - 2015-06-15 23:55 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll 2015-07-15 09:30 - 2015-06-15 23:49 - 01032704 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll 2015-07-15 09:30 - 2015-06-15 23:41 - 00262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll 2015-07-15 09:30 - 2015-06-15 23:38 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll 2015-07-15 09:30 - 2015-06-15 23:36 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl 2015-07-15 09:30 - 2015-06-15 23:17 - 02880000 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll 2015-07-15 09:30 - 2015-06-15 23:16 - 02427392 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll 2015-07-15 09:30 - 2015-06-15 23:15 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll 2015-07-15 09:30 - 2015-06-15 23:13 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll 2015-07-15 09:30 - 2015-06-15 23:04 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll 2015-07-15 09:30 - 2015-06-15 23:03 - 00664064 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll 2015-07-15 09:30 - 2015-06-15 22:52 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll 2015-07-15 09:30 - 2015-06-15 22:47 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx 2015-07-15 09:30 - 2015-06-15 22:44 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll 2015-07-15 09:30 - 2015-06-15 22:43 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll 2015-07-15 09:30 - 2015-06-15 22:42 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\iepeers.dll 2015-07-15 09:30 - 2015-06-15 22:41 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll 2015-07-15 09:30 - 2015-06-15 22:37 - 00880128 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll 2015-07-15 09:30 - 2015-06-15 22:32 - 00230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll 2015-07-15 09:30 - 2015-06-15 22:31 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll 2015-07-15 09:30 - 2015-06-15 22:30 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl 2015-07-15 09:30 - 2015-06-15 22:30 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll 2015-07-15 09:30 - 2015-06-15 22:17 - 01048576 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll 2015-07-15 09:30 - 2015-06-15 22:07 - 01951232 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll 2015-07-15 09:30 - 2015-06-15 22:02 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll 2015-07-15 09:30 - 2015-06-11 05:49 - 01380600 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll 2015-07-15 09:30 - 2015-06-10 18:13 - 01097216 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll 2015-07-15 09:30 - 2015-05-07 18:47 - 00564224 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-14 18:02 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\sru 2015-08-14 17:17 - 2014-04-22 15:38 - 00003922 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{F5291F67-CB16-4602-A1AA-B673A0FBD3F7} 2015-08-14 17:08 - 2014-11-11 11:17 - 00113880 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-14 12:32 - 2014-04-30 12:43 - 00000000 ____D C:\Users\Marcel\AppData\Local\CrashDumps 2015-08-14 12:02 - 2014-03-28 09:27 - 00010270 _____ C:\windows\system32\perfh00C.dat 2015-08-14 12:02 - 2014-03-28 09:27 - 00006782 _____ C:\windows\system32\perfc00C.dat 2015-08-14 12:02 - 2014-03-28 09:24 - 04473654 _____ C:\windows\system32\perfh007.dat 2015-08-14 12:02 - 2014-03-28 09:24 - 01477310 _____ C:\windows\system32\perfc007.dat 2015-08-14 12:02 - 2013-10-07 20:27 - 00338778 _____ C:\windows\system32\PerfStringBackup.INI 2015-08-14 10:55 - 2014-03-28 08:56 - 00000000 ____D C:\windows\System32\Tasks\Lenovo 2015-08-14 10:43 - 2014-04-22 15:14 - 00000000 ___DO C:\Users\Marcel\SkyDrive 2015-08-14 10:42 - 2013-08-22 16:46 - 00000509 _____ C:\windows\setupact.log 2015-08-13 18:12 - 2014-11-03 09:50 - 00001908 _____ C:\windows\diagwrn.xml 2015-08-13 18:12 - 2014-11-03 09:50 - 00001908 _____ C:\windows\diagerr.xml 2015-08-13 18:11 - 2013-08-22 16:46 - 00000000 _____ C:\windows\setuperr.log 2015-08-13 11:27 - 2014-04-22 15:13 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3121602427-3534730855-1075997385-1001 2015-08-12 08:52 - 2014-03-28 08:34 - 01093141 _____ C:\windows\WindowsUpdate.log 2015-08-11 10:04 - 2015-06-20 09:24 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Skype 2015-08-10 12:01 - 2015-07-10 15:39 - 00000000 ____D C:\$Windows.~BT 2015-08-09 23:09 - 2014-04-22 16:42 - 00034416 _____ C:\windows\Q-Dir.ini 2015-08-09 15:43 - 2014-11-29 16:56 - 00001988 _____ C:\windows\Sandboxie.ini 2015-08-09 15:43 - 2013-08-22 17:36 - 00000000 ____D C:\windows\AppReadiness 2015-08-09 15:01 - 2014-10-15 11:32 - 00000435 _____ C:\windows\system32\Drivers\etc\hosts.ics 2015-08-09 12:48 - 2014-04-22 15:08 - 00000000 ____D C:\Users\Marcel\AppData\Local\Packages 2015-08-09 12:45 - 2013-08-22 15:25 - 00262144 ___SH C:\windows\system32\config\ELAM 2015-08-09 12:40 - 2014-10-20 15:14 - 00000000 ____D C:\Program Files (x86)\SpywareBlaster 2015-08-09 12:39 - 2014-04-22 15:41 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2015-08-08 21:54 - 2014-04-22 15:08 - 00000000 ____D C:\Users\Marcel 2015-08-08 19:16 - 2013-10-07 21:23 - 00000000 ____D C:\windows\Panther 2015-08-08 18:46 - 2013-08-22 17:36 - 00000000 ____D C:\windows\rescache 2015-08-08 18:26 - 2014-10-03 09:02 - 00038539 _____ C:\windows\errord.log 2015-08-08 18:26 - 2014-10-03 09:02 - 00011656 _____ C:\windows\error.log 2015-08-08 18:26 - 2013-08-22 16:45 - 00000006 ____H C:\windows\Tasks\SA.DAT 2015-08-05 15:01 - 2014-03-28 08:55 - 00020992 _____ C:\windows\system32\VfService.trf 2015-08-05 15:01 - 2013-08-22 17:36 - 00000000 ____D C:\windows\SysWOW64\setup 2015-08-05 15:01 - 2013-08-22 17:36 - 00000000 ____D C:\windows\system32\setup 2015-08-05 15:01 - 2013-08-22 15:25 - 00524288 ___SH C:\windows\system32\config\BBI 2015-08-05 15:00 - 2014-12-11 20:35 - 00000000 ____D C:\windows\system32\appraiser 2015-08-05 15:00 - 2014-07-09 18:28 - 00000000 ___SD C:\windows\system32\CompatTel 2015-08-05 15:00 - 2014-03-28 08:46 - 00000000 ____D C:\Program Files (x86)\Lenovo EasyCamera 2015-08-05 15:00 - 2013-08-22 17:20 - 00000000 ____D C:\windows\CbsTemp 2015-08-04 18:59 - 2013-08-22 16:44 - 00499656 _____ C:\windows\system32\FNTCACHE.DAT 2015-08-04 17:01 - 2014-04-29 08:23 - 00128536 _____ C:\Users\Marcel\AppData\Local\GDIPFONTCACHEV1.DAT 2015-08-04 16:13 - 2014-04-20 09:09 - 00000000 ____D C:\MADProg 2015-08-04 16:13 - 2014-04-20 09:08 - 00000000 ____D C:\MADDaten 2015-08-04 13:17 - 2014-11-16 13:52 - 00000000 ____D C:\Program Files\WinRAR 2015-08-04 13:17 - 2013-10-07 20:23 - 00916760 _____ C:\windows\PFRO.log 2015-08-03 16:23 - 2014-04-29 09:30 - 00000000 ____D C:\Users\Marcel\AppData\Local\Adobe 2015-08-02 20:29 - 2014-05-15 08:24 - 00000000 ____D C:\Users\Marcel\AppData\Local\Swisscom 2015-08-02 13:32 - 2014-11-16 13:52 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-08-02 13:32 - 2014-11-16 13:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2015-08-02 13:30 - 2015-06-20 09:24 - 00000000 ____D C:\ProgramData\Skype 2015-08-02 13:28 - 2015-05-08 09:04 - 00110688 _____ (Oracle Corporation) C:\windows\system32\WindowsAccessBridge-64.dll 2015-08-02 13:28 - 2014-04-22 16:34 - 00000000 ____D C:\Program Files\Java 2015-08-02 13:07 - 2014-03-28 08:46 - 00016586 _____ C:\windows\system32\results.xml 2015-08-02 13:06 - 2014-03-28 08:43 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2015-08-02 12:34 - 2014-04-22 17:41 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Nitro PDF 2015-08-01 16:10 - 2013-08-22 17:36 - 00000000 ____D C:\windows\LiveKernelReports 2015-08-01 11:26 - 2014-04-29 10:05 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\vlc 2015-08-01 10:14 - 2015-05-22 18:34 - 00000000 ____D C:\windows\Prey 2015-07-28 18:01 - 2014-11-16 13:25 - 00000000 ____D C:\windows\SysWOW64\vbox 2015-07-28 18:01 - 2014-11-16 13:25 - 00000000 ____D C:\windows\system32\vbox 2015-07-28 16:18 - 2015-02-12 18:45 - 00026830 _____ C:\windows\BRRBCOM.INI 2015-07-25 17:27 - 2015-06-22 18:03 - 00000000 ___SD C:\windows\system32\GWX 2015-07-21 16:46 - 2014-04-22 16:42 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Q-Dir 2015-07-21 10:25 - 2014-04-22 18:34 - 00000000 ____D C:\Users\Marcel\AppData\Roaming\Learnpulse 2015-07-21 10:25 - 2014-04-22 18:34 - 00000000 ____D C:\Users\Marcel\AppData\Local\Learnpulse 2015-07-18 11:02 - 2015-06-22 18:03 - 00000000 ___SD C:\windows\SysWOW64\GWX 2015-07-18 11:02 - 2013-08-22 17:36 - 00000000 ___RD C:\windows\ToastData 2015-07-18 11:02 - 2013-08-22 17:36 - 00000000 ____D C:\windows\WinStore 2015-07-17 08:21 - 2014-04-28 20:40 - 00000000 ____D C:\windows\system32\MRT 2015-07-15 20:30 - 2014-12-01 08:08 - 836132610 _____ C:\windows\MEMORY.DMP 2015-07-15 20:30 - 2014-12-01 08:08 - 00000000 ____D C:\windows\Minidump 2015-07-15 16:41 - 2014-04-22 16:37 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-07-15 16:40 - 2015-06-10 07:40 - 00003886 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-15 14:30 - 2014-12-04 10:22 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieBrowserModeList 2015-07-15 14:30 - 2014-06-18 12:05 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieUserList 2015-07-15 14:30 - 2014-06-18 12:05 - 00000000 __SHD C:\Users\Marcel\AppData\Local\EmieSiteList 2015-07-15 13:38 - 2014-04-22 17:16 - 00000000 ____D C:\ProgramData\Microsoft Help ==================== Files in the root of some directories ======= 2014-04-22 15:09 - 2014-05-07 10:29 - 0012595 _____ () C:\Users\Marcel\AppData\Roaming\AbsoluteReminder.xml 2014-11-16 11:22 - 2014-11-16 11:22 - 126784568 ____H (AVAST Software) C:\Users\Marcel\AppData\Roaming\avast_internet_security_setup.exe 2014-12-13 17:00 - 2014-12-13 17:00 - 0031794 _____ () C:\Users\Marcel\AppData\Local\13E5D428_stp.CIS 2014-12-13 17:00 - 2014-12-13 17:00 - 0000289 _____ () C:\Users\Marcel\AppData\Local\13E5D428_stp.CIS.part 2014-12-13 17:00 - 2014-12-13 17:00 - 0382062 _____ () C:\Users\Marcel\AppData\Local\6AC3B58C_stp.CIS 2014-12-13 17:00 - 2014-12-13 17:00 - 0000220 _____ () C:\Users\Marcel\AppData\Local\6AC3B58C_stp.CIS.part 2014-06-11 10:04 - 2014-07-02 10:32 - 0007680 _____ () C:\Users\Marcel\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-02-11 12:53 - 2015-02-11 12:53 - 0004096 ____H () C:\Users\Marcel\AppData\Local\keyfile3.drm 2015-03-22 18:50 - 2015-03-22 18:50 - 0000871 _____ () C:\Users\Marcel\AppData\Local\recently-used.xbel 2014-05-15 10:31 - 2014-06-03 08:14 - 0000369 _____ () C:\Users\Marcel\AppData\Local\RegisteredPackageInformation.xml 2015-08-09 12:45 - 2015-08-09 12:45 - 0454545 _____ () C:\ProgramData\1439116924.bdinstall.bin 2014-03-28 08:41 - 2014-03-28 08:41 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Some files in TEMP: ==================== C:\Users\Marcel\AppData\Local\Temp\csrv.exe C:\Users\Marcel\AppData\Local\Temp\HitmanPro.exe C:\Users\Marcel\AppData\Local\Temp\i4jdel0.exe C:\Users\Marcel\AppData\Local\Temp\nitro_reader3_64.exe C:\Users\Marcel\AppData\Local\Temp\SamsungAPInstaller_1415178276085.exe C:\Users\Marcel\AppData\Local\Temp\SamsungAPInstaller_1415343713558.exe C:\Users\Marcel\AppData\Local\Temp\SamsungAPInstaller_1418886064591.exe C:\Users\Marcel\AppData\Local\Temp\SamsungAPInstaller_1424932415429.exe C:\Users\Marcel\AppData\Local\Temp\SamsungAPInstaller_1427180742043.exe C:\Users\Marcel\AppData\Local\Temp\SandboxieInstall.exe C:\Users\Marcel\AppData\Local\Temp\ScreenpressoUpd.exe C:\Users\Marcel\AppData\Local\Temp\_is56E0.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\explorer.exe => File is digitally signed C:\windows\SysWOW64\explorer.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\SysWOW64\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\SysWOW64\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\SysWOW64\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\dnsapi.dll => File is digitally signed C:\windows\SysWOW64\dnsapi.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-08-10 12:24 ==================== End of log ============================ |
|
14.08.2015, 17:11
| #4 |
| | Behinderung durch Trojaner? [CODE]Additional FRST Logfile: Code:
ATTFilter scan result of Farbar Recovery Scan Tool (x64) Version:13-08-2015
Ran by Marcel (2015-08-14 18:07:08)
Running from F:\90 Daten Systemordner\Downloads_sys
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3121602427-3534730855-1075997385-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-3121602427-3534730855-1075997385-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3121602427-3534730855-1075997385-1003 - Limited - Enabled)
Marcel (S-1-5-21-3121602427-3534730855-1075997385-1001 - Administrator - Enabled) => C:\Users\Marcel
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4K Video Downloader 3.5 (HKLM-x32\...\4K Video Downloader_is1) (Version: 3.5.6.1730 - Open Media LLC)
7-Zip 9.22 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0922-000001000000}) (Version: 9.22.00.0 - Igor Pavlov)
Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)
Adobe Photoshop Album 2.0 Starter Edition (HKLM-x32\...\{11B569C2-4BF6-4ED0-9D17-A4273943CB24}) (Version: 2.00.100 - Adobe Systems, Inc.)
Adobe Reader XI (11.0.12) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.12 - Adobe Systems Incorporated)
AllShare Framework DMS (HKLM\...\{83232C27-8C3F-44A5-9EB2-BB7161228ADD}) (Version: 1.3.23 - Samsung)
Apple Application Support (32-Bit) (HKLM-x32\...\{7FE25256-B7C1-480D-B736-10A67A833AEA}) (Version: 3.2 - Apple Inc.)
Apple Application Support (64-Bit) (HKLM\...\{B255D495-4734-4E9B-B4F5-96702FD4A7B9}) (Version: 3.2 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{5D61F006-168C-4B8B-B7FD-F113C10AE0E4}) (Version: 8.2.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Wireless Router Device Discovery Utility (HKLM-x32\...\{09CDCA35-23FF-4ED6-AFDA-BBD55235CE4B}) (Version: 1.4.6.5 - ASUS)
Belarc Advisor 8.4 (HKLM-x32\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
Bitdefender Antivirus Plus 2015 (HKLM\...\Bitdefender) (Version: 19.1.0.115 - Bitdefender)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Brother MFL-Pro Suite MFC-9440CN (HKLM-x32\...\{C83FB11D-9EC6-49D7-99A7-DDDB2264883C}) (Version: 2.0.0.0 - Brother Industries, Ltd.)
Brother MFL-Pro Suite MFC-J5620DW (HKLM-x32\...\{7FC49664-DAA4-4E7C-ADD0-614ABB43691B}) (Version: 1.0.5.0 - Brother Industries, Ltd.)
Brother Product Research and Support Program (HKLM-x32\...\{8040527F-DD74-4B45-8A06-C4BF145B6C76}) (Version: 2.1.0.0000 - Brother Industries, Ltd.)
Cliqz (HKLM-x32\...\{5A0C0737-6AFE-4DC6-A8B4-6DFE509ACD75}_is1) (Version: 0.5.22 - Cliqz.com)
Compatibility Pack für 2007 Office System (HKLM-x32\...\{90120000-0020-0407-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
CyberLink PowerDirector 10 (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
Dependency Package Update (Version: 1.6.25.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (Version: 1.6.36.00 - Lenovo Inc.) Hidden
Dependency Package Update (x32 Version: 1.6.32.00 - Lenovo Group Limited) Hidden
DisplayLink Core Software (HKLM\...\{BB07E020-7224-4EC3-864E-2AA0BF42A7DD}) (Version: 7.4.51572.0 - DisplayLink Corp.)
Dolby Digital Plus Home Theater (HKLM\...\{7E3D8FA1-6092-469A-955B-68FC4A2C67CA}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
DriveImage XML (Private Edition) (HKLM-x32\...\{F7E1CA14-B39D-452A-960B-39423DDDD933}) (Version: 2.50.000 - Runtime Software)
E-Finance Java (HKLM-x32\...\E-Finance Java) (Version: 1.0.0.0 - PostFinance)
eLohnausweis SSK Uninstaller (HKLM-x32\...\{34F301D7-88EA-4DE2-846B-E9F9F188107C}_is1) (Version: - DV Bern AG)
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.0.1.51 - Lenovo)
Energy Manager (x32 Version: 1.0.1.51 - Lenovo) Hidden
eTax.zug 2013 jP 1.0.0 (HKLM-x32\...\9994-2633-2807-7220) (Version: 1.0.0 - Information Factory AG)
eTax.zug 2014 jP 1.0.0 (HKLM-x32\...\8321-3702-0421-0790) (Version: 1.0.0 - Information Factory AG)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.44 - FileZilla Project)
FreeFileSync 7.0 (HKLM-x32\...\FreeFileSync) (Version: 7.0 - www.FreeFileSync.org)
Freemake Video Converter Version 4.1.4 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.4 - Ellora Assets Corporation)
Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.7.0 - Ellora Assets Corporation)
FreeMind (HKLM-x32\...\B991B020-2968-11D8-AF23-444553540000_is1) (Version: 1.0.1 - )
GIMP 2.8.14 (HKLM\...\GIMP-2_is1) (Version: 2.8.14 - The GIMP Team)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.242 - SurfRight B.V.)
ICP Basis 7.00 (HKLM-x32\...\ICP Basis 7.00) (Version: - )
inSSIDer Home (HKLM-x32\...\{9E54E4AE-B67A-4925-8E92-0E1F9817FD73}) (Version: 3.1.2.1 - MetaGeek, LLC)
Intel Experience Center - Configuration (x32 Version: 1.9.0.8 - Intel) Hidden
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\FFD10ECE-F715-4a86-9BD8-F6F47DA5DA1C) (Version: 7.1.0.2103 - Intel Corporation)
Intel(R) Experience Center Desktop Software (HKLM-x32\...\{85de612b-ee05-476a-87cc-52e5740de420}) (Version: 1.9.0.8 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.13.1706 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{302600C1-6BDF-4FD1-1309-148929CC1385}) (Version: 3.1.1309.0390 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel(R) Smart Connect Technology (HKLM\...\{D6FBF816-ACB8-46CC-ACC6-C8BBA85F497D}) (Version: 4.2.40.2418 - Intel Corporation)
Intel(R) Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{1c7272f2-45cf-469f-b7e9-17c6b212549c}) (Version: 16.5.3 - Intel Corporation)
iTunes (HKLM\...\{6CF1A7E2-8001-4870-9F18-3C6CDD6FE9E3}) (Version: 12.2.1.16 - Apple Inc.)
Java 8 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418045F0}) (Version: 8.0.450 - Oracle Corporation)
Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)
join.me (HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\JoinMe) (Version: 1.17.0.153 - LogMeIn, Inc.)
K-Lite Codec Pack 9.3.0 (Basic) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.3.0 - )
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.36.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\Sunplus SPUVCb) (Version: 3.5.5.5 - SunplusIT)
Lenovo Motion Control (HKLM-x32\...\InstallShield_{0D740B00-2307-44AC-B91B-F3E67444ECA6}) (Version: 2.0.1.0107 - PointGrab)
Lenovo Motion Control (x32 Version: 2.0.1.0107 - PointGrab) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.0.0.2105 - CyberLink Corp.)
Lenovo OneKey Recovery (Version: 8.0.0.2105 - CyberLink Corp.) Hidden
Lenovo Smart Voice (HKLM\...\Lenovo SmartVoice) (Version: 1.0.2.0 - Lenovo)
Lenovo Transition (HKLM\...\Lenovo Transition) (Version: 2.0.13.12271 - Lenovo)
Lenovo USB Graphics (HKLM\...\{7257526E-B74A-488E-BA2E-56327482B06B}) (Version: 7.4.51587.0 - Lenovo)
Lenovo VeriFace (HKLM\...\Lenovo VeriFace) (Version: 5.0.13.5261 - Lenovo)
Lenovo Yoga PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.1.9.3 - Lenovo)
Lenovo Yoga PhoneCompanion (x32 Version: 1.1.9.3 - Lenovo) Hidden
MailStore Home 8.2.1.10082 (HKLM-x32\...\MailStore Home_universal1) (Version: 8.2.1.10082 - MailStore Software GmbH)
Malwarebytes Anti-Malware Version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4454.1510 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0407-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Visio Professional 2003 (HKLM-x32\...\{90510407-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Project Standard 2002 (HKLM-x32\...\{903A0407-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2915.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0407-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Mozilla Firefox 39.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 39.0.3 (x86 de)) (Version: 39.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.0 - Mozilla)
My Swisscom Assistant (HKLM-x32\...\My Swisscom Assistant) (Version: 2.15.2.2072 - Swisscom (Schweiz) AG)
MyKeyFinder (HKLM-x32\...\MyKeyFinder_is1) (Version: 2015 - Abelssoft)
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version: - )
Nitro Reader 3 (HKLM\...\{4756C731-B54E-451A-9AF1-86E8AB1BEBBB}) (Version: 3.5.6.5 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.1 - Notepad++ Team)
Oracle VM VirtualBox 4.3.18 (HKLM\...\{74B7E6F9-DCAC-4ADB-B2D0-EEFDD1B5AC25}) (Version: 4.3.18 - Oracle Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.239 - Google, Inc.)
Prey Anti-Theft (x32 Version: 1.3.9 - Prey, Inc.) Hidden
Private Tax 2013 1.4.0 (HKLM-x32\...\0579-4231-5684-8562) (Version: 1.4.0 - Information Factory AG)
Private Tax 2014 1.4.0 (HKLM-x32\...\3690-0225-9329-1026) (Version: 1.4.0 - Information Factory AG)
Q-Dir (HKLM\...\Q-Dir) (Version: - )
Radio.fx (HKLM-x32\...\Tobit Radio.fx Server) (Version: - Tobit.Software)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.30164 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7058 - Realtek Semiconductor Corp.)
RecImgManager (HKLM-x32\...\{1ECC3992-5E46-4A3B-823F-4228D5B05A83}) (Version: 2.0.26222 - SlimWare Utilities, Inc.)
ReminderInstaller (HKLM-x32\...\InstallShield_{48B99BC9-CEB0-485E-96B1-4609BC86D2DE}) (Version: 1.00.0000 - Absolute Software.)
ReminderInstaller (x32 Version: 1.00.0000 - Absolute Software.) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Samsung Link 2.0.0.1503181422 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1503181422 - Copyright 2013 SAMSUNG)
Sandboxie 4.20 (64-bit) (HKLM\...\Sandboxie) (Version: 4.20 - Sandboxie Holdings, LLC)
Screenpresso (HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\Screenpresso) (Version: 1.5.6.0 - Learnpulse)
Secunia PSI (3.0.0.9016) (HKLM-x32\...\Secunia PSI) (Version: 3.0.0.9016 - Secunia)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.7 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.7.102 - Skype Technologies S.A.)
Snapform Viewer 1.7.39 (HKLM\...\2841-5017-1617-4151) (Version: 1.7.39 - Ringler Informatik AG)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.7 - Synaptics Incorporated)
ThinkPad USB 3.0 Dock (HKLM-x32\...\{69109A9C-1D00-4A84-9ABF-AAE9CADD20DD}) (Version: 1.07.15 - Lenovo)
TIPP10 Version 2.1.0 (HKLM-x32\...\TIPP10_is1) (Version: - (c) 2006-2011, Tom Thielicke IT Solutions)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.1a - TrueCrypt Foundation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update für Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0407-0000-0000000FF1CE}_ENTERPRISE_{BEC163EC-7A83-48A1-BFB6-3BF47CC2F8CF}) (Version: - Microsoft)
Update für Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0407-0000-0000000FF1CE}_ENTERPRISE_{F6828576-6F79-470D-AB50-69D1BBADBD30}) (Version: - Microsoft)
Update für Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0407-0000-0000000FF1CE}_ENTERPRISE_{EA160DA3-E9B5-4D03-A518-21D306665B96}) (Version: - Microsoft)
Update für Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0407-0000-0000000FF1CE}_ENTERPRISE_{38472199-D7B6-4833-A949-10E4EE6365A1}) (Version: - Microsoft)
UserGuide (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 1.0.0.15 - Lenovo)
UserGuide (x32 Version: 1.0.0.15 - Lenovo) Hidden
VeraCrypt (HKLM-x32\...\VeraCrypt) (Version: 1.0f-1 - IDRIX)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
WHS ProStation (HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\InstallShield_{E56B8E1D-8E90-46DC-AE55-EBA87ED69A5F}) (Version: 2.38.56.10.2 - WH SELFINVEST)
WHS ProStation (x32 Version: 2.38.56.10.2 - WH SELFINVEST) Hidden
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
Windows Driver Package - Lenovo (ACPIVPC) System (02/17/2013 9.52.0.776) (HKLM\...\35DD26BE48DAF4A9F35F969F3CB1E3E1435E661E) (Version: 02/17/2013 9.52.0.776 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Resource Kit Tools - SubInAcl.exe (HKLM-x32\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
XAMPP (HKLM-x32\...\xampp) (Version: 1.8.3-4 - Bitnami)
Yoga Picks (HKLM-x32\...\{267C8BA0-876B-4589-9F14-EFB84ABCEA7F}) (Version: 1.5.014.0106 - Lenovo)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001_Classes\CLSID\{004B49B7-11B9-5058-FF22-08DD093ADC4B}\InprocServer32 -> {1FA5F244-9468-D082-1262-D4EE85889A47} No File
CustomCLSID: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001_Classes\CLSID\{DD0822FF-3A09-4BDC-B749-4B00B9115850}\InprocServer32 -> {5FB02946-9468-D082-10B9-C1AE85889A47} No File
CustomCLSID: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3121602427-3534730855-1075997385-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
==================== Restore Points =========================
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0120950B-72D8-4543-A921-62AD99989D11} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {114B555B-6E44-421B-90EC-509925C4578F} - System32\Tasks\4Team updater => C:\Program Files (x86)\4Team Corporation\4Team-Updater\4Team-Updater.exe
Task: {11CF1733-D8D7-4871-9BB3-A8BBE91DE674} - System32\Tasks\MsgUpdateCheck (ed5bac9b-5ca0-4f99-aa46-a881a08ff6f3) => C:\SmartDraw CI\MarkedUp\tray\TrayNotifierNET35.exe [2014-04-30] (MarkedUp Inc)
Task: {19676596-235C-492C-9BBD-B736CE6B4742} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {45C50541-C5AB-4236-A2F3-C0B6375B44DF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3121602427-3534730855-1075997385-1001UA => C:\Users\Marcel\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {48BD7CC0-33DC-4B22-9320-2A75C6A425B8} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser
Task: {5177C064-CC6E-4D71-BE7A-B42FA270C361} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {54C13448-7CAE-4053-AB65-45947EFA1342} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\windows\system32\MRT.exe [2015-07-03] (Microsoft Corporation)
Task: {669D6792-29A3-428A-A195-CEE18EFBC3BF} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-07-07] (Adobe Systems Incorporated)
Task: {6AB1569F-4369-4546-88C8-735FD098A9AD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {934E759D-B07C-451F-9877-E757089B7DEE} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {93BD02A6-3C5E-46BB-8D41-FEA837F972C9} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-03-06] ()
Task: {9F2AF63D-65F9-4C86-91A1-B4CBDA3421F9} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-12-08] ()
Task: {AB1B2D4F-AD1B-4388-807F-BA561CDE4FD9} - System32\Tasks\Lenovo Smart Voice => C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvTrayLoad.exe [2014-03-28] (Lenovo)
Task: {B20FD989-8C81-46A1-B185-C1D28F8D24F5} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {C71A6436-7370-460F-864E-09FE1370A395} - System32\Tasks\SDMsgUpdate (TE) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {F97DB1F3-B11D-48E1-B038-8906E0AA1B7E} - System32\Tasks\SDMsgUpdate (Local) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {FFA9A996-FEC2-420E-8B15-7FB5F295BCF6} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-29] (Synaptics Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\ParetoLogic Registration3.job => C:\windows\system32\rundll32.exeGC:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
==================== Loaded Modules (Whitelisted) ==============
2015-01-20 23:35 - 2015-01-20 23:35 - 00085832 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2015-05-15 16:26 - 2015-05-15 16:26 - 01346344 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2013-08-02 02:31 - 2013-08-02 02:31 - 00198120 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
2013-08-02 02:31 - 2013-08-02 02:31 - 00054760 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll
2013-08-02 02:31 - 2013-08-02 02:31 - 00034792 _____ () C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetMon.dll
2014-03-28 08:55 - 2012-04-24 12:43 - 00390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2014-08-30 09:15 - 2015-03-18 15:22 - 00025088 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll
2014-08-30 09:15 - 2015-03-18 15:22 - 02633728 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll
2014-08-30 09:15 - 2015-03-18 15:22 - 02540544 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll
2013-12-21 11:25 - 2013-12-21 11:25 - 00036864 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\JNIInterface.dll
2013-12-21 11:26 - 2013-12-21 11:26 - 00144384 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\ASFAPI.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00018944 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\MediaDB_Manager.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00030720 _____ () C:\windows\SYSTEM32\MediaDB64.dll
2013-10-22 09:52 - 2013-10-22 09:52 - 00908800 _____ () C:\windows\SYSTEM32\ContentDirectoryPresenter64.dll
2013-12-21 11:27 - 2013-12-21 11:27 - 00521728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\64bit\DMS_Manager.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00049152 _____ () C:\windows\SYSTEM32\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00016896 _____ () C:\windows\SYSTEM32\boost_system-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00058880 _____ () C:\windows\SYSTEM32\boost_thread-vc90-mt-1_47.dll
2013-07-23 19:19 - 2013-07-23 19:19 - 00299520 _____ () C:\windows\SYSTEM32\boost_serialization-vc90-mt-1_47.dll
2014-08-30 09:16 - 2014-08-30 09:16 - 00669696 _____ () C:\Windows\Temp\sqlite-3.7.151-amd64-sqlitejdbc.dll
2014-08-30 09:15 - 2015-03-18 15:22 - 00049664 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll
2014-08-30 09:15 - 2015-03-18 15:22 - 00499712 _____ () C:\Program Files\Samsung\Samsung Link\utils\MetaExtractorDLL.dll
2015-01-08 20:36 - 2005-04-22 14:36 - 00143360 _____ () C:\windows\system32\BrSNMP64.dll
2014-03-28 08:55 - 2014-03-28 08:55 - 00068368 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
2014-03-28 08:55 - 2014-03-28 08:55 - 00669288 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfDataStorageInterface.dll
2014-03-28 08:55 - 2014-03-28 08:55 - 00062224 _____ () C:\ProgramData\LenovoTransition\Server\x64\dptf.dll
2014-03-28 08:53 - 2014-01-07 00:14 - 00019440 _____ () C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
2014-03-28 08:55 - 2014-03-28 08:55 - 00161792 _____ () C:\Program Files\Lenovo Yoga PhoneCompanion\adb.exe
2015-08-09 12:43 - 2015-04-22 16:55 - 00265080 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\txmlutil.dll
2015-08-09 12:43 - 2013-09-03 14:29 - 00101328 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\bdmetrics.dll
2015-08-09 12:43 - 2015-06-10 18:41 - 00003072 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\UI\accessl.ui
2015-08-13 14:12 - 2015-08-13 14:12 - 00861696 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00550_003\ashttpbr.mdl
2015-08-13 14:12 - 2015-08-13 14:12 - 00728576 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00550_003\ashttpdsp.mdl
2015-08-13 14:12 - 2015-08-13 14:12 - 02776064 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00550_003\ashttpph.mdl
2015-08-13 14:12 - 2015-08-13 14:12 - 01395200 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\otengines_00550_003\ashttprbl.mdl
2015-08-02 13:04 - 2014-03-07 09:21 - 00080312 _____ () C:\windows\system32\IGFXEXPS.DLL
2008-07-04 12:38 - 2008-07-04 12:38 - 00065536 _____ () C:\Brother\BPRSP\resources\BrSupSsp.exe
2013-12-11 16:46 - 2013-12-11 16:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll
2013-07-23 19:18 - 2013-07-23 19:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll
2013-10-22 09:48 - 2013-10-22 09:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll
2013-10-24 16:53 - 2013-10-24 16:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll
2013-04-19 16:38 - 2013-04-19 16:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll
2013-12-11 16:46 - 2013-12-11 16:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll
2013-10-25 19:49 - 2013-10-25 19:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll
2013-12-11 16:45 - 2013-12-11 16:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll
2013-10-25 19:53 - 2013-10-25 19:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll
2013-10-25 19:48 - 2013-10-25 19:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll
2013-02-14 19:42 - 2013-02-14 19:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll
2015-07-23 11:29 - 2015-07-23 11:29 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-07-23 11:29 - 2015-07-23 11:29 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2014-04-22 20:23 - 2009-02-27 17:38 - 00139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2014-03-28 08:39 - 2013-08-08 22:25 - 01242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2014-03-28 08:55 - 2014-03-28 08:55 - 00101648 _____ () C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LUpdatePackage.dll
2015-08-09 12:43 - 2015-04-22 16:53 - 00204280 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\components\txmlutil.dll
2015-08-09 12:43 - 2015-05-12 15:48 - 00067808 _____ () C:\Program Files\Bitdefender\Bitdefender 2015\antispam32\bdwteff\components\bdwtxff.dll
2003-07-11 10:09 - 2003-07-11 10:09 - 00048192 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\1031\nsextint.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 _____ () C:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Marcel\SkyDrive:ms-properties
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
==================== EXE Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Marcel\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(Currently there is no automatic fix for this section.)
HKLM\...\StartupApproved\StartupFolder: => "Secunia PSI Tray.lnk"
HKLM\...\StartupApproved\StartupFolder: => "Radio.fx.LNK"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "AutoStartTransition"
HKLM\...\StartupApproved\Run: => "Samsung Link"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "Yoga Picks"
HKLM\...\StartupApproved\Run32: => "ControlCenter3"
HKLM\...\StartupApproved\Run32: => "FileZilla Server Interface"
HKLM\...\StartupApproved\Run32: => "My Swisscom Assistant"
HKLM\...\StartupApproved\Run32: => "BrHelp"
HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\StartupApproved\StartupFolder: => "EvernoteClipper.lnk"
HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\StartupApproved\Run: => "zzihaw.exe"
HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\StartupApproved\Run: => "rfxsrvtray"
HKU\S-1-5-21-3121602427-3534730855-1075997385-1001\...\StartupApproved\Run: => "Skype"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [{4431DEAE-785F-4476-A1D9-31EE2F25E07D}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{3E4C4004-2938-408E-BB9F-065DD2A43E64}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{7F4CFB46-E8EE-4804-BC7A-5E9E37543015}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{B7649C76-9956-4020-AC6E-924C8B77E9D6}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{EE9CAD80-E182-4C83-B105-8DA877E0B70E}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F87B0288-5786-47AB-8833-6834612238AA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{0D3253CE-E1C8-482C-B2F2-9649D1CE2B4D}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{F9B3630D-7E6B-4AC8-BA2E-07A8398C70DD}] => (Allow) C:\Program Files (x86)\Brother\Brmfl06d\FAXRX.exe
FirewallRules: [{1A1C5D3C-6EA9-46EB-87CC-2B72169BD698}] => (Allow) C:\Program Files (x86)\Brother\Brmfl06d\FAXRX.exe
FirewallRules: [{D4820C6E-E3E7-40F6-AE1A-C59957B8B1C6}] => (Allow) LPort=54925
FirewallRules: [{C400B6EE-8C7E-4FEB-92F4-ACEEC20EA8D3}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [{83D4BC26-742A-4A8A-9314-A7F2997CB682}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{BC591497-5730-4159-A59B-BFA8E0FF5C1F}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{BB30ACF2-BBE3-4A73-A8D0-4CAAAEE54456}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{E17A4801-6EE3-4BA6-9601-A3752B78AAAC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{5433EC50-5282-4E59-B9C3-EE2541AD45D4}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{D389BBA3-48A3-460F-9BA0-DAF3EA753A9B}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\WLAN\SwisscomWLAN.exe
FirewallRules: [{215839A2-8207-4AB5-B1DB-4413380C620A}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\WLAN\SwisscomWLAN.exe
FirewallRules: [{9DF4834B-E895-43D9-B66B-56F6EC196392}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe
FirewallRules: [{74553D50-32B3-4F3C-A9C3-B3CBC13A58FE}] => (Allow) C:\Program Files (x86)\ASUS\Wireless Router\Device Discovery\Discovery.exe
FirewallRules: [{945872BD-00E1-4BE3-821E-9874698B5A84}] => (Allow) LPort=8743
FirewallRules: [{63B85722-A77D-45A2-8F5C-64F23EABA935}] => (Allow) LPort=8643
FirewallRules: [{E2EA838F-A7A3-4A5D-9159-C05F086C7263}] => (Allow) LPort=7676
FirewallRules: [{EC45B1E0-C6C4-4AE3-9C08-713A85E6A46C}] => (Allow) LPort=7679
FirewallRules: [{3CC2556B-3C36-4251-BB85-E0036DCBF1F5}] => (Allow) LPort=24234
FirewallRules: [{258AF4F6-619B-4104-9528-45E68F583009}] => (Allow) LPort=7900
FirewallRules: [{EDB7FCB4-5921-4FD9-B591-FAF26006558D}] => (Allow) LPort=1900
FirewallRules: [{EBE5F558-DF3D-42B2-96E0-CB6F67A61301}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{65312F94-6083-4AA6-AFDE-94F7400725B5}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{B71C1162-9807-4FE3-9553-F1000FAD5ADE}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{82824B5A-ACA2-4AC9-9E02-733544CAF2FB}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{BDC2A857-DE46-4F93-9D6A-5AF7742BF1CB}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{042614FB-48A6-472C-80C9-89DAA5A1B3C8}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{87BDB682-26F7-4441-9898-BCF01749892B}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [{D9A08DF9-4A68-41ED-B187-03C0F7F22298}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe
FirewallRules: [TCP Query User{36306197-E317-4D40-949D-992EBC574FE1}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [UDP Query User{7D77A54A-D12C-42DE-8A4E-8EC03DF859BF}C:\xampp\apache\bin\httpd.exe] => (Allow) C:\xampp\apache\bin\httpd.exe
FirewallRules: [TCP Query User{3A498FFE-111E-4BD0-8227-D598BF14E5EC}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [UDP Query User{A6C10A9F-9B83-44EC-AA72-C32A14945666}C:\xampp\mysql\bin\mysqld.exe] => (Allow) C:\xampp\mysql\bin\mysqld.exe
FirewallRules: [{07697B2F-7B22-41B9-972D-BE006011B3FA}] => (Allow) C:\Users\Marcel\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe
FirewallRules: [{9DF63D6B-7184-4AD8-A624-F8DCE60FDA0E}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{EE2C085E-CE90-4492-8A4A-40CFD385AA52}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{A2973539-9915-4060-AE99-57E858910C69}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{390F3960-F197-4DDA-A2E9-5584BF3E790A}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{CC27E496-D046-4E88-9F5F-0397BD62798D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{ABAF99FD-E70B-4F6F-A5C1-485427AC18A4}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{FF9E7EB5-D622-4096-9BFD-5AF7E24C1E85}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{697F890B-7392-4A34-95E1-E13E077C1D12}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [TCP Query User{BA97556E-0C2E-4EFA-92B4-D864348CB679}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [UDP Query User{D547E705-30C7-4C99-8E10-C49310943D70}C:\program files\java\jre7\bin\javaw.exe] => (Allow) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{2DA0F69C-34E6-4FE6-97FF-E35B619D3444}] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{A7199F1C-1D6C-4819-A485-F0B2F8017273}] => (Block) C:\program files\java\jre7\bin\javaw.exe
FirewallRules: [{F1248851-1A38-47FF-A437-CAF528F289AD}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{6BBFC808-ACC0-4064-90D7-BAB0BDB1FABE}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{A97EE786-2B57-47B2-8D4A-DB30E403E4FC}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{D467C7B2-FE00-4D4F-8FAE-A1C4E19DB5E9}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{09EBD004-26EC-4FCD-9A91-A9DABBD8EBDB}] => (Allow) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
FirewallRules: [{96B2F48E-D869-44E7-86C9-D933CB69F4B0}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{9FBE20C2-2F6E-45EC-9CE3-BE21B022A9E7}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{F0CF83FE-DBB1-43CA-AEC3-24FF6AA337CD}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{B0BEE50F-1730-4425-A5BB-5BDF6B14EC11}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{12F7F8CB-96F8-4C34-8AA7-32B42558FB55}] => (Allow) C:\Program Files (x86)\Brother\Brmfl06d\FAXRX.exe
FirewallRules: [{3C35C46B-71E2-4DCA-AE2B-D61FFC530FFF}] => (Allow) C:\Program Files (x86)\Brother\Brmfl06d\FAXRX.exe
FirewallRules: [{6197A62B-4B7F-4A4B-B2C4-8E11D56E0543}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{DFB0CEDA-1238-47D9-A856-95F0548447EB}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [UDP Query User{442153E3-7D80-4AC6-8BF8-C7FB16E6C36C}C:\program files\java\jre1.8.0_25\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{5A04ED96-62F3-4297-B99A-4E1476255B79}] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{24E4DDD1-1307-489F-B217-EDBFCDFD935E}] => (Block) C:\program files\java\jre1.8.0_25\bin\javaw.exe
FirewallRules: [{D3DD32AA-F817-42DE-9CF1-03371BB95068}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{490B4F85-C6DF-416A-8EF6-3C80F169471A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D76CA2F7-FE24-4D06-86C5-F4CE9E5CAC2F}] => (Allow) C:\Program Files (x86)\Brother\Brmfl14e\FAXRX.EXE
FirewallRules: [{F07D8D86-A96C-4D43-A081-2BF5D0044E48}] => (Allow) LPort=54925
FirewallRules: [TCP Query User{8581DA57-E721-4297-AE0E-57D219D54F08}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{FAEBC70F-315D-4483-8832-FC6488BAB043}C:\program files\java\jre1.8.0_31\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{82301374-2EC6-4FDA-B21E-42D1A903DF3B}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{8D4C8D2E-BC79-4149-9A75-2CB22C4D0CF8}] => (Block) C:\program files\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{D7B14B40-2DF9-46B9-A34E-47BA1AF55C62}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{35B86F9D-0566-47FD-A08B-7E78FCD493EA}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{314DEF24-8962-4B56-AF52-989A6DC32D07}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{BAF2714A-5FB3-485D-9520-30E9A92B2BEF}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [TCP Query User{DAF67383-BEAA-431A-930E-300D496FD568}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{7212BC96-4CA3-49A4-A207-5768E6F72B6B}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe
FirewallRules: [{DB8D1945-70EB-43FE-AA4B-703809F95F18}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{59DF4A80-2B14-4D6B-80C6-E4EED5310827}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
FirewallRules: [{7055B5CC-A0E3-46C3-A978-36B180A734DE}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{4C36329F-D803-44D6-A03F-ED2CCD29FA47}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
FirewallRules: [{92B83BC9-2AC5-4C81-A3B3-19656D721B53}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{D55B24AA-BB5F-4629-8829-F8517279707E}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
FirewallRules: [{05DEC036-5A7D-4951-B7EF-2CDDFCFAB025}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [{CFB84829-CB9B-4728-8890-488E4B2B181B}] => (Allow) C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-client.exe
FirewallRules: [TCP Query User{59E7C9DC-7743-4F5F-9B56-0793AFA6996D}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [UDP Query User{F24072CB-A078-48E1-B810-68D42B118F6B}C:\program files\java\jre1.8.0_45\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{22AADAE4-32FB-4FD8-BEA1-A2DBA80B9F5A}] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [{CB421610-37DA-49BC-B2BF-6661ADDE9368}] => (Block) C:\program files\java\jre1.8.0_45\bin\javaw.exe
FirewallRules: [TCP Query User{0C0517AB-9D31-49C3-9C56-8D812D187D52}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{AE048FD6-A975-43E6-A034-3304E46E03F5}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{98D0103E-A762-4B66-9D2B-AB984A4B89B1}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{13E10B00-2F4B-410E-ABC7-B4FB939537E3}] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{FFC75286-B03F-4EB4-9D8C-C473F4B675F8}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{F8E551C0-620C-48DD-8289-676CF6902D89}] => (Allow) C:\Windows\Prey\versions\1.4.1\bin\node.exe
FirewallRules: [{58D99F8E-8FA4-4A8A-AB35-CBAC89586306}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
FirewallRules: [{4E3BC521-0E78-4909-9FA8-C2184FF1007E}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
FirewallRules: [{2F84591F-72FC-4727-836E-B45FA9744978}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
FirewallRules: [{4914DDF3-1A78-4E94-9B86-2C81E38CBDEE}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Repair.exe
FirewallRules: [{82D91E50-DA66-4C54-A6BD-14AB6B5E876B}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe
FirewallRules: [{AE1B92C0-998E-49FE-B67C-64E958E20C17}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant.exe
FirewallRules: [{523AC248-C74A-4269-90A0-DDE9881F3AF6}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\Update\M2Updater.exe
FirewallRules: [{4BE7E6D7-D95F-464C-8CD2-75B08A12060A}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\Update\M2Updater.exe
FirewallRules: [{A320978A-5216-4BF5-BA0E-F9F50D3B490B}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\PDF_Viewer\m2PDFViewer.exe
FirewallRules: [{14FCC4D3-1911-4864-AA84-8FEE3554F456}] => (Allow) C:\Program Files (x86)\Swisscom\My Swisscom Assistant\PDF_Viewer\m2PDFViewer.exe
StandardProfile\AuthorizedApplications: [C:\Users\Marcel\AppData\Roaming\zzpuok\suujnu.exe] => Enabled:suujnu
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (08/14/2015 12:52:35 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\windows\system32\srtasks.exe ExecuteScheduledSPPCreation; Beschreibung = Scheduled Checkpoint; Fehler = 0x80070422).
Error: (08/14/2015 12:52:32 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "WINRE_DRV" wurde aufgrund eines Fehlers nicht optimiert: The parameter is incorrect. (0x80070057)
Error: (08/14/2015 12:32:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: MediaCreationTool.exe, Version: 6.3.9600.17557, Zeitstempel: 0x548cc952
Name des fehlerhaften Moduls: MSONSEXT.DLL, Version: 11.0.6715.60, Zeitstempel: 0x43306199
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00052b84
ID des fehlerhaften Prozesses: 0x484c
Startzeit der fehlerhaften Anwendung: 0xMediaCreationTool.exe0
Pfad der fehlerhaften Anwendung: MediaCreationTool.exe1
Pfad des fehlerhaften Moduls: MediaCreationTool.exe2
Berichtskennung: MediaCreationTool.exe3
Vollständiger Name des fehlerhaften Pakets: MediaCreationTool.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: MediaCreationTool.exe5
Error: (08/14/2015 12:02:03 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Die Zeichenfolgen der Leistungsindikatoren in der Leistungsindikatorenregistrierung werden beschädigt wenn der Prozess "Performance" auf dem Erweiterungsleistungsindikator-Anbieter ausgeführt wird. Der Wert "BaseIndex" aus der Leistungsregistrierung ist das erste DWORD im Datenbereich, der Wert "LastCounter" ist das zweite DWORD im Datenbereich und der Werte "LastHelp" ist das dritte DWORD im Datenbereich.
Error: (08/14/2015 10:42:41 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: 80070005
Error: (08/13/2015 06:39:53 PM) (Source: Desktop Window Manager) (EventID: 9020) (User: )
Description: Der Desktopfenster-Manager hat einen schwerwiegenden Fehler (0x8898008d) festgestellt.
Error: (08/13/2015 06:28:20 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\HitmanPro\HitmanPro.exe Files\HitmanPro\HitmanPro.exe" /scan:boot /quiet /quick; Beschreibung = Prüfpunkt von HitmanPro; Fehler = 0x80070422).
Error: (08/13/2015 06:28:14 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Fehler beim Erstellen des Wiederherstellungspunkts (Prozess = C:\Program Files\HitmanPro\HitmanPro.exe Files\HitmanPro\HitmanPro.exe" /scan:boot /quiet /quick; Beschreibung = Prüfpunkt von HitmanPro; Fehler = 0x80070422).
Error: (08/13/2015 06:12:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: backgroundTaskHost.exe, Version: 6.3.9600.17415, Zeitstempel: 0x545042b7
Name des fehlerhaften Moduls: twinapi.appcore.dll, Version: 6.3.9600.17415, Zeitstempel: 0x54503c4d
Ausnahmecode: 0xc000027b
Fehleroffset: 0x0000000000063c1f
ID des fehlerhaften Prozesses: 0x1f18
Startzeit der fehlerhaften Anwendung: 0xbackgroundTaskHost.exe0
Pfad der fehlerhaften Anwendung: backgroundTaskHost.exe1
Pfad des fehlerhaften Moduls: backgroundTaskHost.exe2
Berichtskennung: backgroundTaskHost.exe3
Vollständiger Name des fehlerhaften Pakets: backgroundTaskHost.exe4
Anwendungs-ID, die relativ zum fehlerhaften Paket ist: backgroundTaskHost.exe5
Error: (08/13/2015 12:10:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: ERROR: handle_resolve_request bad interfaceIndex 24
System errors:
=============
Error: (08/14/2015 05:17:18 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS
Error: (08/14/2015 03:47:18 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS
Error: (08/14/2015 03:17:18 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS
Error: (08/14/2015 01:47:18 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS
Error: (08/14/2015 12:47:18 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS
Error: (08/14/2015 12:39:02 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS
Error: (08/14/2015 12:30:24 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS
Error: (08/14/2015 12:24:12 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS
Error: (08/14/2015 12:18:58 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS
Error: (08/14/2015 12:14:57 PM) (Source: DCOM) (EventID: 10029) (User: SUGUS)
Description: {4991D34B-80A1-4291-83B6-3328366B9097}BITS
Microsoft Office:
=========================
Error: (08/11/2015 06:02:28 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6723.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 4085 seconds with 1800 seconds of active time. This session ended with a crash.
Error: (06/14/2015 02:26:57 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 429 seconds with 240 seconds of active time. This session ended with a crash.
Error: (04/26/2015 09:57:42 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6720.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 38 seconds with 0 seconds of active time. This session ended with a crash.
Error: (04/26/2015 09:56:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6720.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 96 seconds with 60 seconds of active time. This session ended with a crash.
Error: (04/21/2015 07:09:41 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6720.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 27 seconds with 0 seconds of active time. This session ended with a crash.
Error: (04/21/2015 04:15:31 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6720.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 762 seconds with 720 seconds of active time. This session ended with a crash.
Error: (04/20/2015 07:23:57 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6720.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 1980 seconds with 1140 seconds of active time. This session ended with a crash.
Error: (04/14/2015 10:15:52 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6718.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 284 seconds with 0 seconds of active time. This session ended with a crash.
Error: (01/23/2015 08:55:02 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6713.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 248 seconds with 240 seconds of active time. This session ended with a crash.
Error: (01/14/2015 11:24:34 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 1, Application Name: Microsoft Office Excel, Application Version: 12.0.6712.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 2983 seconds with 1560 seconds of active time. This session ended with a crash.
CodeIntegrity:
===================================
Date: 2014-11-15 17:29:16.127
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-15 17:29:15.670
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-15 17:29:15.513
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-15 17:29:15.340
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-15 17:29:15.169
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-15 17:29:14.997
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-15 17:29:14.825
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-15 17:29:14.653
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-15 17:29:14.465
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2014-11-15 17:29:14.278
Description: Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i7-4500U CPU @ 1.80GHz
Percentage of memory in use: 71%
Total physical RAM: 8104.27 MB
Available physical RAM: 2321.72 MB
Total Virtual: 16296.27 MB
Available Virtual: 10032.81 MB
==================== Drives ================================
Drive c: (Windows8_OS) (Fixed) (Total:217.68 GB) (Free:78.22 GB) NTFS ==>[system with boot components (obtained from reading drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.88 GB) NTFS
Drive f: (Daten) (Fixed) (Total:216.58 GB) (Free:162.22 GB) NTFS
Drive g: (ESD-USB) (Removable) (Total:28.88 GB) (Free:28.88 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: D9341526)
Partition: GPT.
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 28.9 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of log ============================
|
|
15.08.2015, 09:53
| #5 |
| /// the machine /// TB-Ausbilder | Behinderung durch Trojaner? hi, Downloade dir bitte  Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers Downloade dir bitte  TDSSKiller.exe und speichere diese Datei auf dem Desktop
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
16.08.2015, 10:45
| #6 |
| | Behinderung durch Trojaner?Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.3.9200 Windows 8.1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17905
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, H:\ DRIVE_FIXED, I:\ DRIVE_FIXED, J:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 8497946624, free: 3111223296
Downloaded database version: v2015.08.15.06
Downloaded database version: v2015.08.06.01
Downloaded database version: v2015.07.28.01
=======================================
Initializing...
------------ Kernel report ------------
08/16/2015 11:19:33
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\ngvss.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\dlkmdldr.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\ambakdrv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\system32\drivers\dlkmd.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\System32\drivers\veracrypt.sys
\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
\SystemRoot\system32\DRIVERS\VBoxDrv.sys
\SystemRoot\System32\drivers\truecrypt.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\system32\ckldrv.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\system32\DRIVERS\VBoxNetAdp.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\DptfDevProc.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\NETwbw02.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\AcpiVpc.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\ikbevent.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\imsevent.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\system32\DRIVERS\DptfDevPch.sys
\SystemRoot\System32\drivers\msgpiowin32.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\DptfManager.sys
\SystemRoot\System32\drivers\ISCTD64.sys
\SystemRoot\System32\drivers\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\??\C:\Program Files\Sandboxie\SbieDrv.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\Drivers\SPUVCbv_x64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\windows\system32\ammntdrv.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\psi_mf_amd64.sys
\SystemRoot\System32\drivers\ipnat.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\SystemRoot\System32\drivers\mshidumdf.sys
\??\C:\windows\System32\Drivers\INETMON.sys
\SystemRoot\system32\drivers\wimmount.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\system32\DRIVERS\trufos.sys
\SystemRoot\system32\DRIVERS\avchv.sys
\SystemRoot\system32\DRIVERS\avc3.sys
\??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
\SystemRoot\system32\DRIVERS\gzflt.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\ibtusb.sys
\SystemRoot\system32\DRIVERS\btmhsf.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\rfcomm.sys
\??\C:\windows\system32\drivers\mbam.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\DisplayLinkUsbIo_x64_7.4.48800.0.sys
\SystemRoot\system32\DRIVERS\dlusbaudio_x64.sys
\SystemRoot\system32\DRIVERS\dlcdcncm6_x64.sys
\SystemRoot\system32\DRIVERS\avckf.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\drivers\umpass.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\??\C:\windows\system32\drivers\mwac.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\windows\system32\drivers\mbamchameleon.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.08.15.06
rootkit: v2015.08.06.01
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: F:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: F:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: F:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
Scan Interrupted
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
Scan was aborted.
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.3.9200 Windows 8.1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17905
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, H:\ DRIVE_FIXED, I:\ DRIVE_FIXED, J:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 8497946624, free: 3155025920
=======================================
------------ Kernel report ------------
08/16/2015 11:20:26
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\ngvss.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\dlkmdldr.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\ambakdrv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\system32\drivers\dlkmd.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\System32\drivers\veracrypt.sys
\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
\SystemRoot\system32\DRIVERS\VBoxDrv.sys
\SystemRoot\System32\drivers\truecrypt.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\system32\ckldrv.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\system32\DRIVERS\VBoxNetAdp.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\DptfDevProc.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\NETwbw02.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\AcpiVpc.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\ikbevent.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\imsevent.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\system32\DRIVERS\DptfDevPch.sys
\SystemRoot\System32\drivers\msgpiowin32.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\DptfManager.sys
\SystemRoot\System32\drivers\ISCTD64.sys
\SystemRoot\System32\drivers\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\??\C:\Program Files\Sandboxie\SbieDrv.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\Drivers\SPUVCbv_x64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\windows\system32\ammntdrv.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\psi_mf_amd64.sys
\SystemRoot\System32\drivers\ipnat.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\SystemRoot\System32\drivers\mshidumdf.sys
\??\C:\windows\System32\Drivers\INETMON.sys
\SystemRoot\system32\drivers\wimmount.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\system32\DRIVERS\trufos.sys
\SystemRoot\system32\DRIVERS\avchv.sys
\SystemRoot\system32\DRIVERS\avc3.sys
\??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
\SystemRoot\system32\DRIVERS\gzflt.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\ibtusb.sys
\SystemRoot\system32\DRIVERS\btmhsf.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\rfcomm.sys
\??\C:\windows\system32\drivers\mbam.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\DisplayLinkUsbIo_x64_7.4.48800.0.sys
\SystemRoot\system32\DRIVERS\dlusbaudio_x64.sys
\SystemRoot\system32\DRIVERS\dlcdcncm6_x64.sys
\SystemRoot\system32\DRIVERS\avckf.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\drivers\umpass.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\??\C:\windows\system32\drivers\mwac.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\windows\system32\drivers\mbamchameleon.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.08.15.06
rootkit: v2015.08.06.01
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: F:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: F:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: F:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\WSDPrint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\WSDPrint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthLEEnum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthLEEnum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: D9341526
GPT Protective MBR Partition information:
Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
GPT Partition information:
GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 3992534476
GPT Header CurrentLba = 1 BackupLba 1000215215
GPT Header FirstUsableLba 34 LastUsableLba 1000215182
GPT Header Guid 81d0bac0-ae7e-4c5c-9e4b-42ff724c12c7
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128
Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 3992534476
Backup GPT header CurrentLba = 1000215215 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1000215182
Backup GPT header Guid 81d0bac0-ae7e-4c5c-9e4b-42ff724c12c7
Backup GPT header Contains 128 partition entries starting at LBA 1000215183
Backup GPT header Partition entry size = 128
Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 89100f72-b034-48f7-9235-d1e8a01569ab
FirstLBA 2048 Last LBA 2050047
Attributes 1
Partition Name Basic data partition
Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID d85cdf73-95f1-4d16-a0af-75d7156bca3f
FirstLBA 2050048 Last LBA 2582527
Attributes 1
Partition Name EFI system partition
GPT Partition 1 is bootable
Partition 2 Type bfbfafe7-a34f-448a-9a5b-6213eb736c22
Partition ID 26727f40-b568-4db9-995e-569892de61f
FirstLBA 2582528 Last LBA 4630527
Attributes 1
Partition Name Basic data partition
Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID e4e0ce43-575e-4545-aa6d-6d79f4e68e0
FirstLBA 4630528 Last LBA 4892671
Attributes 0
Partition Name Microsoft reserved partition
Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID c211288e-a13f-462d-98e4-3d53564478c7
FirstLBA 4892672 Last LBA 461408255
Attributes 0
Partition Name Basic data partition
Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 264dab0c-e118-470a-87d1-7177e716f162
FirstLBA 461408256 Last LBA 915615743
Attributes 0
Partition Name Basic data partition
Partition 6 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID ae59f8b7-5d7c-48db-b094-d7c6a15ab40
FirstLBA 915617792 Last LBA 968046591
Attributes 0
Partition Name Basic data partition
Partition 7 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID c83e6a4b-beb9-4a20-8cd0-4cb7934abd70
FirstLBA 968046592 Last LBA 1000214527
Attributes 1
Partition Name Basic data partition
Disk Size: 512110190592 bytes
Sector size: 512 bytes
Done!
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
Code:
ATTFilter ---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.3.9200 Windows 8.1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17905
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, H:\ DRIVE_FIXED, I:\ DRIVE_FIXED, J:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 8497946624, free: 3111223296
Downloaded database version: v2015.08.15.06
Downloaded database version: v2015.08.06.01
Downloaded database version: v2015.07.28.01
=======================================
Initializing...
------------ Kernel report ------------
08/16/2015 11:19:33
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\ngvss.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\dlkmdldr.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\ambakdrv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\system32\drivers\dlkmd.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\System32\drivers\veracrypt.sys
\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
\SystemRoot\system32\DRIVERS\VBoxDrv.sys
\SystemRoot\System32\drivers\truecrypt.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\system32\ckldrv.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\system32\DRIVERS\VBoxNetAdp.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\DptfDevProc.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\NETwbw02.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\AcpiVpc.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\ikbevent.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\imsevent.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\system32\DRIVERS\DptfDevPch.sys
\SystemRoot\System32\drivers\msgpiowin32.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\DptfManager.sys
\SystemRoot\System32\drivers\ISCTD64.sys
\SystemRoot\System32\drivers\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\??\C:\Program Files\Sandboxie\SbieDrv.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\Drivers\SPUVCbv_x64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\windows\system32\ammntdrv.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\psi_mf_amd64.sys
\SystemRoot\System32\drivers\ipnat.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\SystemRoot\System32\drivers\mshidumdf.sys
\??\C:\windows\System32\Drivers\INETMON.sys
\SystemRoot\system32\drivers\wimmount.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\system32\DRIVERS\trufos.sys
\SystemRoot\system32\DRIVERS\avchv.sys
\SystemRoot\system32\DRIVERS\avc3.sys
\??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
\SystemRoot\system32\DRIVERS\gzflt.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\ibtusb.sys
\SystemRoot\system32\DRIVERS\btmhsf.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\rfcomm.sys
\??\C:\windows\system32\drivers\mbam.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\DisplayLinkUsbIo_x64_7.4.48800.0.sys
\SystemRoot\system32\DRIVERS\dlusbaudio_x64.sys
\SystemRoot\system32\DRIVERS\dlcdcncm6_x64.sys
\SystemRoot\system32\DRIVERS\avckf.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\drivers\umpass.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\??\C:\windows\system32\drivers\mwac.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\windows\system32\drivers\mbamchameleon.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.08.15.06
rootkit: v2015.08.06.01
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: F:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: F:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: F:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
Scan Interrupted
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
Scan was aborted.
=======================================
---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.09.1.1004
(c) Malwarebytes Corporation 2011-2012
OS version: 6.3.9200 Windows 8.1 x64
Account is Administrative
Internet Explorer version: 11.0.9600.17905
File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, D:\ DRIVE_FIXED, F:\ DRIVE_FIXED, H:\ DRIVE_FIXED, I:\ DRIVE_FIXED, J:\ DRIVE_FIXED
CPU speed: 2.394000 GHz
Memory total: 8497946624, free: 3155025920
Code:
ATTFilter =======================================
------------ Kernel report ------------
08/16/2015 11:20:26
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kd.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\System32\drivers\werkernel.sys
\SystemRoot\System32\drivers\CLFS.SYS
\SystemRoot\System32\drivers\tm.sys
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\BOOTVID.dll
\SystemRoot\system32\CI.dll
\SystemRoot\System32\drivers\msrpc.sys
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\System32\Drivers\acpiex.sys
\SystemRoot\System32\Drivers\WppRecorder.sys
\SystemRoot\System32\drivers\ACPI.sys
\SystemRoot\System32\drivers\WMILIB.SYS
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\msisadrv.sys
\SystemRoot\System32\drivers\pci.sys
\SystemRoot\System32\drivers\vdrvroot.sys
\SystemRoot\system32\drivers\pdc.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\System32\drivers\spaceport.sys
\SystemRoot\System32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\System32\drivers\iaStorA.sys
\SystemRoot\System32\drivers\storport.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\System32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\Wof.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\wfplwfs.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\System32\drivers\volsnap.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\ngvss.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\intelpep.sys
\SystemRoot\system32\drivers\dlkmdldr.sys
\SystemRoot\System32\drivers\disk.sys
\SystemRoot\System32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\ambakdrv.sys
\SystemRoot\System32\Drivers\fastfat.SYS
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\BasicRender.sys
\SystemRoot\system32\drivers\dlkmd.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\System32\drivers\BasicDisplay.sys
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\vwififlt.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\System32\drivers\veracrypt.sys
\SystemRoot\system32\DRIVERS\VBoxUSBMon.sys
\SystemRoot\system32\DRIVERS\VBoxDrv.sys
\SystemRoot\System32\drivers\truecrypt.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\System32\drivers\npsvctrig.sys
\SystemRoot\system32\ckldrv.sys
\SystemRoot\System32\drivers\mssmbios.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\ahcache.sys
\SystemRoot\system32\DRIVERS\VBoxNetAdp.sys
\SystemRoot\System32\drivers\CompositeBus.sys
\SystemRoot\system32\DRIVERS\kdnic.sys
\SystemRoot\system32\DRIVERS\VBoxNetFlt.sys
\SystemRoot\System32\drivers\umbus.sys
\SystemRoot\system32\DRIVERS\igdkmd64.sys
\SystemRoot\System32\drivers\HDAudBus.sys
\SystemRoot\system32\DRIVERS\DptfDevProc.sys
\SystemRoot\System32\drivers\USBXHCI.SYS
\SystemRoot\System32\drivers\ucx01000.sys
\SystemRoot\system32\DRIVERS\TeeDriverx64.sys
\SystemRoot\system32\DRIVERS\NETwbw02.sys
\SystemRoot\System32\drivers\vwifibus.sys
\SystemRoot\System32\drivers\usbehci.sys
\SystemRoot\System32\drivers\USBPORT.SYS
\SystemRoot\System32\drivers\CmBatt.sys
\SystemRoot\System32\drivers\BATTC.SYS
\SystemRoot\System32\drivers\AcpiVpc.sys
\SystemRoot\System32\drivers\i8042prt.sys
\SystemRoot\system32\DRIVERS\ikbevent.sys
\SystemRoot\system32\DRIVERS\SynTP.sys
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\System32\drivers\kbdclass.sys
\SystemRoot\system32\DRIVERS\imsevent.sys
\SystemRoot\System32\drivers\mouclass.sys
\SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys
\SystemRoot\system32\DRIVERS\DptfDevPch.sys
\SystemRoot\System32\drivers\msgpiowin32.sys
\SystemRoot\System32\drivers\intelppm.sys
\SystemRoot\system32\DRIVERS\DptfManager.sys
\SystemRoot\System32\drivers\ISCTD64.sys
\SystemRoot\System32\drivers\serscan.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\System32\drivers\NdisVirtualBus.sys
\SystemRoot\System32\drivers\swenum.sys
\SystemRoot\System32\drivers\iwdbus.sys
\SystemRoot\System32\drivers\rdpbus.sys
\SystemRoot\System32\drivers\usbhub.sys
\SystemRoot\system32\DRIVERS\portcls.sys
\SystemRoot\system32\DRIVERS\drmk.sys
\SystemRoot\System32\drivers\UsbHub3.sys
\SystemRoot\system32\drivers\RTKVHD64.sys
\SystemRoot\System32\Drivers\dump_diskdump.sys
\SystemRoot\System32\Drivers\dump_iaStorA.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\HIDPARSE.SYS
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\System32\drivers\usbccgp.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\drivers\monitor.sys
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\??\C:\Program Files\Sandboxie\SbieDrv.sys
\SystemRoot\System32\drivers\hidusb.sys
\SystemRoot\System32\drivers\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\nwifi.sys
\SystemRoot\system32\DRIVERS\ndisuio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\System32\Drivers\SPUVCbv_x64.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\??\C:\windows\system32\ammntdrv.sys
\SystemRoot\System32\drivers\condrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\drivers\Ndu.sys
\SystemRoot\system32\drivers\npf.sys
\SystemRoot\system32\drivers\peauth.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\SystemRoot\system32\DRIVERS\psi_mf_amd64.sys
\SystemRoot\System32\drivers\ipnat.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\System32\drivers\WUDFRd.sys
\SystemRoot\System32\drivers\WpdUpFltr.sys
\SystemRoot\System32\drivers\mshidumdf.sys
\??\C:\windows\System32\Drivers\INETMON.sys
\SystemRoot\system32\drivers\wimmount.sys
\SystemRoot\System32\drivers\rdpvideominiport.sys
\SystemRoot\system32\DRIVERS\trufos.sys
\SystemRoot\system32\DRIVERS\avchv.sys
\SystemRoot\system32\DRIVERS\avc3.sys
\??\C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
\SystemRoot\system32\DRIVERS\gzflt.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\ibtusb.sys
\SystemRoot\system32\DRIVERS\btmhsf.sys
\SystemRoot\System32\Drivers\BTHUSB.sys
\SystemRoot\System32\Drivers\bthport.sys
\SystemRoot\System32\drivers\rfcomm.sys
\??\C:\windows\system32\drivers\mbam.sys
\SystemRoot\System32\drivers\mouhid.sys
\SystemRoot\System32\drivers\DisplayLinkUsbIo_x64_7.4.48800.0.sys
\SystemRoot\system32\DRIVERS\dlusbaudio_x64.sys
\SystemRoot\system32\DRIVERS\dlcdcncm6_x64.sys
\SystemRoot\system32\DRIVERS\avckf.sys
\SystemRoot\System32\cdd.dll
\SystemRoot\system32\DRIVERS\vwifimp.sys
\SystemRoot\System32\drivers\umpass.sys
\??\C:\windows\system32\drivers\MBAMSwissArmy.sys
\??\C:\windows\system32\drivers\mwac.sys
\SystemRoot\System32\ATMFD.DLL
\??\C:\windows\system32\drivers\mbamchameleon.sys
----------- End -----------
Done!
Scan started
Database versions:
main: v2015.08.15.06
rootkit: v2015.08.06.01
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: F:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: F:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: F:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
File "C:\Windows\System32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\1394ohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipagr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpipmi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\acpitime.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\AGP440.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdk8.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\amdppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelpep.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\intelppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\isapnp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kbdhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\kdnic.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\atapi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\ataport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicDisplay.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BasicRender.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\battc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\battc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CmBatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\CompositeBus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\disk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\disk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\drmkaud.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\dumpsd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\EhStorTcgDrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\errdev.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fdc.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\flpydisk.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\parport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\parport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciide.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pciidex.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\pcmcia.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\portcls.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\processr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\processr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\circlass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uaspstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\fxppm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hdaudbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\HdAudio.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbatt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidbth.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidi2c.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidparse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\hidusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\i8042prt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\monitor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouclass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mouhid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\MTConfig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\npsvctrig.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\stornvme.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\swenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\terminpt.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\tpm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\TsUsbGD.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rdpbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\rfcomm.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sbp2port.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\UCX01000.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\uefi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\umpass.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbccgp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbcir.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbd.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbehci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbhub.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBHUB3.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbohci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbprint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBSTOR.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbuhci.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\usbvideo.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\USBXHCI.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vdrvroot.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vhdmp.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volmgr.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\volsnap.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\vwifibus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wacompen.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\winusb.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\wmiacpi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\WSDPrint.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\WSDPrint.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdbus.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sdstor.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\serial.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\serial.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sermouse.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\sfloppy.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\spaceport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msgpiowin32.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msisadrv.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\msiscsi.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\mssmbios.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BtaMPM.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthAvrcpTg.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthhfenum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthhfHid.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BthLEEnum.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BthLEEnum.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthpan.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\bthport.sys" is compressed (flags = 1)
File "C:\Windows\System32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\BTHUSB.SYS" is compressed (flags = 1)
File "C:\Windows\System32\drivers\cdrom.sys" is compressed (flags = 1)
File "C:\WINDOWS\SYSTEM32\drivers\cdrom.sys" is compressed (flags = 1)
Done!
Drive 0
This is a System drive
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: D9341526
GPT Protective MBR Partition information:
Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295
Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0
GPT Partition information:
GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 3992534476
GPT Header CurrentLba = 1 BackupLba 1000215215
GPT Header FirstUsableLba 34 LastUsableLba 1000215182
GPT Header Guid 81d0bac0-ae7e-4c5c-9e4b-42ff724c12c7
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128
Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 3992534476
Backup GPT header CurrentLba = 1000215215 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 1000215182
Backup GPT header Guid 81d0bac0-ae7e-4c5c-9e4b-42ff724c12c7
Backup GPT header Contains 128 partition entries starting at LBA 1000215183
Backup GPT header Partition entry size = 128
Partition 0 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID 89100f72-b034-48f7-9235-d1e8a01569ab
FirstLBA 2048 Last LBA 2050047
Attributes 1
Partition Name Basic data partition
Partition 1 Type c12a7328-f81f-11d2-ba4b-0a0c93ec93b
Partition ID d85cdf73-95f1-4d16-a0af-75d7156bca3f
FirstLBA 2050048 Last LBA 2582527
Attributes 1
Partition Name EFI system partition
GPT Partition 1 is bootable
Partition 2 Type bfbfafe7-a34f-448a-9a5b-6213eb736c22
Partition ID 26727f40-b568-4db9-995e-569892de61f
FirstLBA 2582528 Last LBA 4630527
Attributes 1
Partition Name Basic data partition
Partition 3 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID e4e0ce43-575e-4545-aa6d-6d79f4e68e0
FirstLBA 4630528 Last LBA 4892671
Attributes 0
Partition Name Microsoft reserved partition
Partition 4 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID c211288e-a13f-462d-98e4-3d53564478c7
FirstLBA 4892672 Last LBA 461408255
Attributes 0
Partition Name Basic data partition
Partition 5 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 264dab0c-e118-470a-87d1-7177e716f162
FirstLBA 461408256 Last LBA 915615743
Attributes 0
Partition Name Basic data partition
Partition 6 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID ae59f8b7-5d7c-48db-b094-d7c6a15ab40
FirstLBA 915617792 Last LBA 968046591
Attributes 0
Partition Name Basic data partition
Partition 7 Type de94bba4-6d1-4d40-a16a-bfd5179d6ac
Partition ID c83e6a4b-beb9-4a20-8cd0-4cb7934abd70
FirstLBA 968046592 Last LBA 1000214527
Attributes 1
Partition Name Basic data partition
Disk Size: 512110190592 bytes
Sector size: 512 bytes
Done!
Scan finished
=======================================
Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-i.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removal finished
|
|
16.08.2015, 10:49
| #7 |
| | Behinderung durch Trojaner?Code:
ATTFilter 11:38:06.0421 0x2dec TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
11:38:06.0421 0x2dec UEFI system
11:38:14.0115 0x2dec ============================================================
11:38:14.0115 0x2dec Current date / time: 2015/08/16 11:38:14.0115
11:38:14.0115 0x2dec SystemInfo:
11:38:14.0115 0x2dec
11:38:14.0115 0x2dec OS Version: 6.3.9600 ServicePack: 0.0
11:38:14.0115 0x2dec Product type: Workstation
11:38:14.0115 0x2dec ComputerName: SUGUS
11:38:14.0115 0x2dec UserName: Marcel
11:38:14.0115 0x2dec Windows directory: C:\windows
11:38:14.0115 0x2dec System windows directory: C:\windows
11:38:14.0115 0x2dec Running under WOW64
11:38:14.0115 0x2dec Processor architecture: Intel x64
11:38:14.0115 0x2dec Number of processors: 4
11:38:14.0115 0x2dec Page size: 0x1000
11:38:14.0115 0x2dec Boot type: Normal boot
11:38:14.0115 0x2dec ============================================================
11:38:14.0289 0x2dec KLMD registered as C:\windows\system32\drivers\25579357.sys
11:38:14.0664 0x2dec System UUID: {34DC25C9-A404-AA93-BBAD-80E9978AA6D6}
11:38:15.0292 0x2dec Drive \Device\Harddisk0\DR0 - Size: 0x773C256000 ( 476.94 Gb ), SectorSize: 0x200, Cylinders: 0xF334, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:38:15.0296 0x2dec ============================================================
11:38:15.0296 0x2dec \Device\Harddisk0\DR0:
11:38:15.0296 0x2dec GPT partitions:
11:38:15.0297 0x2dec \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {89100F72-B034-48F7-9235-D1E8A01569AB}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0x1F4000
11:38:15.0297 0x2dec \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {D85CDF73-95F1-4D16-A0AF-75D7156BCA3F}, Name: EFI system partition, StartLBA 0x1F4800, BlocksNum 0x82000
11:38:15.0297 0x2dec \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {BFBFAFE7-A34F-448A-9A5B-6213EB736C22}, UniqueGUID: {26727F40-B568-4DB9-995E-5609892DE61F}, Name: Basic data partition, StartLBA 0x276800, BlocksNum 0x1F4000
11:38:15.0297 0x2dec \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {E4E0CE43-575E-4545-AA6D-6D790F4E68E0}, Name: Microsoft reserved partition, StartLBA 0x46A800, BlocksNum 0x40000
11:38:15.0297 0x2dec \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {C211288E-A13F-462D-98E4-3D53564478C7}, Name: Basic data partition, StartLBA 0x4AA800, BlocksNum 0x1B35E000
11:38:15.0297 0x2dec \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {264DAB0C-E118-470A-87D1-7177E716F162}, Name: Basic data partition, StartLBA 0x1B808800, BlocksNum 0x1B12A800
11:38:15.0297 0x2dec \Device\Harddisk0\DR0\Partition7: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {AE59F8B7-5D7C-48DB-B094-D7C6A15AB400}, Name: Basic data partition, StartLBA 0x36933800, BlocksNum 0x3200000
11:38:15.0297 0x2dec \Device\Harddisk0\DR0\Partition8: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {C83E6A4B-BEB9-4A20-8CD0-4CB7934ABD70}, Name: Basic data partition, StartLBA 0x39B33800, BlocksNum 0x1EAD800
11:38:15.0298 0x2dec MBR partitions:
11:38:15.0298 0x2dec ============================================================
11:38:15.0299 0x2dec C: <-> \Device\Harddisk0\DR0\Partition5
11:38:15.0300 0x2dec D: <-> \Device\Harddisk0\DR0\Partition7
11:38:15.0301 0x2dec F: <-> \Device\Harddisk0\DR0\Partition6
11:38:15.0301 0x2dec ============================================================
11:38:15.0302 0x2dec Initialize success
11:38:15.0302 0x2dec ============================================================
11:38:42.0743 0x3ee8 ============================================================
11:38:42.0743 0x3ee8 Scan started
11:38:42.0743 0x3ee8 Mode: Manual;
11:38:42.0743 0x3ee8 ============================================================
11:38:42.0743 0x3ee8 KSN ping started
11:38:45.0074 0x3ee8 KSN ping finished: true
11:38:45.0974 0x3ee8 ================ Scan system memory ========================
11:38:45.0974 0x3ee8 System memory - ok
11:38:45.0976 0x3ee8 ================ Scan services =============================
11:38:46.0117 0x3ee8 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys
11:38:46.0136 0x3ee8 1394ohci - ok
11:38:46.0211 0x3ee8 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\windows\system32\drivers\3ware.sys
11:38:46.0220 0x3ee8 3ware - ok
11:38:46.0279 0x3ee8 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\windows\system32\drivers\ACPI.sys
11:38:46.0320 0x3ee8 ACPI - ok
11:38:46.0331 0x3ee8 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\windows\system32\Drivers\acpiex.sys
11:38:46.0335 0x3ee8 acpiex - ok
11:38:46.0342 0x3ee8 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\windows\System32\drivers\acpipagr.sys
11:38:46.0345 0x3ee8 acpipagr - ok
11:38:46.0354 0x3ee8 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys
11:38:46.0356 0x3ee8 AcpiPmi - ok
11:38:46.0364 0x3ee8 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\windows\System32\drivers\acpitime.sys
11:38:46.0367 0x3ee8 acpitime - ok
11:38:46.0376 0x3ee8 [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC C:\windows\System32\drivers\AcpiVpc.sys
11:38:46.0379 0x3ee8 ACPIVPC - ok
11:38:46.0390 0x3ee8 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:38:46.0394 0x3ee8 AdobeARMservice - ok
11:38:46.0434 0x3ee8 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:38:46.0444 0x3ee8 AdobeFlashPlayerUpdateSvc - ok
11:38:46.0480 0x3ee8 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\windows\system32\drivers\ADP80XX.SYS
11:38:46.0504 0x3ee8 ADP80XX - ok
11:38:46.0513 0x3ee8 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
11:38:46.0523 0x3ee8 AeLookupSvc - ok
11:38:46.0537 0x3ee8 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\windows\system32\drivers\afd.sys
11:38:46.0547 0x3ee8 AFD - ok
11:38:46.0552 0x3ee8 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\windows\system32\drivers\agp440.sys
11:38:46.0555 0x3ee8 agp440 - ok
11:38:46.0560 0x3ee8 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\windows\system32\DRIVERS\ahcache.sys
11:38:46.0562 0x3ee8 ahcache - ok
11:38:46.0567 0x3ee8 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\windows\System32\alg.exe
11:38:46.0570 0x3ee8 ALG - ok
11:38:46.0583 0x3ee8 [ 5EE5E5DF9E92B3A5581B9DE7DCC05972, 6AD4D98F00C2B454807450EDB9ED3545BA91B608A853A59BDE7282808CBFF6B0 ] AllShare Framework DMS C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
11:38:46.0589 0x3ee8 AllShare Framework DMS - ok
11:38:46.0594 0x3ee8 [ E019017558B28A707119F8545AD1A1C0, 7A080DB2BDD1AE7E849EE79BF42B737D78A4F6EA6D07F61D6E994D7A383E9551 ] ambakdrv C:\windows\system32\ambakdrv.sys
11:38:46.0596 0x3ee8 ambakdrv - ok
11:38:46.0602 0x3ee8 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\windows\System32\drivers\amdk8.sys
11:38:46.0606 0x3ee8 AmdK8 - ok
11:38:46.0612 0x3ee8 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\windows\System32\drivers\amdppm.sys
11:38:46.0615 0x3ee8 AmdPPM - ok
11:38:46.0619 0x3ee8 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\windows\system32\drivers\amdsata.sys
11:38:46.0622 0x3ee8 amdsata - ok
11:38:46.0631 0x3ee8 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
11:38:46.0636 0x3ee8 amdsbs - ok
11:38:46.0640 0x3ee8 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\windows\system32\drivers\amdxata.sys
11:38:46.0642 0x3ee8 amdxata - ok
11:38:46.0648 0x3ee8 [ 46014EDFDC8AF8733E14947448D122C5, 8CE2BD29CF7230A624745334A76F5F8C2E5C01EEDB2B803F9468771BC9DCBC4D ] ammntdrv C:\windows\system32\ammntdrv.sys
11:38:46.0652 0x3ee8 ammntdrv - ok
11:38:46.0657 0x3ee8 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\windows\system32\drivers\appid.sys
11:38:46.0659 0x3ee8 AppID - ok
11:38:46.0664 0x3ee8 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\windows\System32\appidsvc.dll
11:38:46.0665 0x3ee8 AppIDSvc - ok
11:38:46.0670 0x3ee8 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\windows\System32\appinfo.dll
11:38:46.0673 0x3ee8 Appinfo - ok
11:38:46.0680 0x3ee8 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:38:46.0682 0x3ee8 Apple Mobile Device Service - ok
11:38:46.0696 0x3ee8 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\windows\system32\AppReadiness.dll
11:38:46.0707 0x3ee8 AppReadiness - ok
11:38:46.0735 0x3ee8 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\windows\system32\appxdeploymentserver.dll
11:38:46.0759 0x3ee8 AppXSvc - ok
11:38:46.0765 0x3ee8 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\windows\system32\drivers\arcsas.sys
11:38:46.0769 0x3ee8 arcsas - ok
11:38:46.0776 0x3ee8 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\windows\system32\drivers\atapi.sys
11:38:46.0778 0x3ee8 atapi - ok
11:38:46.0789 0x3ee8 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
11:38:46.0795 0x3ee8 AudioEndpointBuilder - ok
11:38:46.0817 0x3ee8 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\windows\System32\Audiosrv.dll
11:38:46.0834 0x3ee8 Audiosrv - ok
11:38:46.0862 0x3ee8 [ 9845EF176613C9E325A1CA4B40925F69, B37EDAA45B5767F45CEA128799570B6F2084BA84E672B6FCEAF920296FD3AED6 ] avc3 C:\windows\system32\DRIVERS\avc3.sys
11:38:46.0885 0x3ee8 avc3 - ok
11:38:46.0895 0x3ee8 [ A692B4E9773CD0BDCE99DEEB0AB5D3AC, 7DE2D61857E98D319D6BF66B12C6450E6C5F299EEB781AFA29473471E9ED504C ] avchv C:\windows\system32\DRIVERS\avchv.sys
11:38:46.0901 0x3ee8 avchv - ok
11:38:46.0918 0x3ee8 [ 1B25E559C0AE349206641C9DED74D02F, 8E5210A98B2950C0B7086EF08E0E49D4F05933F5FB98F852614E5E5083731438 ] avckf C:\windows\system32\DRIVERS\avckf.sys
11:38:46.0932 0x3ee8 avckf - ok
11:38:46.0937 0x3ee8 [ 943B743BEA5AE4EEA43250FFCC99C522, 387966A350796EFB6682A975D66F057B622296F6ADF4AFCEECD9F775BA97BFE6 ] AX88772 C:\windows\system32\DRIVERS\ax88772.sys
11:38:46.0941 0x3ee8 AX88772 - ok
11:38:46.0946 0x3ee8 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\windows\System32\AxInstSV.dll
11:38:46.0950 0x3ee8 AxInstSV - ok
11:38:46.0963 0x3ee8 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
11:38:46.0973 0x3ee8 b06bdrv - ok
11:38:46.0979 0x3ee8 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys
11:38:46.0981 0x3ee8 BasicDisplay - ok
11:38:46.0986 0x3ee8 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\windows\System32\drivers\BasicRender.sys
11:38:46.0988 0x3ee8 BasicRender - ok
11:38:46.0994 0x3ee8 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\windows\System32\drivers\bcmfn2.sys
11:38:46.0995 0x3ee8 bcmfn2 - ok
11:38:47.0000 0x3ee8 [ 3701D3BF4AC12EAACB1F58847C1D32FC, 29F3DA7E4C1706934BE92D03CB6F633C47D0251E5580958E823B6148DA5E5E73 ] bdelam C:\windows\system32\drivers\bdelam.sys
11:38:47.0002 0x3ee8 bdelam - ok
11:38:47.0012 0x3ee8 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\windows\System32\bdesvc.dll
11:38:47.0019 0x3ee8 BDESVC - ok
11:38:47.0025 0x3ee8 [ E2C24DBCCD01794E5C6BE19748DF2769, 0739C75F6630FA83609F5B2AB4DD22C5ECAC9E43F96FE9C730C9DF6899AACE66 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
11:38:47.0028 0x3ee8 bdfwfpf - ok
11:38:47.0031 0x3ee8 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\windows\system32\drivers\Beep.sys
11:38:47.0032 0x3ee8 Beep - ok
11:38:47.0054 0x3ee8 [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE C:\windows\System32\bfe.dll
11:38:47.0071 0x3ee8 BFE - ok
11:38:47.0091 0x3ee8 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\windows\System32\qmgr.dll
11:38:47.0111 0x3ee8 BITS - ok
11:38:47.0139 0x3ee8 [ 4D87518BA68C308299441337C55F5427, AE46F847EE605213A3AE9BEFE5EB0B7B8D877340EA1A6CF9EF5683A02ECFE399 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:38:47.0157 0x3ee8 Bluetooth Device Monitor - ok
11:38:47.0180 0x3ee8 [ 19786E2114E2FCB4EAA30808E9D4FB9A, FCBD15EA7CB0B22DA9ABFACF95DE877042201C85EBC219F5204E12F76E8DBC09 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:38:47.0197 0x3ee8 Bluetooth OBEX Service - ok
11:38:47.0215 0x3ee8 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:38:47.0222 0x3ee8 Bonjour Service - ok
11:38:47.0227 0x3ee8 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\windows\system32\DRIVERS\bowser.sys
11:38:47.0230 0x3ee8 bowser - ok
11:38:47.0242 0x3ee8 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
11:38:47.0248 0x3ee8 BrokerInfrastructure - ok
11:38:47.0255 0x3ee8 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\windows\System32\browser.dll
11:38:47.0259 0x3ee8 Browser - ok
11:38:47.0268 0x3ee8 [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
11:38:47.0273 0x3ee8 BrYNSvc - ok
11:38:47.0278 0x3ee8 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys
11:38:47.0280 0x3ee8 BthAvrcpTg - ok
11:38:47.0285 0x3ee8 [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum C:\windows\System32\drivers\BthEnum.sys
11:38:47.0287 0x3ee8 BthEnum - ok
11:38:47.0293 0x3ee8 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys
11:38:47.0296 0x3ee8 BthHFEnum - ok
11:38:47.0300 0x3ee8 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys
11:38:47.0302 0x3ee8 bthhfhid - ok
11:38:47.0312 0x3ee8 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\windows\System32\BthHFSrv.dll
11:38:47.0323 0x3ee8 BthHFSrv - ok
11:38:47.0332 0x3ee8 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\windows\System32\drivers\BthLEEnum.sys
11:38:47.0338 0x3ee8 BthLEEnum - ok
11:38:47.0343 0x3ee8 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys
11:38:47.0345 0x3ee8 BTHMODEM - ok
11:38:47.0351 0x3ee8 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\windows\System32\drivers\bthpan.sys
11:38:47.0356 0x3ee8 BthPan - ok
11:38:47.0392 0x3ee8 [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
11:38:47.0421 0x3ee8 BTHPORT - ok
11:38:47.0427 0x3ee8 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\windows\system32\bthserv.dll
11:38:47.0430 0x3ee8 bthserv - ok
11:38:47.0435 0x3ee8 [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
11:38:47.0438 0x3ee8 BTHUSB - ok
11:38:47.0444 0x3ee8 [ 4428C299BE7B9841ECFA82044B69FA6A, F8AB607D6CACBF2DDE3C392F9756B9F32CB99664A75F3140365CB916450660EC ] btmaux C:\windows\system32\DRIVERS\btmaux.sys
11:38:47.0448 0x3ee8 btmaux - ok
11:38:47.0477 0x3ee8 [ 7B31A8A9DC95B3634D896FD0F2814F19, 8FD5FBC61968F4BB8C2BAD0D432D5B86DCFED38CCF6F559F9EFB71AADD25474F ] btmhsf C:\windows\system32\DRIVERS\btmhsf.sys
11:38:47.0500 0x3ee8 btmhsf - ok
11:38:47.0531 0x3ee8 [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
11:38:47.0551 0x3ee8 c2cautoupdatesvc - ok
11:38:47.0586 0x3ee8 [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
11:38:47.0611 0x3ee8 c2cpnrsvc - ok
11:38:47.0618 0x3ee8 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
11:38:47.0621 0x3ee8 cdfs - ok
11:38:47.0629 0x3ee8 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\windows\System32\drivers\cdrom.sys
11:38:47.0632 0x3ee8 cdrom - ok
11:38:47.0638 0x3ee8 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\windows\System32\certprop.dll
11:38:47.0643 0x3ee8 CertPropSvc - ok
11:38:47.0647 0x3ee8 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\windows\System32\drivers\circlass.sys
11:38:47.0649 0x3ee8 circlass - ok
11:38:47.0660 0x3ee8 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\windows\system32\drivers\CLFS.sys
11:38:47.0667 0x3ee8 CLFS - ok
11:38:47.0677 0x3ee8 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\windows\System32\drivers\CmBatt.sys
11:38:47.0678 0x3ee8 CmBatt - ok
11:38:47.0693 0x3ee8 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\windows\system32\Drivers\cng.sys
11:38:47.0703 0x3ee8 CNG - ok
11:38:47.0714 0x3ee8 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys
11:38:47.0716 0x3ee8 CompositeBus - ok
11:38:47.0718 0x3ee8 COMSysApp - ok
11:38:47.0723 0x3ee8 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\windows\system32\drivers\condrv.sys
11:38:47.0724 0x3ee8 condrv - ok
11:38:47.0753 0x3ee8 [ 556F1FB9F0B6CEB25C2801B1F02C2531, A724148E574F7BC69453722F7C3F17417095468D2E1714339139F5CD4FA89D32 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
11:38:47.0762 0x3ee8 cphs - ok
11:38:47.0776 0x3ee8 [ E0F25019195B8417F0F2BDA2D337EEE4, 65BF9EA9846204C3587CB477E33BC74FE0ACE3B5A900FB88F0104B45CDBB464A ] CronService C:\Windows\Prey\wpxsvc.exe
11:38:47.0786 0x3ee8 CronService - ok
11:38:47.0789 0x3ee8 Crypkey License - ok
11:38:47.0798 0x3ee8 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\windows\system32\cryptsvc.dll
11:38:47.0802 0x3ee8 CryptSvc - ok
11:38:47.0807 0x3ee8 [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\windows\system32\drivers\dam.sys
11:38:47.0810 0x3ee8 dam - ok
11:38:47.0831 0x3ee8 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\windows\system32\rpcss.dll
11:38:47.0849 0x3ee8 DcomLaunch - ok
11:38:47.0862 0x3ee8 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\windows\System32\defragsvc.dll
11:38:47.0872 0x3ee8 defragsvc - ok
11:38:47.0883 0x3ee8 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\windows\system32\das.dll
11:38:47.0892 0x3ee8 DeviceAssociationService - ok
11:38:47.0898 0x3ee8 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\windows\system32\umpnpmgr.dll
11:38:47.0904 0x3ee8 DeviceInstall - ok
11:38:47.0912 0x3ee8 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\windows\system32\Drivers\dfsc.sys
11:38:47.0916 0x3ee8 Dfsc - ok
11:38:47.0927 0x3ee8 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\windows\system32\dhcpcore.dll
11:38:47.0934 0x3ee8 Dhcp - ok
11:38:47.0963 0x3ee8 [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack C:\windows\system32\diagtrack.dll
11:38:47.0988 0x3ee8 DiagTrack - ok
11:38:47.0995 0x3ee8 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\windows\system32\drivers\disk.sys
11:38:47.0998 0x3ee8 disk - ok
11:38:48.0184 0x3ee8 [ 260169AFE0247D3817DDD7EC6C6AD0BC, 2C0FB869A23AC18B7874899C5599691464C158E1881AD5EEEE95D6D0B182C9CF ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
11:38:48.0312 0x3ee8 DisplayLinkService - ok
11:38:48.0326 0x3ee8 [ 13ED2100E5B9BA035BAF0BF437CDA70F, 00975CC61526AE05694531203EE521C939CE633F10467A1BB061E573A16F5FA3 ] DisplayLinkUsbIo_x64 C:\windows\System32\drivers\DisplayLinkUsbIo_x64_7.4.48800.0.sys
11:38:48.0328 0x3ee8 DisplayLinkUsbIo_x64 - ok
11:38:48.0334 0x3ee8 [ E21BDB9558BD7EC4ADA9514E97A0DCEF, FFB8496A031FBC6D8BD4322FF0B41A857ECB87C8DC09C99AAB0B365E6268AD5A ] dlcdcncm6_x64 C:\windows\system32\DRIVERS\dlcdcncm6_x64.sys
11:38:48.0336 0x3ee8 dlcdcncm6_x64 - ok
11:38:48.0348 0x3ee8 [ 68606C57F940117BB71103F4D4AF3761, F01901731BC0B4818C739BD8E6EC7777163B33B7CC93D2768F9DD4ED6706F9BA ] dlkmd C:\windows\system32\drivers\dlkmd.sys
11:38:48.0355 0x3ee8 dlkmd - ok
11:38:48.0358 0x3ee8 [ 1EF1046C8F3859B2760655D599143274, 381896422E7F75DEA1B365D9C4A32CD7858C2D0230B78FCA1C2543E8A7F81EF7 ] dlkmdldr C:\windows\system32\drivers\dlkmdldr.sys
11:38:48.0360 0x3ee8 dlkmdldr - ok
11:38:48.0367 0x3ee8 [ 898F78DEF8DEB668BD075FDB9D146672, 28B92A5C64F447CB402F5FFC0F2BD09231FFEFDCAEA3066EBF2E5C6B06DC6544 ] dlusbaudio C:\windows\system32\DRIVERS\dlusbaudio_x64.sys
11:38:48.0371 0x3ee8 dlusbaudio - ok
11:38:48.0375 0x3ee8 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\windows\System32\drivers\dmvsc.sys
11:38:48.0377 0x3ee8 dmvsc - ok
11:38:48.0384 0x3ee8 [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\windows\System32\dnsrslvr.dll
11:38:48.0391 0x3ee8 Dnscache - ok
11:38:48.0399 0x3ee8 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\windows\System32\dot3svc.dll
11:38:48.0406 0x3ee8 dot3svc - ok
11:38:48.0412 0x3ee8 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\windows\system32\dps.dll
11:38:48.0417 0x3ee8 DPS - ok
11:38:48.0422 0x3ee8 [ E87CD3E4F9AC0A2C181990CB781DD4BA, 693F30DF8D4AE732BBB36D250D89DEC05C291B0A0998CBE87677E4F019253432 ] DptfDevPch C:\windows\system32\DRIVERS\DptfDevPch.sys
11:38:48.0426 0x3ee8 DptfDevPch - ok
11:38:48.0434 0x3ee8 [ 1C3C798B4150F7A047853838EBE2A95B, 8A44147DAB1FCBD5F23B5D427D12D0D5CA4A8260216ECE155CD849D09328069A ] DptfDevProc C:\windows\system32\DRIVERS\DptfDevProc.sys
11:38:48.0440 0x3ee8 DptfDevProc - ok
11:38:48.0453 0x3ee8 [ 133C04EDB13A8A7740FFA3D7DD397C80, 56A28AF194354A6AA48A9204F13C845A4B3FE4E3139BBDE31DDDE318F3FB20C9 ] DptfManager C:\windows\system32\DRIVERS\DptfManager.sys
11:38:48.0462 0x3ee8 DptfManager - ok
11:38:48.0470 0x3ee8 [ 8A18176B5108C2FBB23ADA9D548BDD3A, 204E39EE27B6FEDB75E97950B1608DEB0641248857FF0FDD2B66168929967043 ] DptfParticipantProcessorService C:\windows\system32\DptfParticipantProcessorService.exe
11:38:48.0473 0x3ee8 DptfParticipantProcessorService - ok
11:38:48.0479 0x3ee8 [ 82239362B0C3CDA6C2E69EAB73FA8A97, 73ADB64C365E5C1F2DF92B91982E65577ADC58DE84ECF0399F0C1C380602E630 ] DptfPolicyConfigTDPService C:\windows\system32\DptfPolicyConfigTDPService.exe
11:38:48.0482 0x3ee8 DptfPolicyConfigTDPService - ok
11:38:48.0488 0x3ee8 [ FAFA22CD7FD7B0A195239E738F7B7030, 9DF3810F814ACD4A694F25482E57ADEA01F1072CEAA4AC14ED5D383A4D2DE385 ] DptfPolicyCriticalService C:\windows\system32\DptfPolicyCriticalService.exe
11:38:48.0492 0x3ee8 DptfPolicyCriticalService - ok
11:38:48.0498 0x3ee8 [ 06B40DF90D494E2242C63DCACB354B8E, A10EB3EF74EDA33CF710B74E52D97A2B3B7874F3C5212016ED1FB89F8070D6A9 ] DptfPolicyLpmService C:\windows\system32\DptfPolicyLpmService.exe
11:38:48.0501 0x3ee8 DptfPolicyLpmService - ok
11:38:48.0506 0x3ee8 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
11:38:48.0507 0x3ee8 drmkaud - ok
11:38:48.0515 0x3ee8 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\windows\System32\DeviceSetupManager.dll
11:38:48.0521 0x3ee8 DsmSvc - ok
11:38:48.0556 0x3ee8 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
11:38:48.0582 0x3ee8 DXGKrnl - ok
11:38:48.0596 0x3ee8 [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress C:\windows\system32\DRIVERS\e1i63x64.sys
11:38:48.0605 0x3ee8 e1iexpress - ok
11:38:48.0610 0x3ee8 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\windows\System32\eapsvc.dll
11:38:48.0615 0x3ee8 Eaphost - ok
11:38:48.0676 0x3ee8 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\windows\system32\drivers\evbda.sys
11:38:48.0730 0x3ee8 ebdrv - ok
11:38:48.0736 0x3ee8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\windows\System32\lsass.exe
11:38:48.0739 0x3ee8 EFS - ok
11:38:48.0744 0x3ee8 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys
11:38:48.0746 0x3ee8 EhStorClass - ok
11:38:48.0753 0x3ee8 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys
11:38:48.0756 0x3ee8 EhStorTcgDrv - ok
11:38:48.0760 0x3ee8 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\windows\System32\drivers\errdev.sys
11:38:48.0762 0x3ee8 ErrDev - ok
11:38:48.0781 0x3ee8 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\windows\system32\es.dll
11:38:48.0790 0x3ee8 EventSystem - ok
11:38:48.0797 0x3ee8 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\windows\system32\drivers\exfat.sys
11:38:48.0801 0x3ee8 exfat - ok
11:38:48.0808 0x3ee8 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\windows\system32\drivers\fastfat.sys
11:38:48.0813 0x3ee8 fastfat - ok
11:38:48.0833 0x3ee8 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\windows\system32\fxssvc.exe
11:38:48.0846 0x3ee8 Fax - ok
11:38:48.0851 0x3ee8 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\windows\System32\drivers\fdc.sys
11:38:48.0853 0x3ee8 fdc - ok
11:38:48.0857 0x3ee8 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\windows\system32\fdPHost.dll
11:38:48.0860 0x3ee8 fdPHost - ok
11:38:48.0864 0x3ee8 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\windows\system32\fdrespub.dll
11:38:48.0866 0x3ee8 FDResPub - ok
11:38:48.0872 0x3ee8 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\windows\system32\fhsvc.dll
11:38:48.0877 0x3ee8 fhsvc - ok
11:38:48.0884 0x3ee8 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
11:38:48.0887 0x3ee8 FileInfo - ok
11:38:48.0891 0x3ee8 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\windows\system32\drivers\filetrace.sys
11:38:48.0893 0x3ee8 Filetrace - ok
11:38:48.0910 0x3ee8 [ 82A80C96C9A199B003BDC837ECA9798F, E8DB1409DB694A90C759F418346AE5D71014AE3513A8B865B50923AD0DFEE395 ] FileZilla Server C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
11:38:48.0921 0x3ee8 FileZilla Server - ok
11:38:48.0925 0x3ee8 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\windows\System32\drivers\flpydisk.sys
11:38:48.0926 0x3ee8 flpydisk - ok
11:38:48.0936 0x3ee8 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\windows\system32\drivers\fltmgr.sys
11:38:48.0945 0x3ee8 FltMgr - ok
11:38:48.0974 0x3ee8 [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\windows\system32\FntCache.dll
11:38:49.0002 0x3ee8 FontCache - ok
11:38:49.0007 0x3ee8 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:38:49.0009 0x3ee8 FontCache3.0.0.0 - ok
11:38:49.0016 0x3ee8 [ 19CD3729F10B39C5A0E770B6B99CA734, 63B24E367EA70444567C3A731DA2C860E3C334010B0F948697E01BDC9A2367FE ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
11:38:49.0020 0x3ee8 Freemake Improver - ok
11:38:49.0024 0x3ee8 [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
11:38:49.0025 0x3ee8 FreemakeVideoCapture - ok
11:38:49.0031 0x3ee8 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\windows\system32\drivers\FsDepends.sys
11:38:49.0033 0x3ee8 FsDepends - ok
11:38:49.0041 0x3ee8 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
11:38:49.0042 0x3ee8 Fs_Rec - ok
11:38:49.0057 0x3ee8 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
11:38:49.0068 0x3ee8 fvevol - ok
11:38:49.0072 0x3ee8 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\windows\System32\drivers\fxppm.sys
11:38:49.0074 0x3ee8 FxPPM - ok
11:38:49.0078 0x3ee8 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
11:38:49.0081 0x3ee8 gagp30kx - ok
11:38:49.0084 0x3ee8 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
11:38:49.0086 0x3ee8 GEARAspiWDM - ok
11:38:49.0090 0x3ee8 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\windows\System32\drivers\vmgencounter.sys
11:38:49.0091 0x3ee8 gencounter - ok
11:38:49.0099 0x3ee8 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys
11:38:49.0102 0x3ee8 GPIOClx0101 - ok
11:38:49.0130 0x3ee8 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\windows\System32\gpsvc.dll
11:38:49.0154 0x3ee8 gpsvc - ok
11:38:49.0160 0x3ee8 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:38:49.0164 0x3ee8 gusvc - ok
11:38:49.0174 0x3ee8 [ 4250E0978FBC9B3C0D115CD26C5BA9F4, 5674E267D9053BDF185A73C689CB125EE70AE14C7F2D0E37718379F425EBDC01 ] gzflt C:\windows\system32\DRIVERS\gzflt.sys
11:38:49.0178 0x3ee8 gzflt - ok
11:38:49.0194 0x3ee8 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:38:49.0205 0x3ee8 HdAudAddService - ok
11:38:49.0211 0x3ee8 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys
11:38:49.0214 0x3ee8 HDAudBus - ok
11:38:49.0218 0x3ee8 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\windows\System32\drivers\HidBatt.sys
11:38:49.0219 0x3ee8 HidBatt - ok
11:38:49.0225 0x3ee8 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\windows\System32\drivers\hidbth.sys
11:38:49.0229 0x3ee8 HidBth - ok
11:38:49.0234 0x3ee8 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\windows\System32\drivers\hidi2c.sys
11:38:49.0236 0x3ee8 hidi2c - ok
11:38:49.0239 0x3ee8 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\windows\System32\drivers\hidir.sys
11:38:49.0241 0x3ee8 HidIr - ok
11:38:49.0246 0x3ee8 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\windows\system32\hidserv.dll
11:38:49.0249 0x3ee8 hidserv - ok
11:38:49.0254 0x3ee8 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\windows\System32\drivers\hidusb.sys
11:38:49.0256 0x3ee8 HidUsb - ok
11:38:49.0264 0x3ee8 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\windows\system32\drivers\HipShieldK.sys
11:38:49.0269 0x3ee8 HipShieldK - ok
11:38:49.0273 0x3ee8 [ 1724153FDD2FF3DAD9001AD91ED0E1D7, 612335166B24C747C06E4ADA62C5E039A03BE3C6D54415037CB0CBE76267FEB8 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
11:38:49.0276 0x3ee8 HitmanProScheduler - ok
11:38:49.0282 0x3ee8 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\windows\system32\kmsvc.dll
11:38:49.0286 0x3ee8 hkmsvc - ok
11:38:49.0296 0x3ee8 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:38:49.0303 0x3ee8 HomeGroupListener - ok
11:38:49.0316 0x3ee8 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:38:49.0327 0x3ee8 HomeGroupProvider - ok
11:38:49.0332 0x3ee8 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
11:38:49.0334 0x3ee8 HpSAMD - ok
11:38:49.0355 0x3ee8 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\windows\system32\drivers\HTTP.sys
11:38:49.0373 0x3ee8 HTTP - ok
11:38:49.0377 0x3ee8 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
11:38:49.0379 0x3ee8 hwpolicy - ok
11:38:49.0382 0x3ee8 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys
11:38:49.0383 0x3ee8 hyperkbd - ok
11:38:49.0387 0x3ee8 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys
11:38:49.0388 0x3ee8 HyperVideo - ok
11:38:49.0394 0x3ee8 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\windows\System32\drivers\i8042prt.sys
11:38:49.0398 0x3ee8 i8042prt - ok
11:38:49.0402 0x3ee8 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\windows\System32\drivers\iaLPSSi_GPIO.sys
11:38:49.0404 0x3ee8 iaLPSSi_GPIO - ok
11:38:49.0408 0x3ee8 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\windows\System32\drivers\iaLPSSi_I2C.sys
11:38:49.0411 0x3ee8 iaLPSSi_I2C - ok
11:38:49.0427 0x3ee8 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\windows\system32\drivers\iaStorA.sys
11:38:49.0437 0x3ee8 iaStorA - ok
11:38:49.0454 0x3ee8 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\windows\system32\drivers\iaStorAV.sys
11:38:49.0466 0x3ee8 iaStorAV - ok
11:38:49.0471 0x3ee8 [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:38:49.0472 0x3ee8 IAStorDataMgrSvc - ok
11:38:49.0483 0x3ee8 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
11:38:49.0491 0x3ee8 iaStorV - ok
11:38:49.0498 0x3ee8 [ CAAC69A001E1A5878D2F050F57F93DA4, 0A4263501F2C1C9E4B3764A2EF27607DF07810A10A2F23F3E389EA3E1E1ACA8A ] ibtusb C:\windows\system32\DRIVERS\ibtusb.sys
11:38:49.0502 0x3ee8 ibtusb - ok
11:38:49.0505 0x3ee8 IEEtwCollectorService - ok
11:38:49.0574 0x3ee8 [ 142CFBE6ED0E498CCA7ABE8DD932C1AF, 513DFF7DA86CCCB9A061CF7ED0AC84305D800A26189179F60B62BD4FFFCF7DDF ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
11:38:49.0634 0x3ee8 igfx - ok
11:38:49.0646 0x3ee8 [ FB4E894BBCE2472F40AE9EBCA04F3C1B, E7CE716FCE668605D054FED283A639B90143EE1C28A2EC1F6D774BB1510AB36B ] igfxCUIService1.0.0.0 C:\windows\system32\igfxCUIService.exe
11:38:49.0653 0x3ee8 igfxCUIService1.0.0.0 - ok
11:38:49.0656 0x3ee8 [ 39F3C7E218CE9118106D166F09AE1352, B78ADFC87AACF868D62A7FB0971B8786C1315A9B4D34D3E3159AD3F24D78AD62 ] ikbevent C:\windows\system32\DRIVERS\ikbevent.sys
11:38:49.0658 0x3ee8 ikbevent - ok
11:38:49.0681 0x3ee8 [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT C:\windows\System32\ikeext.dll
11:38:49.0701 0x3ee8 IKEEXT - ok
11:38:49.0705 0x3ee8 [ 404906005D768E48BF16218B420249C7, 78409A077F244FCAC806180384C240F3BB1FF7ECF02EDB5E5D3188F458AB23D1 ] imsevent C:\windows\system32\DRIVERS\imsevent.sys
11:38:49.0707 0x3ee8 imsevent - ok
11:38:49.0713 0x3ee8 [ 3F2BB021CB280880F8C1B7A6FEF9B447, CEC0BF9D6C9CF6E6A9F9B4E656BD47208AC977EDDC11C1C3BCD07EB50BABC017 ] INETMON C:\windows\System32\Drivers\INETMON.sys
11:38:49.0714 0x3ee8 INETMON - ok
11:38:49.0718 0x3ee8 [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
11:38:49.0720 0x3ee8 intaud_WaveExtensible - ok
11:38:49.0785 0x3ee8 [ 4C60B08DFC8E2543075FF13C9E68DD55, C8314F957102DD843763C9CC9A2356AB390FC79E4E636CC43AC80BA6431D2F76 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
11:38:49.0846 0x3ee8 IntcAzAudAddService - ok
11:38:49.0860 0x3ee8 [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
11:38:49.0870 0x3ee8 IntcDAud - ok
11:38:49.0887 0x3ee8 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:38:49.0901 0x3ee8 Intel(R) Capability Licensing Service Interface - ok
11:38:49.0919 0x3ee8 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:38:49.0934 0x3ee8 Intel(R) Capability Licensing Service TCP IP Interface - ok
11:38:49.0941 0x3ee8 [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
11:38:49.0944 0x3ee8 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - ok
11:38:49.0948 0x3ee8 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\windows\system32\drivers\intelide.sys
11:38:49.0949 0x3ee8 intelide - ok
11:38:49.0953 0x3ee8 [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\windows\system32\drivers\intelpep.sys
11:38:49.0955 0x3ee8 intelpep - ok
11:38:49.0961 0x3ee8 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\windows\System32\drivers\intelppm.sys
11:38:49.0965 0x3ee8 intelppm - ok
11:38:49.0970 0x3ee8 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
11:38:49.0973 0x3ee8 IpFilterDriver - ok
11:38:49.0993 0x3ee8 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
11:38:50.0010 0x3ee8 iphlpsvc - ok
11:38:50.0015 0x3ee8 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys
11:38:50.0018 0x3ee8 IPMIDRV - ok
11:38:50.0024 0x3ee8 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\windows\system32\drivers\ipnat.sys
11:38:50.0028 0x3ee8 IPNAT - ok
11:38:50.0045 0x3ee8 [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:38:50.0057 0x3ee8 iPod Service - ok
11:38:50.0061 0x3ee8 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\windows\system32\drivers\irenum.sys
11:38:50.0062 0x3ee8 IRENUM - ok
11:38:50.0070 0x3ee8 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\windows\system32\drivers\isapnp.sys
11:38:50.0071 0x3ee8 isapnp - ok
11:38:50.0082 0x3ee8 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys
11:38:50.0090 0x3ee8 iScsiPrt - ok
11:38:50.0094 0x3ee8 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\windows\System32\drivers\ISCTD64.sys
11:38:50.0096 0x3ee8 ISCT - ok
11:38:50.0104 0x3ee8 [ 5215D12B13FC2BC7717AA4884846D34F, B97B8FFC6FB212398BF772C08B318411EA70B683B816906F30EF35DEB5B1C130 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
11:38:50.0109 0x3ee8 ISCTAgent - ok
11:38:50.0117 0x3ee8 [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
11:38:50.0123 0x3ee8 iumsvc - ok
11:38:50.0128 0x3ee8 [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus C:\windows\System32\drivers\iwdbus.sys
11:38:50.0129 0x3ee8 iwdbus - ok
11:38:50.0137 0x3ee8 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:38:50.0141 0x3ee8 jhi_service - ok
11:38:50.0147 0x3ee8 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\windows\System32\drivers\kbdclass.sys
11:38:50.0149 0x3ee8 kbdclass - ok
11:38:50.0153 0x3ee8 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\windows\System32\drivers\kbdhid.sys
11:38:50.0155 0x3ee8 kbdhid - ok
11:38:50.0159 0x3ee8 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\windows\system32\DRIVERS\kdnic.sys
11:38:50.0161 0x3ee8 kdnic - ok
11:38:50.0166 0x3ee8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\windows\system32\lsass.exe
11:38:50.0168 0x3ee8 KeyIso - ok
11:38:50.0173 0x3ee8 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
11:38:50.0176 0x3ee8 KSecDD - ok
11:38:50.0183 0x3ee8 [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
11:38:50.0187 0x3ee8 KSecPkg - ok
11:38:50.0191 0x3ee8 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
11:38:50.0192 0x3ee8 ksthunk - ok
11:38:50.0203 0x3ee8 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\windows\system32\msdtckrm.dll
11:38:50.0212 0x3ee8 KtmRm - ok
11:38:50.0223 0x3ee8 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\windows\system32\srvsvc.dll
11:38:50.0231 0x3ee8 LanmanServer - ok
11:38:50.0239 0x3ee8 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
11:38:50.0249 0x3ee8 LanmanWorkstation - ok
11:38:50.0266 0x3ee8 [ 1C079F496D757794605D393335B38C9C, 483221CE92D53DFEAD90B6E1CB67B86873AF94E6BAA83120AA4751F0B021C2A9 ] Lenovo System Agent Service C:\Program Files\Lenovo\iMController\SystemAgentService.exe
11:38:50.0274 0x3ee8 Lenovo System Agent Service - ok
11:38:50.0287 0x3ee8 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\windows\System32\GeofenceMonitorService.dll
11:38:50.0299 0x3ee8 lfsvc - ok
11:38:50.0304 0x3ee8 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
11:38:50.0306 0x3ee8 lltdio - ok
11:38:50.0315 0x3ee8 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\windows\System32\lltdsvc.dll
11:38:50.0322 0x3ee8 lltdsvc - ok
11:38:50.0327 0x3ee8 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\windows\System32\lmhsvc.dll
11:38:50.0330 0x3ee8 lmhosts - ok
11:38:50.0340 0x3ee8 [ B16F2A40E738277AB75515D4B024305E, 38F48CCD72FA2B32DFD3123C0864AB724AC673414EEE09C6F582754177CD4B98 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:38:50.0346 0x3ee8 LMS - ok
11:38:50.0353 0x3ee8 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
11:38:50.0356 0x3ee8 LSI_SAS - ok
11:38:50.0362 0x3ee8 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
11:38:50.0365 0x3ee8 LSI_SAS2 - ok
11:38:50.0370 0x3ee8 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\windows\system32\drivers\lsi_sas3.sys
11:38:50.0372 0x3ee8 LSI_SAS3 - ok
11:38:50.0379 0x3ee8 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys
11:38:50.0382 0x3ee8 LSI_SSS - ok
11:38:50.0400 0x3ee8 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\windows\System32\lsm.dll
11:38:50.0416 0x3ee8 LSM - ok
11:38:50.0420 0x3ee8 [ B9D6F27D06565CEFF51FD012B74822CB, D6526314DC2F58745969B7132722C60DB33442CB55ADAB28E7EF64EB088E32DF ] LsvUIService C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
11:38:50.0422 0x3ee8 LsvUIService - ok
11:38:50.0429 0x3ee8 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\windows\system32\drivers\luafv.sys
11:38:50.0432 0x3ee8 luafv - ok
11:38:50.0643 0x3ee8 [ 7259AEB0F9CD27265032D79DE3003403, 84DB4F33722729BE43D4B596B2F6E0E7AA9577351176585CF7FA0FE61426A790 ] m2UpdateService_{F8F85656-87B0-43BD-B2BA-3B7982C22B5E} C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe
11:38:50.0840 0x3ee8 m2UpdateService_{F8F85656-87B0-43BD-B2BA-3B7982C22B5E} - ok
11:38:50.0857 0x3ee8 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\windows\system32\drivers\mbam.sys
11:38:50.0859 0x3ee8 MBAMProtector - ok
11:38:50.0898 0x3ee8 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
11:38:50.0925 0x3ee8 MBAMScheduler - ok
11:38:50.0952 0x3ee8 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
11:38:50.0970 0x3ee8 MBAMService - ok
11:38:50.0977 0x3ee8 [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy C:\windows\system32\drivers\MBAMSwissArmy.sys
11:38:50.0981 0x3ee8 MBAMSwissArmy - ok
11:38:50.0985 0x3ee8 [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
11:38:50.0987 0x3ee8 MBAMWebAccessControl - ok
11:38:50.0990 0x3ee8 McAWFwk - ok
11:38:50.0993 0x3ee8 McOobeSv2 - ok
11:38:50.0999 0x3ee8 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\windows\system32\drivers\megasas.sys
11:38:51.0001 0x3ee8 megasas - ok
11:38:51.0016 0x3ee8 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\windows\system32\drivers\megasr.sys
11:38:51.0027 0x3ee8 megasr - ok
11:38:51.0034 0x3ee8 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\windows\system32\DRIVERS\TeeDriverx64.sys
11:38:51.0037 0x3ee8 MEIx64 - ok
11:38:51.0044 0x3ee8 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
11:38:51.0047 0x3ee8 Microsoft Office Groove Audit Service - ok
11:38:51.0052 0x3ee8 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\windows\system32\mmcss.dll
11:38:51.0056 0x3ee8 MMCSS - ok
11:38:51.0060 0x3ee8 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\windows\system32\drivers\modem.sys
11:38:51.0062 0x3ee8 Modem - ok
11:38:51.0068 0x3ee8 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\windows\System32\drivers\monitor.sys
11:38:51.0070 0x3ee8 monitor - ok
11:38:51.0074 0x3ee8 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\windows\System32\drivers\mouclass.sys
11:38:51.0077 0x3ee8 mouclass - ok
11:38:51.0081 0x3ee8 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\windows\System32\drivers\mouhid.sys
11:38:51.0083 0x3ee8 mouhid - ok
11:38:51.0089 0x3ee8 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\windows\system32\drivers\mountmgr.sys
11:38:51.0093 0x3ee8 mountmgr - ok
11:38:51.0101 0x3ee8 [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:38:51.0105 0x3ee8 MozillaMaintenance - ok
11:38:51.0110 0x3ee8 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
11:38:51.0112 0x3ee8 mpsdrv - ok
11:38:51.0133 0x3ee8 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\windows\system32\mpssvc.dll
11:38:51.0151 0x3ee8 MpsSvc - ok
11:38:51.0158 0x3ee8 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
11:38:51.0161 0x3ee8 MRxDAV - ok
11:38:51.0173 0x3ee8 [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
11:38:51.0181 0x3ee8 mrxsmb - ok
11:38:51.0190 0x3ee8 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
11:38:51.0196 0x3ee8 mrxsmb10 - ok
11:38:51.0204 0x3ee8 [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
11:38:51.0210 0x3ee8 mrxsmb20 - ok
11:38:51.0215 0x3ee8 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\windows\system32\DRIVERS\bridge.sys
11:38:51.0219 0x3ee8 MsBridge - ok
11:38:51.0225 0x3ee8 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\windows\System32\msdtc.exe
11:38:51.0231 0x3ee8 MSDTC - ok
11:38:51.0238 0x3ee8 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\windows\system32\drivers\Msfs.sys
11:38:51.0239 0x3ee8 Msfs - ok
11:38:51.0244 0x3ee8 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys
11:38:51.0246 0x3ee8 msgpiowin32 - ok
11:38:51.0250 0x3ee8 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
11:38:51.0251 0x3ee8 mshidkmdf - ok
11:38:51.0257 0x3ee8 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys
11:38:51.0258 0x3ee8 mshidumdf - ok
11:38:51.0262 0x3ee8 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
11:38:51.0264 0x3ee8 msisadrv - ok
11:38:51.0271 0x3ee8 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\windows\system32\iscsiexe.dll
11:38:51.0275 0x3ee8 MSiSCSI - ok
11:38:51.0279 0x3ee8 msiserver - ok
11:38:51.0285 0x3ee8 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
11:38:51.0286 0x3ee8 MSKSSRV - ok
11:38:51.0291 0x3ee8 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys
11:38:51.0293 0x3ee8 MsLldp - ok
11:38:51.0297 0x3ee8 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
11:38:51.0299 0x3ee8 MSPCLOCK - ok
11:38:51.0302 0x3ee8 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
11:38:51.0303 0x3ee8 MSPQM - ok
11:38:51.0314 0x3ee8 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\windows\system32\drivers\MsRPC.sys
11:38:51.0321 0x3ee8 MsRPC - ok
11:38:51.0327 0x3ee8 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\windows\System32\drivers\mssmbios.sys
11:38:51.0328 0x3ee8 mssmbios - ok
11:38:51.0332 0x3ee8 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
11:38:51.0334 0x3ee8 MSTEE - ok
11:38:51.0337 0x3ee8 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\windows\System32\drivers\MTConfig.sys
11:38:51.0338 0x3ee8 MTConfig - ok
11:38:51.0344 0x3ee8 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\windows\system32\Drivers\mup.sys
11:38:51.0346 0x3ee8 Mup - ok
11:38:51.0350 0x3ee8 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\windows\system32\drivers\mvumis.sys
11:38:51.0353 0x3ee8 mvumis - ok
11:38:51.0366 0x3ee8 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\windows\system32\qagentRT.dll
11:38:51.0376 0x3ee8 napagent - ok
11:38:51.0390 0x3ee8 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
11:38:51.0398 0x3ee8 NativeWifiP - ok
11:38:51.0404 0x3ee8 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\windows\System32\ncasvc.dll
11:38:51.0410 0x3ee8 NcaSvc - ok
11:38:51.0417 0x3ee8 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\windows\System32\ncbservice.dll
11:38:51.0424 0x3ee8 NcbService - ok
11:38:51.0429 0x3ee8 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll
11:38:51.0433 0x3ee8 NcdAutoSetup - ok
11:38:51.0455 0x3ee8 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\windows\system32\drivers\ndis.sys
11:38:51.0474 0x3ee8 NDIS - ok
11:38:51.0481 0x3ee8 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
11:38:51.0483 0x3ee8 NdisCap - ok
11:38:51.0488 0x3ee8 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys
11:38:51.0491 0x3ee8 NdisImPlatform - ok
11:38:51.0495 0x3ee8 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
11:38:51.0497 0x3ee8 NdisTapi - ok
11:38:51.0502 0x3ee8 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
11:38:51.0504 0x3ee8 Ndisuio - ok
11:38:51.0508 0x3ee8 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\windows\System32\drivers\NdisVirtualBus.sys
11:38:51.0510 0x3ee8 NdisVirtualBus - ok
11:38:51.0517 0x3ee8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
11:38:51.0522 0x3ee8 NdisWan - ok
11:38:51.0528 0x3ee8 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\windows\system32\DRIVERS\ndiswan.sys
11:38:51.0532 0x3ee8 NdisWanLegacy - ok
11:38:51.0539 0x3ee8 [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy C:\windows\system32\drivers\NDProxy.sys
11:38:51.0541 0x3ee8 NDProxy - ok
11:38:51.0549 0x3ee8 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\windows\system32\drivers\Ndu.sys
11:38:51.0551 0x3ee8 Ndu - ok
11:38:51.0556 0x3ee8 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\windows\system32\DRIVERS\netaapl64.sys
11:38:51.0558 0x3ee8 Netaapl - ok
11:38:51.0563 0x3ee8 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
11:38:51.0565 0x3ee8 NetBIOS - ok
11:38:51.0573 0x3ee8 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
11:38:51.0580 0x3ee8 NetBT - ok
11:38:51.0590 0x3ee8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\windows\system32\lsass.exe
11:38:51.0593 0x3ee8 Netlogon - ok
11:38:51.0603 0x3ee8 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\windows\System32\netman.dll
11:38:51.0610 0x3ee8 Netman - ok
11:38:51.0625 0x3ee8 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\windows\System32\netprofmsvc.dll
11:38:51.0637 0x3ee8 netprofm - ok
11:38:51.0648 0x3ee8 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:38:51.0652 0x3ee8 NetTcpPortSharing - ok
11:38:51.0657 0x3ee8 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\windows\System32\drivers\netvsc63.sys
11:38:51.0660 0x3ee8 netvsc - ok
11:38:51.0727 0x3ee8 [ 31D3E4959C410A7DEC2109CA8BF369AD, C62EFB02E950BCAC104051603DEDD9A497ED4FA81D3236008C15AFACE6CBE092 ] NETwNb64 C:\windows\system32\DRIVERS\NETwbw02.sys
11:38:51.0786 0x3ee8 NETwNb64 - ok
11:38:51.0873 0x3ee8 [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64 C:\windows\system32\DRIVERS\NETwew02.sys
11:38:51.0949 0x3ee8 NETwNe64 - ok
11:38:51.0959 0x3ee8 [ 2263727032E9B19231A706046B8C82D3, AAAE23FF8164BC03F9C331C324F4C4AC7298535CC0BBBB14E9319D009D92D9E1 ] NetworkX C:\windows\system32\ckldrv.sys
11:38:51.0961 0x3ee8 NetworkX - ok
11:38:51.0971 0x3ee8 [ 2FF6B48563AAFC12BB8CE2B4E4D7C65F, AAA77EBD643D4EE7EF40E9388CC6F8EA9AC19E491DDE64A8D8B0CAD666B21C94 ] NitroReaderDriverReadSpool3 C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
11:38:51.0974 0x3ee8 NitroReaderDriverReadSpool3 - ok
11:38:51.0985 0x3ee8 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\windows\System32\nlasvc.dll
11:38:51.0995 0x3ee8 NlaSvc - ok
11:38:52.0001 0x3ee8 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\windows\system32\drivers\npf.sys
11:38:52.0003 0x3ee8 npf - ok
11:38:52.0007 0x3ee8 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\windows\system32\drivers\Npfs.sys
11:38:52.0010 0x3ee8 Npfs - ok
11:38:52.0014 0x3ee8 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys
11:38:52.0016 0x3ee8 npsvctrig - ok
11:38:52.0020 0x3ee8 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\windows\system32\nsisvc.dll
11:38:52.0023 0x3ee8 nsi - ok
11:38:52.0029 0x3ee8 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
11:38:52.0030 0x3ee8 nsiproxy - ok
11:38:52.0073 0x3ee8 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\windows\system32\drivers\Ntfs.sys
11:38:52.0106 0x3ee8 Ntfs - ok
11:38:52.0111 0x3ee8 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\windows\system32\drivers\Null.sys
11:38:52.0112 0x3ee8 Null - ok
11:38:52.0120 0x3ee8 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\windows\system32\drivers\nvraid.sys
11:38:52.0124 0x3ee8 nvraid - ok
11:38:52.0132 0x3ee8 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\windows\system32\drivers\nvstor.sys
11:38:52.0137 0x3ee8 nvstor - ok
11:38:52.0142 0x3ee8 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
11:38:52.0147 0x3ee8 nv_agp - ok
11:38:52.0161 0x3ee8 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:38:52.0168 0x3ee8 odserv - ok
11:38:52.0173 0x3ee8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:38:52.0178 0x3ee8 ose - ok
11:38:52.0191 0x3ee8 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
11:38:52.0200 0x3ee8 p2pimsvc - ok
11:38:52.0212 0x3ee8 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\windows\system32\p2psvc.dll
11:38:52.0222 0x3ee8 p2psvc - ok
11:38:52.0231 0x3ee8 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\windows\System32\drivers\parport.sys
11:38:52.0234 0x3ee8 Parport - ok
11:38:52.0239 0x3ee8 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\windows\system32\drivers\partmgr.sys
11:38:52.0242 0x3ee8 partmgr - ok
11:38:52.0246 0x3ee8 PCASp60 - ok
11:38:52.0258 0x3ee8 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\windows\System32\pcasvc.dll
11:38:52.0269 0x3ee8 PcaSvc - ok
11:38:52.0282 0x3ee8 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\windows\system32\drivers\pci.sys
11:38:52.0289 0x3ee8 pci - ok
11:38:52.0294 0x3ee8 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\windows\system32\drivers\pciide.sys
11:38:52.0295 0x3ee8 pciide - ok
11:38:52.0301 0x3ee8 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\windows\system32\drivers\pcmcia.sys
11:38:52.0305 0x3ee8 pcmcia - ok
11:38:52.0309 0x3ee8 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\windows\system32\drivers\pcw.sys
11:38:52.0311 0x3ee8 pcw - ok
11:38:52.0317 0x3ee8 [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\windows\system32\drivers\pdc.sys
11:38:52.0319 0x3ee8 pdc - ok
11:38:52.0336 0x3ee8 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\windows\system32\drivers\peauth.sys
11:38:52.0348 0x3ee8 PEAUTH - ok
11:38:52.0373 0x3ee8 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\windows\SysWow64\perfhost.exe
11:38:52.0378 0x3ee8 PerfHost - ok
11:38:52.0390 0x3ee8 [ A91278E963B3EAC251665B413BBCB33E, B2FF83E045B4883BBB6C6CAEC1038402D6A3766DF7CA2CD23A3DFD54B42559F0 ] PGService C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
11:38:52.0394 0x3ee8 PGService - ok
11:38:52.0403 0x3ee8 [ 3A6D56E0E072AB0F022FE03ED8C2693A, 8AA5823F68FEDEDB5E8916BD35832BC438A781142CF1672983D593B903083A68 ] PhoneCompanionPusher C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
11:38:52.0408 0x3ee8 PhoneCompanionPusher - ok
11:38:52.0416 0x3ee8 [ 0B2E100645AFAB3204313148DFE42322, C28FA6EF4FD8001E8F3367A7CB32E44F5D6A3E1EFBEC3C947A2FD3C3B0AF3568 ] PhoneCompanionVap C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe
11:38:52.0423 0x3ee8 PhoneCompanionVap - ok
11:38:52.0456 0x3ee8 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\windows\system32\pla.dll
11:38:52.0485 0x3ee8 pla - ok
11:38:52.0494 0x3ee8 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\windows\system32\umpnpmgr.dll
11:38:52.0498 0x3ee8 PlugPlay - ok
11:38:52.0502 0x3ee8 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
11:38:52.0505 0x3ee8 PNRPAutoReg - ok
11:38:52.0516 0x3ee8 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
11:38:52.0524 0x3ee8 PNRPsvc - ok
11:38:52.0536 0x3ee8 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\windows\System32\ipsecsvc.dll
11:38:52.0545 0x3ee8 PolicyAgent - ok
11:38:52.0556 0x3ee8 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\windows\system32\umpo.dll
11:38:52.0560 0x3ee8 Power - ok
11:38:52.0624 0x3ee8 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll
11:38:52.0694 0x3ee8 PrintNotify - ok
11:38:52.0713 0x3ee8 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\windows\System32\drivers\processr.sys
11:38:52.0716 0x3ee8 Processor - ok
11:38:52.0723 0x3ee8 [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc C:\windows\system32\profsvc.dll
11:38:52.0730 0x3ee8 ProfSvc - ok
11:38:52.0738 0x3ee8 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\windows\system32\DRIVERS\pacer.sys
11:38:52.0742 0x3ee8 Psched - ok
11:38:52.0747 0x3ee8 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\windows\system32\DRIVERS\psi_mf_amd64.sys
11:38:52.0749 0x3ee8 PSI - ok
11:38:52.0759 0x3ee8 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\windows\system32\qwave.dll
11:38:52.0767 0x3ee8 QWAVE - ok
11:38:52.0771 0x3ee8 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
11:38:52.0774 0x3ee8 QWAVEdrv - ok
11:38:52.0786 0x3ee8 [ 5545FB5B49268C903F311849DB1942ED, 3C7FDD6A9A8A600F07A475595E48F947C36D9A6DAB6D3D84C44686B5A56FB40F ] qzozigbn C:\windows\system32\drivers\qzozigbn.sys
11:38:52.0796 0x3ee8 qzozigbn - ok
11:38:52.0880 0x3ee8 [ 9B35220786B06B61D19C54406904E6ED, 166FDD8CC15D3D1B13E2CECC814ED876EA66D65E9308043ED0024660C4F90E8D ] Radio.fx C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
11:38:52.0955 0x3ee8 Radio.fx - ok
11:38:52.0969 0x3ee8 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
11:38:52.0970 0x3ee8 RasAcd - ok
11:38:52.0975 0x3ee8 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\windows\System32\rasauto.dll
11:38:52.0981 0x3ee8 RasAuto - ok
11:38:52.0997 0x3ee8 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\windows\System32\rasmans.dll
11:38:53.0009 0x3ee8 RasMan - ok
11:38:53.0016 0x3ee8 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
11:38:53.0019 0x3ee8 RasPppoe - ok
11:38:53.0029 0x3ee8 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
11:38:53.0037 0x3ee8 rdbss - ok
11:38:53.0045 0x3ee8 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\windows\System32\drivers\rdpbus.sys
11:38:53.0047 0x3ee8 rdpbus - ok
11:38:53.0056 0x3ee8 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\windows\system32\drivers\rdpdr.sys
11:38:53.0062 0x3ee8 RDPDR - ok
11:38:53.0072 0x3ee8 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
11:38:53.0073 0x3ee8 RdpVideoMiniport - ok
11:38:53.0082 0x3ee8 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
11:38:53.0088 0x3ee8 rdyboost - ok
11:38:53.0108 0x3ee8 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\windows\system32\drivers\ReFS.sys
11:38:53.0124 0x3ee8 ReFS - ok
11:38:53.0136 0x3ee8 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\windows\System32\mprdim.dll
11:38:53.0143 0x3ee8 RemoteAccess - ok
11:38:53.0153 0x3ee8 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\windows\system32\regsvc.dll
11:38:53.0159 0x3ee8 RemoteRegistry - ok
11:38:53.0168 0x3ee8 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\windows\System32\drivers\rfcomm.sys
11:38:53.0174 0x3ee8 RFCOMM - ok
11:38:53.0184 0x3ee8 [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
11:38:53.0190 0x3ee8 RichVideo64 - ok
11:38:53.0197 0x3ee8 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
11:38:53.0201 0x3ee8 RpcEptMapper - ok
11:38:53.0206 0x3ee8 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\windows\system32\locator.exe
11:38:53.0209 0x3ee8 RpcLocator - ok
11:38:53.0229 0x3ee8 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\windows\system32\rpcss.dll
11:38:53.0244 0x3ee8 RpcSs - ok
11:38:53.0250 0x3ee8 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
11:38:53.0253 0x3ee8 rspndr - ok
11:38:53.0262 0x3ee8 [ 9CF8593B62102545CB1652A1D8748FDD, 818639795720A7567CCE01EBC24A0119BFDCEA1B7A5ED4A11B5012D763C1B5CC ] RSUSBSTOR C:\windows\System32\Drivers\RtsUStor.sys
11:38:53.0268 0x3ee8 RSUSBSTOR - ok
11:38:53.0277 0x3ee8 [ 6CBF283C7EBD07B7BB01D3E33B11BB28, 90B7AF25EFDBC71FDDD48D668BF410DB828ABD512FC02146E76962A8FF053DE9 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
11:38:53.0282 0x3ee8 RtkAudioService - ok
11:38:53.0285 0x3ee8 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\windows\System32\drivers\vms3cap.sys
11:38:53.0287 0x3ee8 s3cap - ok
11:38:53.0291 0x3ee8 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\windows\system32\lsass.exe
11:38:53.0294 0x3ee8 SamSs - ok
11:38:53.0312 0x3ee8 [ 0BA134F4C582D5C7FEE19599813FE7B6, 72B7FD0393C925155D5C062C2AC5971C6A69DA604388C7748EA07545740FC84C ] Samsung Link Service C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
11:38:53.0322 0x3ee8 Samsung Link Service - ok
11:38:53.0330 0x3ee8 [ 4752E1DBF5671A941CFA6DFC4C840EB7, FEA249AA3F153398161DA8A43165E5B76C291B690C3DDF5D496099771842E273 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
11:38:53.0335 0x3ee8 SbieDrv - ok
11:38:53.0341 0x3ee8 [ 208D06C26717783E07104F30B9D3F301, 0F020277740B5AC03DC46592896B7B83AE658DAEDD796EDD1109AE4B7C14DF22 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
11:38:53.0345 0x3ee8 SbieSvc - ok
11:38:53.0353 0x3ee8 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
11:38:53.0357 0x3ee8 sbp2port - ok
11:38:53.0366 0x3ee8 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\windows\System32\SCardSvr.dll
11:38:53.0372 0x3ee8 SCardSvr - ok
11:38:53.0379 0x3ee8 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\windows\System32\ScDeviceEnum.dll
11:38:53.0385 0x3ee8 ScDeviceEnum - ok
11:38:53.0389 0x3ee8 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
11:38:53.0392 0x3ee8 scfilter - ok
11:38:53.0419 0x3ee8 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\windows\system32\schedsvc.dll
11:38:53.0443 0x3ee8 Schedule - ok
11:38:53.0453 0x3ee8 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\windows\System32\certprop.dll
11:38:53.0456 0x3ee8 SCPolicySvc - ok
11:38:53.0467 0x3ee8 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\windows\System32\drivers\sdbus.sys
11:38:53.0474 0x3ee8 sdbus - ok
11:38:53.0482 0x3ee8 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\windows\System32\drivers\sdstor.sys
11:38:53.0485 0x3ee8 sdstor - ok
11:38:53.0489 0x3ee8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
11:38:53.0490 0x3ee8 secdrv - ok
11:38:53.0496 0x3ee8 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\windows\system32\seclogon.dll
11:38:53.0500 0x3ee8 seclogon - ok
11:38:53.0527 0x3ee8 [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
11:38:53.0546 0x3ee8 Secunia PSI Agent - ok
11:38:53.0565 0x3ee8 [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
11:38:53.0574 0x3ee8 Secunia Update Agent - ok
11:38:53.0581 0x3ee8 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\windows\System32\sens.dll
11:38:53.0585 0x3ee8 SENS - ok
11:38:53.0593 0x3ee8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsHIDClassDriver C:\windows\System32\drivers\WUDFRd.sys
11:38:53.0599 0x3ee8 SensorsHIDClassDriver - ok
11:38:53.0605 0x3ee8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsServiceDriver C:\windows\System32\drivers\WUDFRd.sys
11:38:53.0609 0x3ee8 SensorsServiceDriver - ok
11:38:53.0619 0x3ee8 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\windows\system32\sensrsvc.dll
11:38:53.0627 0x3ee8 SensrSvc - ok
11:38:53.0632 0x3ee8 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\windows\system32\drivers\SerCx.sys
11:38:53.0635 0x3ee8 SerCx - ok
11:38:53.0642 0x3ee8 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\windows\system32\drivers\SerCx2.sys
11:38:53.0646 0x3ee8 SerCx2 - ok
11:38:53.0651 0x3ee8 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\windows\System32\drivers\serenum.sys
11:38:53.0653 0x3ee8 Serenum - ok
11:38:53.0662 0x3ee8 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\windows\System32\drivers\serial.sys
11:38:53.0665 0x3ee8 Serial - ok
11:38:53.0669 0x3ee8 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\windows\System32\drivers\sermouse.sys
11:38:53.0671 0x3ee8 sermouse - ok
11:38:53.0686 0x3ee8 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\windows\system32\sessenv.dll
11:38:53.0696 0x3ee8 SessionEnv - ok
11:38:53.0700 0x3ee8 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\windows\System32\drivers\sfloppy.sys
11:38:53.0701 0x3ee8 sfloppy - ok
11:38:53.0716 0x3ee8 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\windows\System32\ipnathlp.dll
11:38:53.0726 0x3ee8 SharedAccess - ok
11:38:53.0746 0x3ee8 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:38:53.0761 0x3ee8 ShellHWDetection - ok
11:38:53.0777 0x3ee8 [ 5545FB5B49268C903F311849DB1942ED, 3C7FDD6A9A8A600F07A475595E48F947C36D9A6DAB6D3D84C44686B5A56FB40F ] sidtohjv C:\windows\system32\drivers\sidtohjv.sys
11:38:53.0786 0x3ee8 sidtohjv - ok
11:38:53.0791 0x3ee8 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
11:38:53.0793 0x3ee8 SiSRaid2 - ok
11:38:53.0802 0x3ee8 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
11:38:53.0804 0x3ee8 SiSRaid4 - ok
11:38:53.0815 0x3ee8 [ E6035ADBA3F13ACF1BEDA7B5D50FDBBB, A840D072395F2394E3B55A080F8F17CC3A02E8BCAFE8B8EC0374ECA1EFF05C23 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:38:53.0822 0x3ee8 SkypeUpdate - ok
11:38:53.0826 0x3ee8 [ 7F7580EB77F2F95ED67C8046C69D1242, 81CF1A440EA40FCE6B28E275BEFB5C743F3473DCF05ACBE517ECD7E904DD0A1C ] SmbDrvI C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
11:38:53.0828 0x3ee8 SmbDrvI - ok
11:38:53.0834 0x3ee8 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\windows\System32\smphost.dll
11:38:53.0838 0x3ee8 smphost - ok
11:38:53.0846 0x3ee8 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\windows\System32\snmptrap.exe
11:38:53.0850 0x3ee8 SNMPTRAP - ok
11:38:53.0866 0x3ee8 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\windows\system32\drivers\spaceport.sys
11:38:53.0878 0x3ee8 spaceport - ok
11:38:53.0885 0x3ee8 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\windows\system32\drivers\SpbCx.sys
11:38:53.0887 0x3ee8 SpbCx - ok
11:38:53.0906 0x3ee8 [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\windows\System32\spoolsv.exe
11:38:53.0922 0x3ee8 Spooler - ok
11:38:54.0039 0x3ee8 [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc C:\windows\system32\sppsvc.exe
11:38:54.0150 0x3ee8 sppsvc - ok
11:38:54.0177 0x3ee8 [ CD599928B2CD35C5991C2E128448FDBA, 58D1CDBBF2242DD920273C1B908A4A7BA7E2848AC3BE88A18193F8D6FE3806E1 ] SPUVCbv C:\windows\System32\Drivers\SPUVCbv_x64.sys
11:38:54.0192 0x3ee8 SPUVCbv - ok
11:38:54.0204 0x3ee8 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\windows\system32\DRIVERS\srv.sys
11:38:54.0213 0x3ee8 srv - ok
11:38:54.0233 0x3ee8 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\windows\system32\DRIVERS\srv2.sys
11:38:54.0247 0x3ee8 srv2 - ok
11:38:54.0256 0x3ee8 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
11:38:54.0262 0x3ee8 srvnet - ok
11:38:54.0274 0x3ee8 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
11:38:54.0282 0x3ee8 SSDPSRV - ok
11:38:54.0289 0x3ee8 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\windows\system32\sstpsvc.dll
11:38:54.0295 0x3ee8 SstpSvc - ok
11:38:54.0300 0x3ee8 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\windows\system32\drivers\stexstor.sys
11:38:54.0302 0x3ee8 stexstor - ok
11:38:54.0306 0x3ee8 [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam C:\windows\System32\drivers\serscan.sys
11:38:54.0308 0x3ee8 StillCam - ok
11:38:54.0326 0x3ee8 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\windows\System32\wiaservc.dll
11:38:54.0342 0x3ee8 stisvc - ok
11:38:54.0354 0x3ee8 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\windows\system32\drivers\storahci.sys
11:38:54.0357 0x3ee8 storahci - ok
11:38:54.0362 0x3ee8 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\windows\system32\drivers\vmstorfl.sys
11:38:54.0365 0x3ee8 storflt - ok
11:38:54.0369 0x3ee8 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\windows\system32\drivers\stornvme.sys
11:38:54.0372 0x3ee8 stornvme - ok
11:38:54.0378 0x3ee8 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\windows\system32\storsvc.dll
11:38:54.0382 0x3ee8 StorSvc - ok
11:38:54.0387 0x3ee8 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\windows\system32\drivers\storvsc.sys
11:38:54.0389 0x3ee8 storvsc - ok
11:38:54.0395 0x3ee8 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\windows\system32\svsvc.dll
11:38:54.0399 0x3ee8 svsvc - ok
11:38:54.0404 0x3ee8 [ 9CFEFD62D86DABFAC12D1C5ED72BA6A4, 1FFE4371450F53FD774CA0349CC28F559695761C18759CEB04933FDF2FD98F65 ] SWDUMon C:\windows\system32\DRIVERS\SWDUMon.sys
11:38:54.0405 0x3ee8 SWDUMon - ok
11:38:54.0412 0x3ee8 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\windows\System32\drivers\swenum.sys
11:38:54.0414 0x3ee8 swenum - ok
11:38:54.0433 0x3ee8 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\windows\System32\swprv.dll
11:38:54.0450 0x3ee8 swprv - ok
11:38:54.0464 0x3ee8 [ F3FD427B1C036E060047B920887ACAE8, C5965F957D4D09FA5D579512251F14E7329B84C08B1A234636E750ED520AFF9E ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
11:38:54.0474 0x3ee8 SynTP - ok
11:38:54.0501 0x3ee8 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\windows\system32\sysmain.dll
11:38:54.0524 0x3ee8 SysMain - ok
11:38:54.0534 0x3ee8 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
11:38:54.0542 0x3ee8 SystemEventsBroker - ok
11:38:54.0553 0x3ee8 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\windows\System32\TabSvc.dll
11:38:54.0559 0x3ee8 TabletInputService - ok
11:38:54.0571 0x3ee8 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\windows\System32\tapisrv.dll
11:38:54.0580 0x3ee8 TapiSrv - ok
11:38:54.0627 0x3ee8 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\windows\system32\drivers\tcpip.sys
11:38:54.0670 0x3ee8 Tcpip - ok
11:38:54.0721 0x3ee8 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
11:38:54.0763 0x3ee8 TCPIP6 - ok
11:38:54.0774 0x3ee8 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
11:38:54.0777 0x3ee8 tcpipreg - ok
11:38:54.0787 0x3ee8 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\windows\system32\DRIVERS\tdx.sys
11:38:54.0790 0x3ee8 tdx - ok
11:38:54.0795 0x3ee8 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\windows\System32\drivers\terminpt.sys
11:38:54.0798 0x3ee8 terminpt - ok
11:38:54.0822 0x3ee8 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\windows\System32\termsrv.dll
11:38:54.0840 0x3ee8 TermService - ok
11:38:54.0847 0x3ee8 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\windows\system32\themeservice.dll
11:38:54.0852 0x3ee8 Themes - ok
11:38:54.0857 0x3ee8 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\windows\system32\mmcss.dll
11:38:54.0861 0x3ee8 THREADORDER - ok
11:38:54.0871 0x3ee8 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\windows\System32\TimeBrokerServer.dll
11:38:54.0878 0x3ee8 TimeBroker - ok
11:38:54.0888 0x3ee8 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\windows\system32\drivers\tpm.sys
11:38:54.0894 0x3ee8 TPM - ok
11:38:54.0901 0x3ee8 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\windows\System32\trkwks.dll
11:38:54.0906 0x3ee8 TrkWks - ok
11:38:54.0914 0x3ee8 [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\windows\system32\drivers\truecrypt.sys
11:38:54.0919 0x3ee8 truecrypt - ok
11:38:54.0932 0x3ee8 [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] trufos C:\windows\system32\DRIVERS\trufos.sys
11:38:54.0941 0x3ee8 trufos - ok
11:38:54.0948 0x3ee8 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:38:54.0952 0x3ee8 TrustedInstaller - ok
11:38:54.0958 0x3ee8 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
11:38:54.0961 0x3ee8 TsUsbFlt - ok
11:38:54.0968 0x3ee8 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys
11:38:54.0970 0x3ee8 TsUsbGD - ok
11:38:54.0977 0x3ee8 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
11:38:54.0981 0x3ee8 tunnel - ok
11:38:54.0986 0x3ee8 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\windows\system32\drivers\uagp35.sys
11:38:54.0988 0x3ee8 uagp35 - ok
11:38:54.0993 0x3ee8 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\windows\System32\drivers\uaspstor.sys
11:38:54.0996 0x3ee8 UASPStor - ok
11:38:55.0004 0x3ee8 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\windows\System32\drivers\ucx01000.sys
11:38:55.0011 0x3ee8 UCX01000 - ok
11:38:55.0023 0x3ee8 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\windows\system32\DRIVERS\udfs.sys
11:38:55.0030 0x3ee8 udfs - ok
11:38:55.0037 0x3ee8 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\windows\System32\drivers\UEFI.sys
11:38:55.0038 0x3ee8 UEFI - ok
11:38:55.0048 0x3ee8 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\windows\system32\UI0Detect.exe
11:38:55.0051 0x3ee8 UI0Detect - ok
11:38:55.0056 0x3ee8 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
11:38:55.0059 0x3ee8 uliagpkx - ok
11:38:55.0067 0x3ee8 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\windows\System32\drivers\umbus.sys
11:38:55.0069 0x3ee8 umbus - ok
11:38:55.0073 0x3ee8 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\windows\System32\drivers\umpass.sys
11:38:55.0075 0x3ee8 UmPass - ok
11:38:55.0085 0x3ee8 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\windows\System32\umrdp.dll
11:38:55.0094 0x3ee8 UmRdpService - ok
11:38:55.0106 0x3ee8 [ 358696C459C8FFC30770448977014F5A, A2D612E826AB65B7EDB3629C55875F67814E86ABD3B27C7BE1760D2103DF18FA ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
|
|
16.08.2015, 10:52
| #8 |
| | Behinderung durch Trojaner?Code:
ATTFilter 11:38:55.0555 0x3ee8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\windows\System32\ICSvc.dll
11:38:55.0567 0x3ee8 vmicguestinterface - ok
11:38:55.0582 0x3ee8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\windows\System32\ICSvc.dll
11:38:55.0591 0x3ee8 vmicheartbeat - ok
11:38:55.0603 0x3ee8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\windows\System32\ICSvc.dll
11:38:55.0612 0x3ee8 vmickvpexchange - ok
11:38:55.0627 0x3ee8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\windows\System32\ICSvc.dll
11:38:55.0637 0x3ee8 vmicrdv - ok
11:38:55.0650 0x3ee8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\windows\System32\ICSvc.dll
11:38:55.0659 0x3ee8 vmicshutdown - ok
11:38:55.0672 0x3ee8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\windows\System32\ICSvc.dll
11:38:55.0681 0x3ee8 vmictimesync - ok
11:38:55.0694 0x3ee8 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\windows\System32\ICSvc.dll
11:38:55.0703 0x3ee8 vmicvss - ok
11:38:55.0707 0x3ee8 VMnetAdapter - ok
11:38:55.0713 0x3ee8 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\windows\system32\drivers\volmgr.sys
11:38:55.0716 0x3ee8 volmgr - ok
11:38:55.0727 0x3ee8 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
11:38:55.0734 0x3ee8 volmgrx - ok
11:38:55.0747 0x3ee8 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\windows\system32\drivers\volsnap.sys
11:38:55.0756 0x3ee8 volsnap - ok
11:38:55.0761 0x3ee8 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\windows\System32\drivers\vpci.sys
11:38:55.0764 0x3ee8 vpci - ok
11:38:55.0774 0x3ee8 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\windows\system32\drivers\vsmraid.sys
11:38:55.0779 0x3ee8 vsmraid - ok
11:38:55.0814 0x3ee8 [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS C:\windows\system32\vssvc.exe
11:38:55.0840 0x3ee8 VSS - ok
11:38:55.0875 0x3ee8 [ EA0C3B02445CD6B4394C347C8D989491, 1948C54AEE5D4C0D8E54B790A47CA4194669DBF4DEDCE87F0CA5E7933E5CB6D2 ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
11:38:55.0897 0x3ee8 VSSERV - ok
11:38:55.0908 0x3ee8 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys
11:38:55.0915 0x3ee8 VSTXRAID - ok
11:38:55.0920 0x3ee8 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
11:38:55.0922 0x3ee8 vwifibus - ok
11:38:55.0929 0x3ee8 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
11:38:55.0931 0x3ee8 vwififlt - ok
11:38:55.0937 0x3ee8 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
11:38:55.0939 0x3ee8 vwifimp - ok
11:38:55.0950 0x3ee8 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\windows\system32\w32time.dll
11:38:55.0961 0x3ee8 W32Time - ok
11:38:55.0968 0x3ee8 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\windows\System32\drivers\wacompen.sys
11:38:55.0970 0x3ee8 WacomPen - ok
11:38:56.0003 0x3ee8 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\windows\system32\wbengine.exe
11:38:56.0031 0x3ee8 wbengine - ok
11:38:56.0045 0x3ee8 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
11:38:56.0056 0x3ee8 WbioSrvc - ok
11:38:56.0067 0x3ee8 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\windows\System32\wcmsvc.dll
11:38:56.0077 0x3ee8 Wcmsvc - ok
11:38:56.0091 0x3ee8 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\windows\System32\wcncsvc.dll
11:38:56.0102 0x3ee8 wcncsvc - ok
11:38:56.0106 0x3ee8 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:38:56.0110 0x3ee8 WcsPlugInService - ok
11:38:56.0119 0x3ee8 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\windows\system32\drivers\WdBoot.sys
11:38:56.0121 0x3ee8 WdBoot - ok
11:38:56.0140 0x3ee8 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
11:38:56.0156 0x3ee8 Wdf01000 - ok
11:38:56.0166 0x3ee8 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\windows\system32\drivers\WdFilter.sys
11:38:56.0172 0x3ee8 WdFilter - ok
11:38:56.0178 0x3ee8 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\windows\system32\wdi.dll
11:38:56.0183 0x3ee8 WdiServiceHost - ok
11:38:56.0187 0x3ee8 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\windows\system32\wdi.dll
11:38:56.0191 0x3ee8 WdiSystemHost - ok
11:38:56.0197 0x3ee8 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\windows\system32\Drivers\WdNisDrv.sys
11:38:56.0201 0x3ee8 WdNisDrv - ok
11:38:56.0204 0x3ee8 WdNisSvc - ok
11:38:56.0212 0x3ee8 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\windows\System32\webclnt.dll
11:38:56.0219 0x3ee8 WebClient - ok
11:38:56.0231 0x3ee8 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\windows\system32\wecsvc.dll
11:38:56.0237 0x3ee8 Wecsvc - ok
11:38:56.0242 0x3ee8 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\windows\system32\wephostsvc.dll
11:38:56.0246 0x3ee8 WEPHOSTSVC - ok
11:38:56.0252 0x3ee8 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\windows\System32\wercplsupport.dll
11:38:56.0257 0x3ee8 wercplsupport - ok
11:38:56.0265 0x3ee8 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\windows\System32\WerSvc.dll
11:38:56.0271 0x3ee8 WerSvc - ok
11:38:56.0278 0x3ee8 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys
11:38:56.0281 0x3ee8 WFPLWFS - ok
11:38:56.0287 0x3ee8 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\windows\System32\wiarpc.dll
11:38:56.0292 0x3ee8 WiaRpc - ok
11:38:56.0297 0x3ee8 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\windows\system32\drivers\wimmount.sys
11:38:56.0299 0x3ee8 WIMMount - ok
11:38:56.0303 0x3ee8 WinDefend - ok
11:38:56.0326 0x3ee8 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
11:38:56.0343 0x3ee8 WinHttpAutoProxySvc - ok
11:38:56.0358 0x3ee8 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
11:38:56.0363 0x3ee8 Winmgmt - ok
11:38:56.0414 0x3ee8 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\windows\system32\WsmSvc.dll
11:38:56.0462 0x3ee8 WinRM - ok
11:38:56.0475 0x3ee8 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\windows\System32\drivers\WinUsb.sys
11:38:56.0478 0x3ee8 WinUsb - ok
11:38:56.0514 0x3ee8 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\windows\System32\wlansvc.dll
11:38:56.0543 0x3ee8 WlanSvc - ok
11:38:56.0581 0x3ee8 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\windows\system32\wlidsvc.dll
11:38:56.0611 0x3ee8 wlidsvc - ok
11:38:56.0618 0x3ee8 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys
11:38:56.0619 0x3ee8 WmiAcpi - ok
11:38:56.0631 0x3ee8 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
11:38:56.0635 0x3ee8 wmiApSrv - ok
11:38:56.0638 0x3ee8 WMPNetworkSvc - ok
11:38:56.0646 0x3ee8 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\windows\system32\drivers\Wof.sys
11:38:56.0650 0x3ee8 Wof - ok
11:38:56.0686 0x3ee8 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\windows\system32\workfolderssvc.dll
11:38:56.0717 0x3ee8 workfolderssvc - ok
11:38:56.0724 0x3ee8 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys
11:38:56.0727 0x3ee8 wpcfltr - ok
11:38:56.0735 0x3ee8 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\windows\System32\wpcsvc.dll
11:38:56.0739 0x3ee8 WPCSvc - ok
11:38:56.0748 0x3ee8 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
11:38:56.0754 0x3ee8 WPDBusEnum - ok
11:38:56.0760 0x3ee8 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys
11:38:56.0762 0x3ee8 WpdUpFltr - ok
11:38:56.0768 0x3ee8 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
11:38:56.0769 0x3ee8 ws2ifsl - ok
11:38:56.0776 0x3ee8 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\windows\System32\wscsvc.dll
11:38:56.0782 0x3ee8 wscsvc - ok
11:38:56.0786 0x3ee8 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\windows\System32\drivers\WSDPrint.sys
11:38:56.0788 0x3ee8 WSDPrintDevice - ok
11:38:56.0793 0x3ee8 [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan C:\windows\System32\drivers\WSDScan.sys
11:38:56.0794 0x3ee8 WSDScan - ok
11:38:56.0799 0x3ee8 WSearch - ok
11:38:56.0866 0x3ee8 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\windows\System32\WSService.dll
11:38:56.0924 0x3ee8 WSService - ok
11:38:56.0934 0x3ee8 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
11:38:56.0937 0x3ee8 wsvd - ok
11:38:57.0015 0x3ee8 [ BB6F53F80AA1789815963C16E303A973, B140D5A4633C39E84A5C7DB86C7E869FB5D993B924998BF8CC2B8F07E382CCEA ] wuauserv C:\windows\system32\wuaueng.dll
11:38:57.0086 0x3ee8 wuauserv - ok
11:38:57.0095 0x3ee8 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
11:38:57.0098 0x3ee8 WudfPf - ok
11:38:57.0107 0x3ee8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\windows\System32\drivers\WUDFRd.sys
11:38:57.0111 0x3ee8 WUDFRd - ok
11:38:57.0118 0x3ee8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\windows\System32\drivers\WUDFRd.sys
11:38:57.0122 0x3ee8 WUDFSensorLP - ok
11:38:57.0129 0x3ee8 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\windows\System32\WUDFSvc.dll
11:38:57.0134 0x3ee8 wudfsvc - ok
11:38:57.0142 0x3ee8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\windows\System32\drivers\WUDFRd.sys
11:38:57.0147 0x3ee8 WUDFWpdFs - ok
11:38:57.0154 0x3ee8 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\windows\System32\drivers\WUDFRd.sys
11:38:57.0158 0x3ee8 WUDFWpdMtp - ok
11:38:57.0172 0x3ee8 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\windows\System32\wwansvc.dll
11:38:57.0184 0x3ee8 WwanSvc - ok
11:38:57.0196 0x3ee8 [ 17BFB2EE1B300127071ED386E9B8F47D, E485768AD6B356DAF565A958BB8E4DCFD6C2BF69D7938EFE065A99E81993F36F ] ymc C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
11:38:57.0198 0x3ee8 ymc - ok
11:38:57.0203 0x3ee8 [ D4518D2080B3D29FCCDFAEC61529F537, 4941F4835283BD7F7A66F7C19501D7A6BB38C54C90EF59437681D7F02AAA385D ] YogaPicks.AppService C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
11:38:57.0204 0x3ee8 YogaPicks.AppService - ok
11:38:57.0226 0x3ee8 ================ Scan global ===============================
11:38:57.0232 0x3ee8 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\windows\system32\basesrv.dll
11:38:57.0241 0x3ee8 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\windows\system32\winsrv.dll
11:38:57.0250 0x3ee8 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\windows\system32\sxssrv.dll
11:38:57.0263 0x3ee8 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\windows\system32\services.exe
11:38:57.0271 0x3ee8 [ Global ] - ok
11:38:57.0271 0x3ee8 ================ Scan MBR ==================================
11:38:57.0273 0x3ee8 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:38:57.0281 0x3ee8 \Device\Harddisk0\DR0 - ok
11:38:57.0281 0x3ee8 ================ Scan VBR ==================================
11:38:57.0284 0x3ee8 [ 6A3838061438CA364EC40B4B764C0077 ] \Device\Harddisk0\DR0\Partition1
11:38:57.0286 0x3ee8 \Device\Harddisk0\DR0\Partition1 - ok
11:38:57.0288 0x3ee8 [ 63A85DA009B45D4F8DE97BF67DE7B8FB ] \Device\Harddisk0\DR0\Partition2
11:38:57.0289 0x3ee8 \Device\Harddisk0\DR0\Partition2 - ok
11:38:57.0291 0x3ee8 [ 88663AC9F022E578CF14F59ACF86D921 ] \Device\Harddisk0\DR0\Partition3
11:38:57.0291 0x3ee8 \Device\Harddisk0\DR0\Partition3 - ok
11:38:57.0294 0x3ee8 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
11:38:57.0294 0x3ee8 \Device\Harddisk0\DR0\Partition4 - ok
11:38:57.0297 0x3ee8 [ C50D5104A0B672E2B0373ACD5B3FEDA2 ] \Device\Harddisk0\DR0\Partition5
11:38:57.0299 0x3ee8 \Device\Harddisk0\DR0\Partition5 - ok
11:38:57.0302 0x3ee8 [ 3862F91EEE7124B83447C7B4558BB454 ] \Device\Harddisk0\DR0\Partition6
11:38:57.0303 0x3ee8 \Device\Harddisk0\DR0\Partition6 - ok
11:38:57.0305 0x3ee8 [ E992A244394540034241333AF1AD2935 ] \Device\Harddisk0\DR0\Partition7
11:38:57.0307 0x3ee8 \Device\Harddisk0\DR0\Partition7 - ok
11:38:57.0309 0x3ee8 [ E257E21CB7AEB80B12B56DEF417B74C5 ] \Device\Harddisk0\DR0\Partition8
11:38:57.0311 0x3ee8 \Device\Harddisk0\DR0\Partition8 - ok
11:38:57.0312 0x3ee8 ================ Scan generic autorun ======================
11:38:57.0545 0x3ee8 [ 2A7EAF9A5DCC6DF4DFA1162AE69A2AA7, DA2BEC60E08748774B38B727FF83850B64F8C39A17FD7559EE8318683C2E672E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:38:57.0728 0x3ee8 RtHDVCpl - ok
11:38:57.0765 0x3ee8 [ 2BFBD5FB7B6EFFF59AD79BB8A8796926, BBD0BC11B9BAA0691BAAE7C7960F51183A6D5ACD322B7092E436900FA495FBDB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:38:57.0785 0x3ee8 RtHDVBg_Dolby - ok
11:38:57.0789 0x3ee8 [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
11:38:57.0790 0x3ee8 IAStorIcon - ok
11:38:57.0796 0x3ee8 [ 92BED6F62FBAC9E327A3BF599CE9AB32, 6ED9BB1B97AB0BDC64CE07FB8757651A83C918320320B84AB823933B8ACFDEB6 ] C:\windows\system32\DptfPolicyLpmServiceHelper.exe
11:38:57.0799 0x3ee8 DptfPolicyLpmServiceHelper - ok
11:38:57.0801 0x3ee8 BTMTrayAgent - ok
11:38:57.0819 0x3ee8 [ 5689BB0DB40DC712CC87A4F27925F939, 57164AEC7101BBB1E1321B1BD8CF91453F4A9AC549851885087B42E23D777DB2 ] C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
11:38:57.0831 0x3ee8 Yoga PhoneCompanion - ok
11:38:57.0839 0x3ee8 [ 7ECEA25EAF0AE3333FF5B4449FBDB6D4, 2C35D9F85A968F4305B945D66B234955BA7F9D4A8FCBEAF085313E3413CC1C0F ] C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
11:38:57.0846 0x3ee8 AutoStartTransition - ok
11:38:57.0850 0x3ee8 Energy Manager - ok
11:38:57.0855 0x3ee8 [ ACFA436C851BC9204A6E2B8EBC8B888D, F895E7A77C2C04E61FD8D09909E08172FFEBF039D6DCF7C3D84FF1992D5FFFD3 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
11:38:57.0857 0x3ee8 Lenovo Utility - ok
11:38:57.0870 0x3ee8 [ F51C6B5377271E6F317D84FD0230F7CD, 66E8B5B57642C39626EAF4654DEC0D23948CDAD513C60059582A18E17D1ACCBC ] C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
11:38:57.0881 0x3ee8 Samsung Link - ok
11:38:57.0887 0x3ee8 [ 02A27FC0972181EF743160BE9F62F2B4, 0E5B5684E892B1CE83C8A50A23F8478E8D01E2DD283337B5B263FDA4C2654E9F ] C:\Program Files\iTunes\iTunesHelper.exe
11:38:57.0889 0x3ee8 iTunesHelper - ok
11:38:57.0918 0x3ee8 [ 3707200C0C00FB0A36C3DF2A8D605214, 6CC9BBED17BCFEFF3659269110E25309275ECD606F716A3B3A2E5B27F533B214 ] C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
11:38:57.0941 0x3ee8 Bdagent - ok
11:38:57.0946 0x3ee8 [ 58D4F708D35E07139D62F32A31FAE7AE, 45C6E4ED441B655BB0185689CEB57EFCFF0F00970C074534BC05A4B43448F17F ] C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe
11:38:57.0949 0x3ee8 Yoga Picks - ok
11:38:57.0956 0x3ee8 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
11:38:57.0957 0x3ee8 GrooveMonitor - ok
11:38:57.0982 0x3ee8 [ 57C635C41750117D206C90DA9C599777, D5291ED79FC08217758FB526FC8CCC9D374B65B49446104D271C36B0C1298446 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
11:38:58.0004 0x3ee8 BrMfcWnd - ok
11:38:58.0009 0x3ee8 [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
11:38:58.0014 0x3ee8 ControlCenter3 - ok
11:38:58.0057 0x3ee8 [ 85090DBB0B29396708B1F4835714FA1F, F57B0A7F4A9EBAACC1A67323EBB93D96FA910524FAE842953551DBA103EF71C5 ] C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe
11:38:58.0098 0x3ee8 FileZilla Server Interface - ok
11:38:58.0107 0x3ee8 [ 25550E7DB114579EB50BC98A8DFD8B9F, 11F81387B6EE44FBE4DCF251A0D4AFF3E84C550BACCA39B71B41B452D512628B ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
11:38:58.0110 0x3ee8 ControlCenter4 - ok
11:38:58.0191 0x3ee8 [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
11:38:58.0260 0x3ee8 BrStsMon00 - ok
11:38:58.0302 0x3ee8 [ CCD7E282045AB48CEA58AA2E2A715362, 87952B5BD23F451DB5A17B280B4047E41AEF37DEB0B8FECDA48D6F1F9C7DE866 ] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
11:38:58.0335 0x3ee8 BrHelp - ok
11:38:58.0344 0x3ee8 [ 4E574FEBE7CD85BB0A086ABEF602F910, 24A950E3F8DEA6E5D611229EC0B0C9007C416C2C88577E85B69D7F86187E806A ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:38:58.0349 0x3ee8 SunJavaUpdateSched - ok
11:38:58.0587 0x3ee8 [ 4CFC383993D02D4DEB0D84B98B52FBE4, 3909E4D3F1F9A124CC46CCD47D38BDF925813AB8415EAC8C6D7DB050CECB8767 ] C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
11:38:58.0793 0x3ee8 My Swisscom Assistant - ok
11:38:58.0802 0x3ee8 AshSnap - ok
11:38:58.0803 0x3ee8 msnmsgr - ok
11:38:58.0809 0x3ee8 jaepew.exe - ok
11:38:58.0810 0x3ee8 zzihaw.exe - ok
11:38:58.0811 0x3ee8 buwctr.exe - ok
11:38:58.0830 0x3ee8 [ 9DA1393F5C9350A3CFB039B6EB71A28F, 21DBC6ACFFBDEDAEB97690B83068B054DA9C3C117DF47135CFAA06E91916DBA8 ] C:\Program Files\Sandboxie\SbieCtrl.exe
11:38:58.0841 0x3ee8 SandboxieControl - ok
11:38:58.0878 0x3ee8 [ 2261FC3573534BD28EFF1B4C69339D70, 0AB4A132FBA1EC88FDC9145DB34D8A9ED40D4BB579FDE2C21F2846730993295E ] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe
11:38:58.0909 0x3ee8 rfxsrvtray - ok
11:38:58.0912 0x3ee8 Skype - ok
11:38:59.0120 0x3ee8 [ 2F088741EB6F6A35B1C0B662C63A1B0D, 1BB2B5C577479DB7CA6AFF9EC7DF40AC77551CB84727D7EA55B7FBA063432206 ] C:\Users\Marcel\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
11:38:59.0355 0x3ee8 Screenpresso - ok
11:38:59.0380 0x3ee8 [ 48F63FA958EBD9535A4096421BD56A82, F870BBB70F350308CB00555AB8698566B422BD0C1FE10569331F9696F70863FB ] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
11:38:59.0391 0x3ee8 Bitdefender-Geldbörse-Agent - ok
11:38:59.0392 0x3ee8 Waiting for KSN requests completion. In queue: 145
11:39:00.0393 0x3ee8 Waiting for KSN requests completion. In queue: 145
11:39:01.0393 0x3ee8 Waiting for KSN requests completion. In queue: 145
11:39:02.0657 0x3ee8 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
11:39:02.0687 0x3ee8 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2223.1143 ), 0x40000 ( disabled : updated )
11:39:02.0690 0x3ee8 FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2223.1143 ), 0x41010 ( enabled )
11:39:05.0059 0x3ee8 ============================================================
11:39:05.0059 0x3ee8 Scan finished
11:39:05.0059 0x3ee8 ============================================================
11:39:05.0083 0x41c8 Detected object count: 0
11:39:05.0083 0x41c8 Actual detected object count: 0
11:39:57.0908 0x1e90 ============================================================
11:39:57.0908 0x1e90 Scan started
11:39:57.0908 0x1e90 Mode: Manual; SigCheck; TDLFS;
11:39:57.0908 0x1e90 ============================================================
11:39:57.0908 0x1e90 KSN ping started
11:40:00.0309 0x1e90 KSN ping finished: true
11:40:00.0822 0x1e90 ================ Scan system memory ========================
11:40:00.0822 0x1e90 System memory - ok
11:40:00.0822 0x1e90 ================ Scan services =============================
11:40:00.0909 0x1e90 [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci C:\windows\System32\drivers\1394ohci.sys
11:40:01.0065 0x1e90 1394ohci - ok
11:40:01.0077 0x1e90 [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware C:\windows\system32\drivers\3ware.sys
11:40:01.0106 0x1e90 3ware - ok
11:40:01.0141 0x1e90 [ E796AE43DDD1844281DB4D57294D17C0, 21AE69615044A96041E46476BE814B52C22624B6C7EA6BFC77BB64F69C3C21F5 ] ACPI C:\windows\system32\drivers\ACPI.sys
11:40:01.0179 0x1e90 ACPI - ok
11:40:01.0192 0x1e90 [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex C:\windows\system32\Drivers\acpiex.sys
11:40:01.0205 0x1e90 acpiex - ok
11:40:01.0209 0x1e90 [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr C:\windows\System32\drivers\acpipagr.sys
11:40:01.0224 0x1e90 acpipagr - ok
11:40:01.0229 0x1e90 [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi C:\windows\System32\drivers\acpipmi.sys
11:40:01.0245 0x1e90 AcpiPmi - ok
11:40:01.0249 0x1e90 [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime C:\windows\System32\drivers\acpitime.sys
11:40:01.0265 0x1e90 acpitime - ok
11:40:01.0269 0x1e90 [ AF7A18603B0B82DFA5B420456FAF2201, 64AD831433778BB0B0B1615EEA7682960ED5815A091A9EFEE95A862EFBDE6D69 ] ACPIVPC C:\windows\System32\drivers\AcpiVpc.sys
11:40:01.0320 0x1e90 ACPIVPC - ok
11:40:01.0327 0x1e90 [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:40:01.0336 0x1e90 AdobeARMservice - ok
11:40:01.0367 0x1e90 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
11:40:01.0396 0x1e90 AdobeFlashPlayerUpdateSvc - ok
11:40:01.0417 0x1e90 [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX C:\windows\system32\drivers\ADP80XX.SYS
11:40:01.0444 0x1e90 ADP80XX - ok
11:40:01.0454 0x1e90 [ BCD58DACAA1EAAADC115EDD940478F6D, F31613F583C302F62A00E6766B031531C9E193CAED563689B178BA257715B992 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
11:40:01.0477 0x1e90 AeLookupSvc - ok
11:40:01.0495 0x1e90 [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD C:\windows\system32\drivers\afd.sys
11:40:01.0526 0x1e90 AFD - ok
11:40:01.0532 0x1e90 [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440 C:\windows\system32\drivers\agp440.sys
11:40:01.0543 0x1e90 agp440 - ok
11:40:01.0548 0x1e90 [ FE14D249D39368CA62D8DA6BC94AC694, E1036E22BFBD3750FD2D3DA6AB939B2DD54E824F4BD3E6539EF0E45AB5453DD1 ] ahcache C:\windows\system32\DRIVERS\ahcache.sys
11:40:01.0566 0x1e90 ahcache - ok
11:40:01.0571 0x1e90 [ 14A45BE6F5678339F0EC5752D9849410, DD0F60E96FAC68FBD5B86382E541408C613BD0F871D0E0A1EF9AB6E7B26E545C ] ALG C:\windows\System32\alg.exe
11:40:01.0586 0x1e90 ALG - ok
11:40:01.0602 0x1e90 [ 5EE5E5DF9E92B3A5581B9DE7DCC05972, 6AD4D98F00C2B454807450EDB9ED3545BA91B608A853A59BDE7282808CBFF6B0 ] AllShare Framework DMS C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe
11:40:01.0620 0x1e90 AllShare Framework DMS - detected UnsignedFile.Multi.Generic ( 1 )
11:40:01.0620 0x1e90 Detect skipped due to KSN trusted
11:40:01.0620 0x1e90 AllShare Framework DMS - ok
11:40:01.0624 0x1e90 [ E019017558B28A707119F8545AD1A1C0, 7A080DB2BDD1AE7E849EE79BF42B737D78A4F6EA6D07F61D6E994D7A383E9551 ] ambakdrv C:\windows\system32\ambakdrv.sys
11:40:01.0636 0x1e90 ambakdrv - detected UnsignedFile.Multi.Generic ( 1 )
11:40:01.0636 0x1e90 Detect skipped due to KSN trusted
11:40:01.0636 0x1e90 ambakdrv - ok
11:40:01.0642 0x1e90 [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8 C:\windows\System32\drivers\amdk8.sys
11:40:01.0658 0x1e90 AmdK8 - ok
11:40:01.0663 0x1e90 [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM C:\windows\System32\drivers\amdppm.sys
11:40:01.0678 0x1e90 AmdPPM - ok
11:40:01.0683 0x1e90 [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata C:\windows\system32\drivers\amdsata.sys
11:40:01.0695 0x1e90 amdsata - ok
11:40:01.0705 0x1e90 [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
11:40:01.0720 0x1e90 amdsbs - ok
11:40:01.0726 0x1e90 [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata C:\windows\system32\drivers\amdxata.sys
11:40:01.0737 0x1e90 amdxata - ok
11:40:01.0744 0x1e90 [ 46014EDFDC8AF8733E14947448D122C5, 8CE2BD29CF7230A624745334A76F5F8C2E5C01EEDB2B803F9468771BC9DCBC4D ] ammntdrv C:\windows\system32\ammntdrv.sys
11:40:01.0757 0x1e90 ammntdrv - detected UnsignedFile.Multi.Generic ( 1 )
11:40:01.0757 0x1e90 Detect skipped due to KSN trusted
11:40:01.0757 0x1e90 ammntdrv - ok
11:40:01.0761 0x1e90 [ 415DD71628795197F7AFC176CBADC74E, 5F0359053A6CD6EE239139E0E6F46E1FA9A73F017C0CE9B7BC052216B2C846EC ] AppID C:\windows\system32\drivers\appid.sys
11:40:01.0779 0x1e90 AppID - ok
11:40:01.0787 0x1e90 [ 34B2E222F82D05398DAE7203B36B6A2B, AC04BC6B5A36A6807FFE302E9ACF073342B4D76B0BB386249251CB3CA1852CE8 ] AppIDSvc C:\windows\System32\appidsvc.dll
11:40:01.0802 0x1e90 AppIDSvc - ok
11:40:01.0807 0x1e90 [ 680BFB820C5A943AB709BAA2B1EF27F2, A51D2A7976A762FE470C13C6D1BA0319A0FB19C9E66BF02AA44F83EAEC7130F8 ] Appinfo C:\windows\System32\appinfo.dll
11:40:01.0826 0x1e90 Appinfo - ok
11:40:01.0832 0x1e90 [ 6EB87FDB59AABF6D19C927492DEA0D36, 36168F8CC75D16917A30FA1FACF57659BC2ADF870D20DEE93F851D5348E605BB ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:40:01.0842 0x1e90 Apple Mobile Device Service - ok
11:40:01.0855 0x1e90 [ 35E28923A23ADABAA5A1B43256D0AB58, A5F3AF8BBEE58B2165BAFACC5FF8B167B55B020998D3D1565C2229ED8753B269 ] AppReadiness C:\windows\system32\AppReadiness.dll
11:40:01.0884 0x1e90 AppReadiness - ok
11:40:01.0913 0x1e90 [ 573542B5E97772021B73E854DA861DAA, C3FD00FA28060F8D7CDFD455BBB5FF8239CB76DDFFF2BDAE6AA944674DD993D3 ] AppXSvc C:\windows\system32\appxdeploymentserver.dll
11:40:01.0951 0x1e90 AppXSvc - ok
11:40:01.0958 0x1e90 [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas C:\windows\system32\drivers\arcsas.sys
11:40:01.0972 0x1e90 arcsas - ok
11:40:01.0976 0x1e90 [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi C:\windows\system32\drivers\atapi.sys
11:40:01.0986 0x1e90 atapi - ok
11:40:01.0994 0x1e90 [ 431FE56F5A2F5937994CB2DA330B47DB, E5AED551529A21494114959251FDF566802DD6D9B9D86A937A0EECE53338CAC7 ] AudioEndpointBuilder C:\windows\System32\AudioEndpointBuilder.dll
11:40:02.0019 0x1e90 AudioEndpointBuilder - ok
11:40:02.0040 0x1e90 [ 0F03CC00645D7F841879A048787D6AC7, 3ECD2486157469F2EDB63D4868338D1445F2909153DF0AFFE432083730EEE3F5 ] Audiosrv C:\windows\System32\Audiosrv.dll
11:40:02.0073 0x1e90 Audiosrv - ok
11:40:02.0103 0x1e90 [ 9845EF176613C9E325A1CA4B40925F69, B37EDAA45B5767F45CEA128799570B6F2084BA84E672B6FCEAF920296FD3AED6 ] avc3 C:\windows\system32\DRIVERS\avc3.sys
11:40:02.0140 0x1e90 avc3 - ok
11:40:02.0150 0x1e90 [ A692B4E9773CD0BDCE99DEEB0AB5D3AC, 7DE2D61857E98D319D6BF66B12C6450E6C5F299EEB781AFA29473471E9ED504C ] avchv C:\windows\system32\DRIVERS\avchv.sys
11:40:02.0166 0x1e90 avchv - ok
11:40:02.0184 0x1e90 [ 1B25E559C0AE349206641C9DED74D02F, 8E5210A98B2950C0B7086EF08E0E49D4F05933F5FB98F852614E5E5083731438 ] avckf C:\windows\system32\DRIVERS\avckf.sys
11:40:02.0208 0x1e90 avckf - ok
11:40:02.0215 0x1e90 [ 943B743BEA5AE4EEA43250FFCC99C522, 387966A350796EFB6682A975D66F057B622296F6ADF4AFCEECD9F775BA97BFE6 ] AX88772 C:\windows\system32\DRIVERS\ax88772.sys
11:40:02.0232 0x1e90 AX88772 - ok
11:40:02.0236 0x1e90 [ 3C6ED74AF41DD1A5585CE5EF3D00915F, A742F576407776634E5A8E49C60023FFDF395DE0B2DE36662A23F85B79405ED2 ] AxInstSV C:\windows\System32\AxInstSV.dll
11:40:02.0253 0x1e90 AxInstSV - ok
11:40:02.0267 0x1e90 [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
11:40:02.0290 0x1e90 b06bdrv - ok
11:40:02.0296 0x1e90 [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay C:\windows\System32\drivers\BasicDisplay.sys
11:40:02.0313 0x1e90 BasicDisplay - ok
11:40:02.0322 0x1e90 [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender C:\windows\System32\drivers\BasicRender.sys
11:40:02.0340 0x1e90 BasicRender - ok
11:40:02.0347 0x1e90 [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2 C:\windows\System32\drivers\bcmfn2.sys
11:40:02.0357 0x1e90 bcmfn2 - ok
11:40:02.0362 0x1e90 [ 3701D3BF4AC12EAACB1F58847C1D32FC, 29F3DA7E4C1706934BE92D03CB6F633C47D0251E5580958E823B6148DA5E5E73 ] bdelam C:\windows\system32\drivers\bdelam.sys
11:40:02.0376 0x1e90 bdelam - ok
11:40:02.0391 0x1e90 [ 77D760E9B477C21487C171F561497F98, 2393D466CEC863C771C5BB4CD81B251635DC084386134B8E13F74F3E1C6D68DF ] BDESVC C:\windows\System32\bdesvc.dll
11:40:02.0417 0x1e90 BDESVC - ok
11:40:02.0422 0x1e90 [ E2C24DBCCD01794E5C6BE19748DF2769, 0739C75F6630FA83609F5B2AB4DD22C5ECAC9E43F96FE9C730C9DF6899AACE66 ] bdfwfpf C:\Program Files\Common Files\Bitdefender\Bitdefender Firewall\bdfwfpf.sys
11:40:02.0437 0x1e90 bdfwfpf - ok
11:40:02.0440 0x1e90 [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep C:\windows\system32\drivers\Beep.sys
11:40:02.0458 0x1e90 Beep - ok
11:40:02.0478 0x1e90 [ 22A5582ACF0CEE97268D7868C69F35CE, 78A44C10966FE467D3FCC76BE37647AE2CC2BCA9DE5715AD9E643162B23C3A19 ] BFE C:\windows\System32\bfe.dll
11:40:02.0513 0x1e90 BFE - ok
11:40:02.0535 0x1e90 [ 48554994279BFE17A3D2B00076D0CB1A, 6521B1EC0BC6B01F63976370D89FE7DC2E7404899F68B6FAC37A9173B9C5D489 ] BITS C:\windows\System32\qmgr.dll
11:40:02.0569 0x1e90 BITS - ok
11:40:02.0597 0x1e90 [ 4D87518BA68C308299441337C55F5427, AE46F847EE605213A3AE9BEFE5EB0B7B8D877340EA1A6CF9EF5683A02ECFE399 ] Bluetooth Device Monitor C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
11:40:02.0769 0x1e90 Bluetooth Device Monitor - ok
11:40:02.0794 0x1e90 [ 19786E2114E2FCB4EAA30808E9D4FB9A, FCBD15EA7CB0B22DA9ABFACF95DE877042201C85EBC219F5204E12F76E8DBC09 ] Bluetooth OBEX Service C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
11:40:02.0976 0x1e90 Bluetooth OBEX Service - ok
11:40:02.0991 0x1e90 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:40:03.0008 0x1e90 Bonjour Service - ok
11:40:03.0014 0x1e90 [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser C:\windows\system32\DRIVERS\bowser.sys
11:40:03.0032 0x1e90 bowser - ok
11:40:03.0040 0x1e90 [ FA601515FF2B59F25FDD8EDB1D2A1104, 21DFB53241F8E880F7546B9ADF38F47D6AD0782EC7F8F0284ED69DE7CEF7DCB9 ] BrokerInfrastructure C:\windows\System32\bisrv.dll
11:40:03.0062 0x1e90 BrokerInfrastructure - ok
11:40:03.0069 0x1e90 [ BC111AADACD0BF59D56547461D13AB6E, 91E3619930C29EE4B2683683888BA7EE3CF6B1DDB0C19A14E0880470CBE40EF4 ] Browser C:\windows\System32\browser.dll
11:40:03.0086 0x1e90 Browser - ok
11:40:03.0095 0x1e90 [ 0471D5669F18C50E552B2BC0CB15E7B3, 472F471FF9E5A1FDD5610BAC2F5E727AB284B7B5A71C4E515D549667F0B5EB86 ] BrYNSvc C:\Program Files (x86)\Browny02\BrYNSvc.exe
11:40:03.0119 0x1e90 BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:40:03.0119 0x1e90 Detect skipped due to KSN trusted
11:40:03.0119 0x1e90 BrYNSvc - ok
11:40:03.0123 0x1e90 [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg C:\windows\System32\drivers\BthAvrcpTg.sys
11:40:03.0138 0x1e90 BthAvrcpTg - ok
11:40:03.0143 0x1e90 [ 12418846B057E4F92FC621F5C6CF737D, 0B8B0EADE4F2AD95D450A5C71C287C0F04F33897ABF27D3E3B6428A3C99C7B5D ] BthEnum C:\windows\System32\drivers\BthEnum.sys
11:40:03.0160 0x1e90 BthEnum - ok
11:40:03.0165 0x1e90 [ 272A62B660A48AEF366F8A1836CED19F, 78EFAC6B1B2313482329BBFFBF0DDA6462BD88E5BE3C817C5E8E0EAF3074C925 ] BthHFEnum C:\windows\System32\drivers\bthhfenum.sys
11:40:03.0181 0x1e90 BthHFEnum - ok
11:40:03.0186 0x1e90 [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid C:\windows\System32\drivers\BthHFHid.sys
11:40:03.0200 0x1e90 bthhfhid - ok
11:40:03.0213 0x1e90 [ 9307A4B743D277C499CDA8E19E5687AC, 7A01989EC3D54581F292BDEDC9B9445F2ABD50165102617E3089BDD061C63A19 ] BthHFSrv C:\windows\System32\BthHFSrv.dll
11:40:03.0233 0x1e90 BthHFSrv - ok
11:40:03.0245 0x1e90 [ D30C67473A2E229662D21F27EAA9AAA5, D009C4836B0DFE963D8E3DEEDE611068838F2BBCAB146E6D70692FAB838E11F1 ] BthLEEnum C:\windows\System32\drivers\BthLEEnum.sys
11:40:03.0263 0x1e90 BthLEEnum - ok
11:40:03.0268 0x1e90 [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM C:\windows\System32\drivers\bthmodem.sys
11:40:03.0283 0x1e90 BTHMODEM - ok
11:40:03.0289 0x1e90 [ 25BB93167DEF270188072603F92A1EF5, CE4637CE4B63420E218F53CAF89A8C85D036B879B80456FEF3C7C395590E26BB ] BthPan C:\windows\System32\drivers\bthpan.sys
11:40:03.0307 0x1e90 BthPan - ok
11:40:03.0344 0x1e90 [ B810B2B39CCA90DC6BF42AF1658AE0D1, D184F927BCFBDE7063A0C9873BF2C174226E1AB5081A7108FCC66210CD117465 ] BTHPORT C:\windows\System32\Drivers\BTHport.sys
11:40:03.0380 0x1e90 BTHPORT - ok
11:40:03.0386 0x1e90 [ 043A0F37631BF453F16D478B71320F46, C368296B802984F438852927B8A40EA3F4205724A05828F3173F08EC17228356 ] bthserv C:\windows\system32\bthserv.dll
11:40:03.0402 0x1e90 bthserv - ok
11:40:03.0407 0x1e90 [ 52A1B7ECAB4C9EF70FD41241691E09D3, F7A5BFE72D3151E73DD9922A76964C08AC1FDCB8460D9A17DCF8B7969006AD42 ] BTHUSB C:\windows\System32\Drivers\BTHUSB.sys
11:40:03.0423 0x1e90 BTHUSB - ok
11:40:03.0429 0x1e90 [ 4428C299BE7B9841ECFA82044B69FA6A, F8AB607D6CACBF2DDE3C392F9756B9F32CB99664A75F3140365CB916450660EC ] btmaux C:\windows\system32\DRIVERS\btmaux.sys
11:40:03.0440 0x1e90 btmaux - ok
11:40:03.0470 0x1e90 [ 7B31A8A9DC95B3634D896FD0F2814F19, 8FD5FBC61968F4BB8C2BAD0D432D5B86DCFED38CCF6F559F9EFB71AADD25474F ] btmhsf C:\windows\system32\DRIVERS\btmhsf.sys
11:40:03.0503 0x1e90 btmhsf - ok
11:40:03.0533 0x1e90 [ FECA9F830A5C6BAB9978E6781A26AE2B, CA1681A2F4FA849815B8E823805E078DB9C050CEE86E9E394B2A37B57CC474A6 ] c2cautoupdatesvc C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
11:40:03.0568 0x1e90 c2cautoupdatesvc - ok
11:40:03.0603 0x1e90 [ 5B33709F7FE59BB625F113EED86AFC5C, 8D29FE242D55526FDEB2CB4009B5DE19C93972E872BE6328AD3305E360A3D44B ] c2cpnrsvc C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
11:40:03.0646 0x1e90 c2cpnrsvc - ok
11:40:03.0652 0x1e90 [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
11:40:03.0671 0x1e90 cdfs - ok
11:40:03.0681 0x1e90 [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom C:\windows\System32\drivers\cdrom.sys
11:40:03.0697 0x1e90 cdrom - ok
11:40:03.0703 0x1e90 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] CertPropSvc C:\windows\System32\certprop.dll
11:40:03.0720 0x1e90 CertPropSvc - ok
11:40:03.0725 0x1e90 [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass C:\windows\System32\drivers\circlass.sys
11:40:03.0740 0x1e90 circlass - ok
11:40:03.0750 0x1e90 [ 8EB7E70C2D348FE2476A2E3F2D585E3D, 2B5D407FACF1D049261026CC552A7C93B028A661B0F4E959815EAE7670054127 ] CLFS C:\windows\system32\drivers\CLFS.sys
11:40:03.0768 0x1e90 CLFS - ok
11:40:03.0778 0x1e90 [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt C:\windows\System32\drivers\CmBatt.sys
11:40:03.0793 0x1e90 CmBatt - ok
11:40:03.0806 0x1e90 [ 5E5AB950693F2C6D6ACBEE3A74697ED7, 3790A7DD0AC65F47A697A577744FDFA4CC1CA3422884C84E499F97AC91BA84F3 ] CNG C:\windows\system32\Drivers\cng.sys
11:40:03.0829 0x1e90 CNG - ok
11:40:03.0835 0x1e90 [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus C:\windows\System32\drivers\CompositeBus.sys
11:40:03.0849 0x1e90 CompositeBus - ok
11:40:03.0857 0x1e90 COMSysApp - ok
11:40:03.0862 0x1e90 [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv C:\windows\system32\drivers\condrv.sys
11:40:03.0880 0x1e90 condrv - ok
11:40:03.0914 0x1e90 [ 556F1FB9F0B6CEB25C2801B1F02C2531, A724148E574F7BC69453722F7C3F17417095468D2E1714339139F5CD4FA89D32 ] cphs C:\windows\SysWow64\IntelCpHeciSvc.exe
11:40:03.0946 0x1e90 cphs - ok
11:40:03.0962 0x1e90 [ E0F25019195B8417F0F2BDA2D337EEE4, 65BF9EA9846204C3587CB477E33BC74FE0ACE3B5A900FB88F0104B45CDBB464A ] CronService C:\Windows\Prey\wpxsvc.exe
11:40:03.0987 0x1e90 CronService - detected UnsignedFile.Multi.Generic ( 1 )
11:40:03.0987 0x1e90 Detect skipped due to KSN trusted
11:40:03.0987 0x1e90 CronService - ok
11:40:03.0989 0x1e90 Crypkey License - ok
11:40:03.0996 0x1e90 [ 6324F0D18FB52833BA64BC828E29054C, 04118FA1BDFC512F76E4A81FEF34C78B6BD98429DB1D65123B6802B4A1E30584 ] CryptSvc C:\windows\system32\cryptsvc.dll
11:40:04.0017 0x1e90 CryptSvc - ok
11:40:04.0022 0x1e90 [ 389C998C64319CD97625B0550E52ECFA, DD0EDDD9C8412F78D2D2B648D67DA887C3040E05DF29F48F71299CB68FDDD0F8 ] dam C:\windows\system32\drivers\dam.sys
11:40:04.0034 0x1e90 dam - ok
11:40:04.0054 0x1e90 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] DcomLaunch C:\windows\system32\rpcss.dll
11:40:04.0092 0x1e90 DcomLaunch - ok
11:40:04.0104 0x1e90 [ 95E1ABFB27F8A62ED764805775F0D2F3, 692865DA60C93481E01592883678B2C51FD9AC9A835DFB00A8E3F2DFEE7AB0ED ] defragsvc C:\windows\System32\defragsvc.dll
11:40:04.0129 0x1e90 defragsvc - ok
11:40:04.0141 0x1e90 [ FF086DEF5995558CCB1B5AAC2110195D, CED52FF01F9247BFDAFC5C7EFC538F8638146ED715574A422496EE0F846CB079 ] DeviceAssociationService C:\windows\system32\das.dll
11:40:04.0164 0x1e90 DeviceAssociationService - ok
11:40:04.0170 0x1e90 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] DeviceInstall C:\windows\system32\umpnpmgr.dll
11:40:04.0188 0x1e90 DeviceInstall - ok
11:40:04.0194 0x1e90 [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc C:\windows\system32\Drivers\dfsc.sys
11:40:04.0214 0x1e90 Dfsc - ok
11:40:04.0223 0x1e90 [ 3EEAADA3125431980E5804ED7143458A, 381E12C83E3211C255B321D35536F4049D67E31061F8D82155E4D4509E97F43D ] Dhcp C:\windows\system32\dhcpcore.dll
11:40:04.0248 0x1e90 Dhcp - ok
11:40:04.0300 0x1e90 [ 3ECB752A6963B1CBC9AD65ED89C8ACED, 1D47D2EBD2C8D2B9F8D2D12A5FD93E6B10335EB6B23252DDEA6DF2233655FA59 ] DiagTrack C:\windows\system32\diagtrack.dll
11:40:04.0372 0x1e90 DiagTrack - ok
11:40:04.0380 0x1e90 [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk C:\windows\system32\drivers\disk.sys
11:40:04.0391 0x1e90 disk - ok
11:40:04.0725 0x1e90 [ 260169AFE0247D3817DDD7EC6C6AD0BC, 2C0FB869A23AC18B7874899C5599691464C158E1881AD5EEEE95D6D0B182C9CF ] DisplayLinkService C:\Program Files\DisplayLink Core Software\DisplayLinkManager.exe
11:40:05.0016 0x1e90 DisplayLinkService - ok
11:40:05.0037 0x1e90 [ 13ED2100E5B9BA035BAF0BF437CDA70F, 00975CC61526AE05694531203EE521C939CE633F10467A1BB061E573A16F5FA3 ] DisplayLinkUsbIo_x64 C:\windows\System32\drivers\DisplayLinkUsbIo_x64_7.4.48800.0.sys
11:40:05.0053 0x1e90 DisplayLinkUsbIo_x64 - ok
11:40:05.0060 0x1e90 [ E21BDB9558BD7EC4ADA9514E97A0DCEF, FFB8496A031FBC6D8BD4322FF0B41A857ECB87C8DC09C99AAB0B365E6268AD5A ] dlcdcncm6_x64 C:\windows\system32\DRIVERS\dlcdcncm6_x64.sys
11:40:05.0077 0x1e90 dlcdcncm6_x64 - ok
11:40:05.0095 0x1e90 [ 68606C57F940117BB71103F4D4AF3761, F01901731BC0B4818C739BD8E6EC7777163B33B7CC93D2768F9DD4ED6706F9BA ] dlkmd C:\windows\system32\drivers\dlkmd.sys
11:40:05.0123 0x1e90 dlkmd - ok
11:40:05.0129 0x1e90 [ 1EF1046C8F3859B2760655D599143274, 381896422E7F75DEA1B365D9C4A32CD7858C2D0230B78FCA1C2543E8A7F81EF7 ] dlkmdldr C:\windows\system32\drivers\dlkmdldr.sys
11:40:05.0143 0x1e90 dlkmdldr - ok
11:40:05.0154 0x1e90 [ 898F78DEF8DEB668BD075FDB9D146672, 28B92A5C64F447CB402F5FFC0F2BD09231FFEFDCAEA3066EBF2E5C6B06DC6544 ] dlusbaudio C:\windows\system32\DRIVERS\dlusbaudio_x64.sys
11:40:05.0174 0x1e90 dlusbaudio - ok
11:40:05.0181 0x1e90 [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc C:\windows\System32\drivers\dmvsc.sys
11:40:05.0204 0x1e90 dmvsc - ok
11:40:05.0215 0x1e90 [ E9AE4FAE83FB38A2962F9032B24CEB3C, CC7D2D8C97CB779791613D76D6E4AF5D628C948C28BAC584C3C7F6A5A6036FBA ] Dnscache C:\windows\System32\dnsrslvr.dll
11:40:05.0245 0x1e90 Dnscache - ok
11:40:05.0262 0x1e90 [ 811EACBCC7C51A03AE11F13CC27B2AB6, FAB94F84950FFB7D3649BAFB8D96D43B880D7FDE8D5B879472AE26C4BC4203B0 ] dot3svc C:\windows\System32\dot3svc.dll
11:40:05.0293 0x1e90 dot3svc - ok
11:40:05.0304 0x1e90 [ B99CB575986789A93A683DCF292A43A1, 6ACEA31C723B74003E106FC8303542FCC6DBC4952B6B523F6590D006BE57238D ] DPS C:\windows\system32\dps.dll
11:40:05.0336 0x1e90 DPS - ok
11:40:05.0344 0x1e90 [ E87CD3E4F9AC0A2C181990CB781DD4BA, 693F30DF8D4AE732BBB36D250D89DEC05C291B0A0998CBE87677E4F019253432 ] DptfDevPch C:\windows\system32\DRIVERS\DptfDevPch.sys
11:40:05.0367 0x1e90 DptfDevPch - ok
11:40:05.0379 0x1e90 [ 1C3C798B4150F7A047853838EBE2A95B, 8A44147DAB1FCBD5F23B5D427D12D0D5CA4A8260216ECE155CD849D09328069A ] DptfDevProc C:\windows\system32\DRIVERS\DptfDevProc.sys
11:40:05.0407 0x1e90 DptfDevProc - ok
11:40:05.0426 0x1e90 [ 133C04EDB13A8A7740FFA3D7DD397C80, 56A28AF194354A6AA48A9204F13C845A4B3FE4E3139BBDE31DDDE318F3FB20C9 ] DptfManager C:\windows\system32\DRIVERS\DptfManager.sys
11:40:05.0461 0x1e90 DptfManager - ok
11:40:05.0470 0x1e90 [ 8A18176B5108C2FBB23ADA9D548BDD3A, 204E39EE27B6FEDB75E97950B1608DEB0641248857FF0FDD2B66168929967043 ] DptfParticipantProcessorService C:\windows\system32\DptfParticipantProcessorService.exe
11:40:05.0493 0x1e90 DptfParticipantProcessorService - ok
11:40:05.0504 0x1e90 [ 82239362B0C3CDA6C2E69EAB73FA8A97, 73ADB64C365E5C1F2DF92B91982E65577ADC58DE84ECF0399F0C1C380602E630 ] DptfPolicyConfigTDPService C:\windows\system32\DptfPolicyConfigTDPService.exe
11:40:05.0524 0x1e90 DptfPolicyConfigTDPService - ok
11:40:05.0535 0x1e90 [ FAFA22CD7FD7B0A195239E738F7B7030, 9DF3810F814ACD4A694F25482E57ADEA01F1072CEAA4AC14ED5D383A4D2DE385 ] DptfPolicyCriticalService C:\windows\system32\DptfPolicyCriticalService.exe
11:40:05.0557 0x1e90 DptfPolicyCriticalService - ok
11:40:05.0566 0x1e90 [ 06B40DF90D494E2242C63DCACB354B8E, A10EB3EF74EDA33CF710B74E52D97A2B3B7874F3C5212016ED1FB89F8070D6A9 ] DptfPolicyLpmService C:\windows\system32\DptfPolicyLpmService.exe
11:40:05.0587 0x1e90 DptfPolicyLpmService - ok
11:40:05.0593 0x1e90 [ 00C594D5A1DBD22AD8B2902B9F6EFF94, 2920D62B5F7C49A8AFA80FCAD1E834BBAA670AEBDD7E6F21F0496D1D3CCB4E90 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
11:40:05.0611 0x1e90 drmkaud - ok
11:40:05.0623 0x1e90 [ 263625A4F616538EB867B6306A6590DB, 2A064720C247EAA3446EFDCC9E01D84CBA875905D78DFED0FBD62D1EE422D416 ] DsmSvc C:\windows\System32\DeviceSetupManager.dll
11:40:05.0651 0x1e90 DsmSvc - ok
11:40:05.0697 0x1e90 [ E1BB0B6F00F470B451AB45EA13EBA0B3, 3A2FC2175B69A5EB98D6C2D563DBFDCB320647AB87A14E47FAE800423DCACDAB ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
11:40:05.0768 0x1e90 DXGKrnl - ok
11:40:05.0788 0x1e90 [ FA988D76745C917CDFE20031C06DE860, B01AA3611869854D3BCA8B6CD7A6F48CC3537145DD3EBE50F5BEF72239924BF7 ] e1iexpress C:\windows\system32\DRIVERS\e1i63x64.sys
11:40:05.0822 0x1e90 e1iexpress - ok
11:40:05.0832 0x1e90 [ E253530BD5EDE28F1FF6AF93C4D8034D, 787A70C3E946348F066FB8EB81FCE60157217D93FD78ADC631B5835E8D76A253 ] Eaphost C:\windows\System32\eapsvc.dll
11:40:05.0857 0x1e90 Eaphost - ok
11:40:05.0953 0x1e90 [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv C:\windows\system32\drivers\evbda.sys
11:40:06.0093 0x1e90 ebdrv - ok
11:40:06.0105 0x1e90 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] EFS C:\windows\System32\lsass.exe
11:40:06.0125 0x1e90 EFS - ok
11:40:06.0132 0x1e90 [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass C:\windows\system32\drivers\EhStorClass.sys
11:40:06.0151 0x1e90 EhStorClass - ok
11:40:06.0160 0x1e90 [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv C:\windows\system32\drivers\EhStorTcgDrv.sys
11:40:06.0181 0x1e90 EhStorTcgDrv - ok
11:40:06.0186 0x1e90 [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev C:\windows\System32\drivers\errdev.sys
11:40:06.0206 0x1e90 ErrDev - ok
11:40:06.0230 0x1e90 [ F00C593994D57C75273F820653440536, 2DC986D9890EC907405FB2045E6F55ACC384169B45F0B56CCB1A953CF71D9A5D ] EventSystem C:\windows\system32\es.dll
11:40:06.0268 0x1e90 EventSystem - ok
11:40:06.0281 0x1e90 [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat C:\windows\system32\drivers\exfat.sys
11:40:06.0318 0x1e90 exfat - ok
11:40:06.0328 0x1e90 [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat C:\windows\system32\drivers\fastfat.sys
11:40:06.0353 0x1e90 fastfat - ok
11:40:06.0377 0x1e90 [ 304B6AEC4639A7CCCCF544C6BA6177B2, B75CDD52FD3890B3008E06C503945D1E36478F0EC5E067C8DBC2822D7935D24B ] Fax C:\windows\system32\fxssvc.exe
11:40:06.0419 0x1e90 Fax - ok
11:40:06.0425 0x1e90 [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc C:\windows\System32\drivers\fdc.sys
11:40:06.0445 0x1e90 fdc - ok
11:40:06.0452 0x1e90 [ 020D2F29009F893ADEFF4405B4B44565, 9F8501064C72933D1442DA00E70392B30D0207EB7D60F50E6648FF363799E6F1 ] fdPHost C:\windows\system32\fdPHost.dll
11:40:06.0483 0x1e90 fdPHost - ok
11:40:06.0489 0x1e90 [ E80D2EDD2F88B6E20076A0A4F5A5A245, E3CD6E0BE152B22E8A7340EFFD10CCDB1B632CD3EDF487E83F697D2E22A7D594 ] FDResPub C:\windows\system32\fdrespub.dll
11:40:06.0510 0x1e90 FDResPub - ok
11:40:06.0520 0x1e90 [ 47AB7D16EDE434B934AA4D661456C2D5, D375A92FB3E4BB0A8DA5270DACC888E53FB9F514516039FE6DAE4D4EF6B9A970 ] fhsvc C:\windows\system32\fhsvc.dll
11:40:06.0546 0x1e90 fhsvc - ok
11:40:06.0555 0x1e90 [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo C:\windows\system32\drivers\fileinfo.sys
11:40:06.0574 0x1e90 FileInfo - ok
11:40:06.0580 0x1e90 [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace C:\windows\system32\drivers\filetrace.sys
11:40:06.0607 0x1e90 Filetrace - ok
11:40:06.0627 0x1e90 [ 82A80C96C9A199B003BDC837ECA9798F, E8DB1409DB694A90C759F418346AE5D71014AE3513A8B865B50923AD0DFEE395 ] FileZilla Server C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
11:40:06.0659 0x1e90 FileZilla Server - detected UnsignedFile.Multi.Generic ( 1 )
11:40:06.0659 0x1e90 Detect skipped due to KSN trusted
11:40:06.0659 0x1e90 FileZilla Server - ok
11:40:06.0665 0x1e90 [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk C:\windows\System32\drivers\flpydisk.sys
11:40:06.0677 0x1e90 flpydisk - ok
11:40:06.0687 0x1e90 [ C1FB505A73FA2E9019D32444AB33B75A, 765F0635C18295855CA4C0394192E8B94BA2EA1C4D74F86B720358ABA019FFAA ] FltMgr C:\windows\system32\drivers\fltmgr.sys
11:40:06.0705 0x1e90 FltMgr - ok
11:40:06.0732 0x1e90 [ 6C068E7207F183FF3647E45D2599E80C, D65C9888522CA29596D5C8BEFF42356F0310E812117E72C1D612BA089C0940D9 ] FontCache C:\windows\system32\FntCache.dll
11:40:06.0773 0x1e90 FontCache - ok
11:40:06.0779 0x1e90 [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:40:06.0793 0x1e90 FontCache3.0.0.0 - ok
11:40:06.0799 0x1e90 [ 19CD3729F10B39C5A0E770B6B99CA734, 63B24E367EA70444567C3A731DA2C860E3C334010B0F948697E01BDC9A2367FE ] Freemake Improver C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
11:40:06.0814 0x1e90 Freemake Improver - detected UnsignedFile.Multi.Generic ( 1 )
11:40:06.0814 0x1e90 Detect skipped due to KSN trusted
11:40:06.0814 0x1e90 Freemake Improver - ok
11:40:06.0818 0x1e90 [ 23BA2103F69C7E12138240C86030F954, 2BDA358530FC776B835B90AC551D3FEBD660A97620EA9724DD3A5741DD3AB66D ] FreemakeVideoCapture C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
11:40:06.0828 0x1e90 FreemakeVideoCapture - detected UnsignedFile.Multi.Generic ( 1 )
11:40:06.0828 0x1e90 Detect skipped due to KSN trusted
11:40:06.0828 0x1e90 FreemakeVideoCapture - ok
11:40:06.0833 0x1e90 [ A7C31B168F371E8E6796219F23E354DB, C51C9BF568F1E96CBBE57D2432B38F93F40520086DDB6AAAAC48CBCD1691B441 ] FsDepends C:\windows\system32\drivers\FsDepends.sys
11:40:06.0844 0x1e90 FsDepends - ok
11:40:06.0850 0x1e90 [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
11:40:06.0860 0x1e90 Fs_Rec - ok
11:40:06.0875 0x1e90 [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
11:40:06.0900 0x1e90 fvevol - ok
11:40:06.0905 0x1e90 [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM C:\windows\System32\drivers\fxppm.sys
11:40:06.0918 0x1e90 FxPPM - ok
11:40:06.0922 0x1e90 [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
11:40:06.0933 0x1e90 gagp30kx - ok
11:40:06.0938 0x1e90 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
11:40:06.0949 0x1e90 GEARAspiWDM - ok
11:40:06.0952 0x1e90 [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter C:\windows\System32\drivers\vmgencounter.sys
11:40:06.0966 0x1e90 gencounter - ok
11:40:06.0972 0x1e90 [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101 C:\windows\system32\Drivers\msgpioclx.sys
11:40:06.0986 0x1e90 GPIOClx0101 - ok
11:40:07.0017 0x1e90 [ 0D03F87D4FF4ADBAF8336DD80548155A, BC10CFA88EA2F41A8D96CB810B7953A4C168B79273A3E804A9F020F49AB58CD3 ] gpsvc C:\windows\System32\gpsvc.dll
11:40:07.0054 0x1e90 gpsvc - ok
11:40:07.0060 0x1e90 [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
11:40:07.0083 0x1e90 gusvc - ok
11:40:07.0089 0x1e90 [ 4250E0978FBC9B3C0D115CD26C5BA9F4, 5674E267D9053BDF185A73C689CB125EE70AE14C7F2D0E37718379F425EBDC01 ] gzflt C:\windows\system32\DRIVERS\gzflt.sys
11:40:07.0102 0x1e90 gzflt - ok
11:40:07.0116 0x1e90 [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
11:40:07.0136 0x1e90 HdAudAddService - ok
11:40:07.0142 0x1e90 [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus C:\windows\System32\drivers\HDAudBus.sys
11:40:07.0158 0x1e90 HDAudBus - ok
11:40:07.0163 0x1e90 [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt C:\windows\System32\drivers\HidBatt.sys
11:40:07.0175 0x1e90 HidBatt - ok
11:40:07.0182 0x1e90 [ 42F88B57CAE42FC10059C887B3FCFCEA, 9363AA2B8E839A6935A7C6A36C491938DF78024886DCCE6D29CB18E1D6A6D806 ] HidBth C:\windows\System32\drivers\hidbth.sys
11:40:07.0198 0x1e90 HidBth - ok
11:40:07.0202 0x1e90 [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c C:\windows\System32\drivers\hidi2c.sys
11:40:07.0216 0x1e90 hidi2c - ok
11:40:07.0221 0x1e90 [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr C:\windows\System32\drivers\hidir.sys
11:40:07.0234 0x1e90 HidIr - ok
11:40:07.0239 0x1e90 [ EA85B5093DF7B5C3E80362B053740AE2, 1D4251385402A2ADEE8FA1642F54180304F88337DA74989BDE44025ABB145FE5 ] hidserv C:\windows\system32\hidserv.dll
11:40:07.0255 0x1e90 hidserv - ok
11:40:07.0259 0x1e90 [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb C:\windows\System32\drivers\hidusb.sys
11:40:07.0274 0x1e90 HidUsb - ok
11:40:07.0281 0x1e90 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\windows\system32\drivers\HipShieldK.sys
11:40:07.0295 0x1e90 HipShieldK - ok
11:40:07.0301 0x1e90 [ 1724153FDD2FF3DAD9001AD91ED0E1D7, 612335166B24C747C06E4ADA62C5E039A03BE3C6D54415037CB0CBE76267FEB8 ] HitmanProScheduler C:\Program Files\HitmanPro\hmpsched.exe
11:40:07.0314 0x1e90 HitmanProScheduler - ok
11:40:07.0319 0x1e90 [ 93C4315F47F8D635C6DB0DF49FCE10EE, 70C52B8927D54ACD23F27948780B522974250FD5CD81AA9801C3F158C402889F ] hkmsvc C:\windows\system32\kmsvc.dll
11:40:07.0336 0x1e90 hkmsvc - ok
11:40:07.0345 0x1e90 [ AC49522ED106BD4B545D6614D71C2445, 40BD738A301170378ECFC031635EB04E2F812B676376CADDD6607ECABEC9255F ] HomeGroupListener C:\windows\system32\ListSvc.dll
11:40:07.0364 0x1e90 HomeGroupListener - ok
11:40:07.0377 0x1e90 [ 99932E30CE0283B73BB6E5019E150394, 1F88C2F56A7B8E1F75E6359281F418F9661DA4FB7B7D7B14FA7F718B15D4DCE0 ] HomeGroupProvider C:\windows\system32\provsvc.dll
11:40:07.0399 0x1e90 HomeGroupProvider - ok
11:40:07.0404 0x1e90 [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
11:40:07.0416 0x1e90 HpSAMD - ok
11:40:07.0437 0x1e90 [ E87A6D3B8FECD5B93BC0CFBB48C27970, 55C49B6F3822450447C082B40A263F3370694DB53AD0018ADEB911E4A9F65A88 ] HTTP C:\windows\system32\drivers\HTTP.sys
11:40:07.0469 0x1e90 HTTP - ok
11:40:07.0474 0x1e90 [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
11:40:07.0485 0x1e90 hwpolicy - ok
11:40:07.0489 0x1e90 [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd C:\windows\System32\drivers\hyperkbd.sys
11:40:07.0501 0x1e90 hyperkbd - ok
11:40:07.0505 0x1e90 [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo C:\windows\system32\DRIVERS\HyperVideo.sys
11:40:07.0518 0x1e90 HyperVideo - ok
11:40:07.0524 0x1e90 [ 49EE0AE9E5B64FFBBD06D55C4984B598, 8866627F9241B24A59C81D8BCC67A4DCA87576F589599BA291D0E323F679EB4D ] i8042prt C:\windows\System32\drivers\i8042prt.sys
11:40:07.0547 0x1e90 i8042prt - ok
11:40:07.0553 0x1e90 [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO C:\windows\System32\drivers\iaLPSSi_GPIO.sys
11:40:07.0561 0x1e90 iaLPSSi_GPIO - ok
11:40:07.0570 0x1e90 [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C C:\windows\System32\drivers\iaLPSSi_I2C.sys
11:40:07.0580 0x1e90 iaLPSSi_I2C - ok
11:40:07.0598 0x1e90 [ 57CD95DEB3529181BCC931DD2DFB2341, 03ACF906E4C3CF954F503900F42C7A60FCD5624772B90A956F032484146E42B7 ] iaStorA C:\windows\system32\drivers\iaStorA.sys
11:40:07.0621 0x1e90 iaStorA - ok
11:40:07.0637 0x1e90 [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV C:\windows\system32\drivers\iaStorAV.sys
11:40:07.0657 0x1e90 iaStorAV - ok
11:40:07.0662 0x1e90 [ 20E83F4632E15A5E9E716FF2E8AC7FAE, 7CA1A4924F432AD30ED7FA6247C6513DA173EE31132AE115E85C0ED7E5971029 ] IAStorDataMgrSvc C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
11:40:07.0674 0x1e90 IAStorDataMgrSvc - ok
11:40:07.0685 0x1e90 [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
11:40:07.0704 0x1e90 iaStorV - ok
11:40:07.0712 0x1e90 [ CAAC69A001E1A5878D2F050F57F93DA4, 0A4263501F2C1C9E4B3764A2EF27607DF07810A10A2F23F3E389EA3E1E1ACA8A ] ibtusb C:\windows\system32\DRIVERS\ibtusb.sys
11:40:07.0725 0x1e90 ibtusb - ok
11:40:07.0730 0x1e90 IEEtwCollectorService - ok
11:40:07.0799 0x1e90 [ 142CFBE6ED0E498CCA7ABE8DD932C1AF, 513DFF7DA86CCCB9A061CF7ED0AC84305D800A26189179F60B62BD4FFFCF7DDF ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
11:40:07.0890 0x1e90 igfx - ok
11:40:07.0905 0x1e90 [ FB4E894BBCE2472F40AE9EBCA04F3C1B, E7CE716FCE668605D054FED283A639B90143EE1C28A2EC1F6D774BB1510AB36B ] igfxCUIService1.0.0.0 C:\windows\system32\igfxCUIService.exe
11:40:07.0921 0x1e90 igfxCUIService1.0.0.0 - ok
11:40:07.0925 0x1e90 [ 39F3C7E218CE9118106D166F09AE1352, B78ADFC87AACF868D62A7FB0971B8786C1315A9B4D34D3E3159AD3F24D78AD62 ] ikbevent C:\windows\system32\DRIVERS\ikbevent.sys
11:40:07.0936 0x1e90 ikbevent - ok
11:40:07.0961 0x1e90 [ 57322EBB67A59FB64E228F31A84CA43D, 258DA26BDFAB635F145E55CF65CDFCFE4EB91454E3F930489E92810250EF9FD7 ] IKEEXT C:\windows\System32\ikeext.dll
11:40:07.0994 0x1e90 IKEEXT - ok
11:40:08.0001 0x1e90 [ 404906005D768E48BF16218B420249C7, 78409A077F244FCAC806180384C240F3BB1FF7ECF02EDB5E5D3188F458AB23D1 ] imsevent C:\windows\system32\DRIVERS\imsevent.sys
11:40:08.0013 0x1e90 imsevent - ok
11:40:08.0020 0x1e90 [ 3F2BB021CB280880F8C1B7A6FEF9B447, CEC0BF9D6C9CF6E6A9F9B4E656BD47208AC977EDDC11C1C3BCD07EB50BABC017 ] INETMON C:\windows\System32\Drivers\INETMON.sys
11:40:08.0031 0x1e90 INETMON - ok
11:40:08.0035 0x1e90 [ F0F581A2299CB2BAB1DF2597BCDDB80F, EE485AF3049C87666BC6D6BFFC8A0EB4B95831D9061EB81848ECEE29C4232BF4 ] intaud_WaveExtensible C:\windows\system32\drivers\intelaud.sys
11:40:08.0046 0x1e90 intaud_WaveExtensible - ok
11:40:08.0112 0x1e90 [ 4C60B08DFC8E2543075FF13C9E68DD55, C8314F957102DD843763C9CC9A2356AB390FC79E4E636CC43AC80BA6431D2F76 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
11:40:08.0187 0x1e90 IntcAzAudAddService - ok
11:40:08.0203 0x1e90 [ D6A22510D795928E8840619900D672B4, 296F232B0A6D42840A745E4706D2815F6D2E4279DBD90112CBFBFF8833B724AF ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
11:40:08.0224 0x1e90 IntcDAud - ok
11:40:08.0242 0x1e90 [ 0DB1E3F6189C628675F855C0EB510419, 989F539E82105019D2D81255369B96DC65826CD2A421DA09809155B26F69C555 ] Intel(R) Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
11:40:08.0264 0x1e90 Intel(R) Capability Licensing Service Interface - detected UnsignedFile.Multi.Generic ( 1 )
11:40:08.0264 0x1e90 Detect skipped due to KSN trusted
11:40:08.0264 0x1e90 Intel(R) Capability Licensing Service Interface - ok
11:40:08.0281 0x1e90 [ 492AAF2FF66F437F0E796574B116EFC3, 6BF21C61ED05705DD58203952A750D1AB4D4B62F3A2B640BBBD9B85D1ECC3E5C ] Intel(R) Capability Licensing Service TCP IP Interface C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
11:40:08.0306 0x1e90 Intel(R) Capability Licensing Service TCP IP Interface - ok
11:40:08.0313 0x1e90 [ 441D5FAF24CC2EC115B654A55C52F0AF, 5BF5299DAD9A7076C43D68C70E02AEC8DBFD89C1AFDF7CD6AB95550EE25EEB36 ] Intel(R) Wireless Bluetooth(R) 4.0 Radio Management C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
11:40:08.0325 0x1e90 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management - ok
11:40:08.0329 0x1e90 [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide C:\windows\system32\drivers\intelide.sys
11:40:08.0340 0x1e90 intelide - ok
11:40:08.0345 0x1e90 [ 7AA01AB1C110916825E6E1389F1B9AF2, E2885955AFA0908E194B1BC364C9582249B2B2AFFF93F17F3414F55B1E5F2C42 ] intelpep C:\windows\system32\drivers\intelpep.sys
11:40:08.0356 0x1e90 intelpep - ok
11:40:08.0361 0x1e90 [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm C:\windows\System32\drivers\intelppm.sys
11:40:08.0375 0x1e90 intelppm - ok
11:40:08.0381 0x1e90 [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
11:40:08.0402 0x1e90 IpFilterDriver - ok
11:40:08.0422 0x1e90 [ A5800036E4EA06697A34742A24ACFBE1, BA67060526E9213000B4206F86A74F904999AD7018EFCBE4FE9708650DA9D973 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
11:40:08.0454 0x1e90 iphlpsvc - ok
11:40:08.0460 0x1e90 [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV C:\windows\System32\drivers\IPMIDrv.sys
11:40:08.0477 0x1e90 IPMIDRV - ok
11:40:08.0485 0x1e90 [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT C:\windows\system32\drivers\ipnat.sys
11:40:08.0502 0x1e90 IPNAT - ok
11:40:08.0520 0x1e90 [ 2208D673C5D4B22EB0235EA1EC6269CC, 3E73032D67B3B740E11CEA0748CDFFBE35619CBF1AC1C3D86EF089CA326D7918 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
11:40:08.0542 0x1e90 iPod Service - ok
11:40:08.0548 0x1e90 [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM C:\windows\system32\drivers\irenum.sys
11:40:08.0563 0x1e90 IRENUM - ok
11:40:08.0569 0x1e90 [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp C:\windows\system32\drivers\isapnp.sys
11:40:08.0579 0x1e90 isapnp - ok
11:40:08.0591 0x1e90 [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt C:\windows\System32\drivers\msiscsi.sys
11:40:08.0607 0x1e90 iScsiPrt - ok
11:40:08.0613 0x1e90 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\windows\System32\drivers\ISCTD64.sys
11:40:08.0623 0x1e90 ISCT - ok
11:40:08.0632 0x1e90 [ 5215D12B13FC2BC7717AA4884846D34F, B97B8FFC6FB212398BF772C08B318411EA70B683B816906F30EF35DEB5B1C130 ] ISCTAgent C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe
11:40:08.0645 0x1e90 ISCTAgent - ok
11:40:08.0655 0x1e90 [ 5C9B001D8970C2DA36254A916F3DA8F7, 625AC5C3DFAE52BD34EC3F93742D1D2C229785E4F0F3484CFB7B8728A1C830DF ] iumsvc C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
11:40:08.0674 0x1e90 iumsvc - ok
11:40:08.0678 0x1e90 [ C2BC9AC9C6514230A481BDCA6A24BEFD, 84E41675D11EF2EEECED23C8469503C8D12810A2C6B6743D7AA322EB6DF7E68D ] iwdbus C:\windows\System32\drivers\iwdbus.sys
11:40:08.0688 0x1e90 iwdbus - ok
11:40:08.0695 0x1e90 [ 52069AEB42D3D0F97CBCA1085EBF55E6, ADB2EFFF563B3FE113FCD156FD1E469BC24FC1D68AFEDCA21306F76592C9FF88 ] jhi_service C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
11:40:08.0714 0x1e90 jhi_service - ok
11:40:08.0720 0x1e90 [ 5917AFE4A3F695A54B99C1849C8207FE, DD57638966F2F0387DCF9DA4BBAEE3CDD8CC6F1A2D49581A0374D46A565BED4F ] kbdclass C:\windows\System32\drivers\kbdclass.sys
11:40:08.0732 0x1e90 kbdclass - ok
11:40:08.0737 0x1e90 [ 8CD840A062F6BDF41DDE3ACB96164B72, AEAE867F3557C1CE6B931E19D7144A3BD3CBABD81B1542667680D54FC24DEBE1 ] kbdhid C:\windows\System32\drivers\kbdhid.sys
11:40:08.0751 0x1e90 kbdhid - ok
11:40:08.0758 0x1e90 [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic C:\windows\system32\DRIVERS\kdnic.sys
11:40:08.0774 0x1e90 kdnic - ok
11:40:08.0779 0x1e90 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] KeyIso C:\windows\system32\lsass.exe
11:40:08.0790 0x1e90 KeyIso - ok
11:40:08.0796 0x1e90 [ 4E829B18D5BAEC29893792A3C671A847, 64C3B99F53A9D1ACA802B46B09E820AD210B667D5A1CD0ADAF1F12944B15B52E ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
11:40:08.0807 0x1e90 KSecDD - ok
11:40:08.0814 0x1e90 [ 46711F40D0F9E63F786ED23F9BD5215E, 1FBC5101D843E5B43184C98B3D9AF3015C9409EEA6C7BB01B143FD08D4946FC0 ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
11:40:08.0831 0x1e90 KSecPkg - ok
11:40:08.0836 0x1e90 [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk C:\windows\system32\drivers\ksthunk.sys
11:40:08.0852 0x1e90 ksthunk - ok
11:40:08.0863 0x1e90 [ C1591A66028C71147A3E2EAB0B1CCB7E, 82F3D5DCC1614398A144D9791E4BAA814DBA9112677341FD57D5E9834CEDEB41 ] KtmRm C:\windows\system32\msdtckrm.dll
11:40:08.0885 0x1e90 KtmRm - ok
11:40:08.0897 0x1e90 [ CA2828DDE4B09FEFFDB7CE68B3D8D00A, B514792FF1EF36C678BB51644A1C420105D5E2CD6DD5A89A3FB252D08277A40C ] LanmanServer C:\windows\system32\srvsvc.dll
11:40:08.0919 0x1e90 LanmanServer - ok
11:40:08.0928 0x1e90 [ 3DBD9100745F9B8506B8FEC6FE6CCDE3, C3EF2856A1680AFDE133887E48946CF9CAB6755C3BDC07F0326965DCD4096F62 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
|
|
16.08.2015, 11:03
| #9 |
| | Behinderung durch Trojaner?Code:
ATTFilter 11:40:08.0950 0x1e90 LanmanWorkstation - ok
11:40:08.0968 0x1e90 [ 1C079F496D757794605D393335B38C9C, 483221CE92D53DFEAD90B6E1CB67B86873AF94E6BAA83120AA4751F0B021C2A9 ] Lenovo System Agent Service C:\Program Files\Lenovo\iMController\SystemAgentService.exe
11:40:09.0001 0x1e90 Lenovo System Agent Service - ok
11:40:09.0020 0x1e90 [ 8B9F3796EC1762CF255BDB324E5529C8, F73D6BEF19BE20AEB18DA82CB63E9D8B50ACBBE4ED9B646EF0C9F598F6B81F94 ] lfsvc C:\windows\System32\GeofenceMonitorService.dll
11:40:09.0056 0x1e90 lfsvc - ok
11:40:09.0063 0x1e90 [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
11:40:09.0086 0x1e90 lltdio - ok
11:40:09.0097 0x1e90 [ DAE98CC96C5EE308BF4EA7B18F226CB8, 7A6CC56BF075010707715AB6608764291E358EDF27C806A025532869004C686B ] lltdsvc C:\windows\System32\lltdsvc.dll
11:40:09.0128 0x1e90 lltdsvc - ok
11:40:09.0135 0x1e90 [ 1E2662D847B7D9995C65D90D254A7E0F, AFD4063D2071FFCB6B0EAC0715276D986F42326919C86E525DCE12E1109A93E2 ] lmhosts C:\windows\System32\lmhsvc.dll
11:40:09.0156 0x1e90 lmhosts - ok
11:40:09.0173 0x1e90 [ B16F2A40E738277AB75515D4B024305E, 38F48CCD72FA2B32DFD3123C0864AB724AC673414EEE09C6F582754177CD4B98 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
11:40:09.0209 0x1e90 LMS - ok
11:40:09.0221 0x1e90 [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
11:40:09.0240 0x1e90 LSI_SAS - ok
11:40:09.0248 0x1e90 [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
11:40:09.0270 0x1e90 LSI_SAS2 - ok
11:40:09.0276 0x1e90 [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3 C:\windows\system32\drivers\lsi_sas3.sys
11:40:09.0308 0x1e90 LSI_SAS3 - ok
11:40:09.0321 0x1e90 [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS C:\windows\system32\drivers\lsi_sss.sys
11:40:09.0338 0x1e90 LSI_SSS - ok
11:40:09.0369 0x1e90 [ 9A7A7E45DAED2E8C2816716D8D28236A, C94787988826E546A8DC752BD6BE4EA7423DC3762B2D371DB297A63F865A95FF ] LSM C:\windows\System32\lsm.dll
11:40:09.0437 0x1e90 LSM - ok
11:40:09.0447 0x1e90 [ B9D6F27D06565CEFF51FD012B74822CB, D6526314DC2F58745969B7132722C60DB33442CB55ADAB28E7EF64EB088E32DF ] LsvUIService C:\Program Files (x86)\Lenovo\Lenovo Smart Voice\LsvUIService.exe
11:40:09.0469 0x1e90 LsvUIService - ok
11:40:09.0476 0x1e90 [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv C:\windows\system32\drivers\luafv.sys
11:40:09.0499 0x1e90 luafv - ok
11:40:09.0808 0x1e90 [ 7259AEB0F9CD27265032D79DE3003403, 84DB4F33722729BE43D4B596B2F6E0E7AA9577351176585CF7FA0FE61426A790 ] m2UpdateService_{F8F85656-87B0-43BD-B2BA-3B7982C22B5E} C:\Program Files (x86)\Swisscom\My Swisscom Assistant\m2UpdateService.exe
11:40:10.0210 0x1e90 m2UpdateService_{F8F85656-87B0-43BD-B2BA-3B7982C22B5E} - ok
11:40:10.0235 0x1e90 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\windows\system32\drivers\mbam.sys
11:40:10.0252 0x1e90 MBAMProtector - ok
11:40:10.0302 0x1e90 [ 301E3FDFCF33640BB8763BA444BC5093, 362B069BB9A313A06B376CE27E6F7F8D569F6CA39A8ABC96D9DF231EE462C604 ] MBAMScheduler C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
11:40:10.0398 0x1e90 MBAMScheduler - ok
11:40:10.0434 0x1e90 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
11:40:10.0507 0x1e90 MBAMService - ok
11:40:10.0521 0x1e90 [ 8F22037D3F5A6BB676525D825A1388B9, 2AAC748D46136DFA1BE45150BF0AB7707D45391CAC1F63B964D341D11B135C91 ] MBAMSwissArmy C:\windows\system32\drivers\MBAMSwissArmy.sys
11:40:10.0538 0x1e90 MBAMSwissArmy - ok
11:40:10.0544 0x1e90 [ 85CFE7AB85B43B6B7AC7961AA3983A9F, 4E88B75818FD00C0ABBDF8E02EBFB550A67B46E5E13D3B3DF52611793F7DA0DD ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
11:40:10.0567 0x1e90 MBAMWebAccessControl - ok
11:40:10.0569 0x1e90 McAWFwk - ok
11:40:10.0573 0x1e90 McOobeSv2 - ok
11:40:10.0581 0x1e90 [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas C:\windows\system32\drivers\megasas.sys
11:40:10.0598 0x1e90 megasas - ok
11:40:10.0616 0x1e90 [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr C:\windows\system32\drivers\megasr.sys
11:40:10.0648 0x1e90 megasr - ok
11:40:10.0655 0x1e90 [ E0EF6C1399A9B1AAA0B28590411BED04, 10C193D1ED434A6DC2AD8C450012B9AF1C848A0A0B3B775F13495648FB77E009 ] MEIx64 C:\windows\system32\DRIVERS\TeeDriverx64.sys
11:40:10.0668 0x1e90 MEIx64 - ok
11:40:10.0673 0x1e90 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
11:40:10.0684 0x1e90 Microsoft Office Groove Audit Service - ok
11:40:10.0688 0x1e90 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] MMCSS C:\windows\system32\mmcss.dll
11:40:10.0704 0x1e90 MMCSS - ok
11:40:10.0708 0x1e90 [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem C:\windows\system32\drivers\modem.sys
11:40:10.0724 0x1e90 Modem - ok
11:40:10.0729 0x1e90 [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor C:\windows\System32\drivers\monitor.sys
11:40:10.0744 0x1e90 monitor - ok
11:40:10.0749 0x1e90 [ 08374E4E5B8914DE6067CBA99F61E930, CBB1390D6523FC968BEDF78FD13699488621ACB2CD1DF55D1606316090548661 ] mouclass C:\windows\System32\drivers\mouclass.sys
11:40:10.0760 0x1e90 mouclass - ok
11:40:10.0765 0x1e90 [ 5FCBAB60598AE119E02B4C27DE6B99EA, 36F30094F700DE41C293047ACB49ED1961DD927BEDAD8DFDAB7023D4D24CB0DE ] mouhid C:\windows\System32\drivers\mouhid.sys
11:40:10.0779 0x1e90 mouhid - ok
11:40:10.0785 0x1e90 [ D1D82F007A079A4D623DBD1F36EF30A1, 7901F81B62C5A4196D75A10C05386B16831CB290EFB9A1611CECF281068C520F ] mountmgr C:\windows\system32\drivers\mountmgr.sys
11:40:10.0798 0x1e90 mountmgr - ok
11:40:10.0803 0x1e90 [ 2E1F005987F6C31ADE25B67C2D172DF6, 7DDEA05F80158FECCF37A31F056D04E8E76115B178557450056DEC516D3027C8 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:40:10.0824 0x1e90 MozillaMaintenance - ok
11:40:10.0829 0x1e90 [ 6FC047578785B0435F4E2660946D1ADC, 8AEA5659F01FC2F75160922C69622502DABA39F33CB90D5178DD679A1CDE617D ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
11:40:10.0844 0x1e90 mpsdrv - ok
11:40:10.0870 0x1e90 [ C18AA14126ADC66478E8E962B2DFAA98, A6F8CE9D88D590DC083253004392572C3BD02C33433CD6C0D9117D2AA7171EEC ] MpsSvc C:\windows\system32\mpssvc.dll
11:40:10.0900 0x1e90 MpsSvc - ok
11:40:10.0907 0x1e90 [ DB32958F0E704EFBF7F15161A569E39F, 8A26448B954F8A16EE9BA72EF47F6C549A75B30BD13FEB5A29EB099A74D8F678 ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
11:40:10.0923 0x1e90 MRxDAV - ok
11:40:10.0935 0x1e90 [ 6FBDF2B1B025A8E6E069234362FFFFB7, CF1AFC088F59AD61037F4C4650F3BAEE7FE37C40B3A27B903475F005410F8155 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
11:40:10.0959 0x1e90 mrxsmb - ok
11:40:10.0970 0x1e90 [ BCBD64220AD85C26823453FF1DC3EFBD, 0245E3659E9135B9276F3CCFBEA0CEFFC4F4C0826F6D19B6329057620235F087 ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
11:40:10.0990 0x1e90 mrxsmb10 - ok
11:40:10.0998 0x1e90 [ 57C2473D501331211D6885FD59F3E44B, 10253703DB32A32291C61B6962A79E374B5DF7DD14A6B6AFD08A99EF26206619 ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
11:40:11.0017 0x1e90 mrxsmb20 - ok
11:40:11.0022 0x1e90 [ F3C060444777A59FC63D920719E43CCD, 8766A2746E3DFB0749E902F458141269335CA6F0CEDCA3D5F8C204637C19E783 ] MsBridge C:\windows\system32\DRIVERS\bridge.sys
11:40:11.0037 0x1e90 MsBridge - ok
11:40:11.0045 0x1e90 [ 915747E010A9414B069173284A9B93F4, 8A335C28FE1EF96DD71485877F2E86155D24B5614ACE05468F4B07E2ACD56331 ] MSDTC C:\windows\System32\msdtc.exe
11:40:11.0061 0x1e90 MSDTC - ok
11:40:11.0070 0x1e90 [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs C:\windows\system32\drivers\Msfs.sys
11:40:11.0085 0x1e90 Msfs - ok
11:40:11.0090 0x1e90 [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32 C:\windows\System32\drivers\msgpiowin32.sys
11:40:11.0102 0x1e90 msgpiowin32 - ok
11:40:11.0105 0x1e90 [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
11:40:11.0119 0x1e90 mshidkmdf - ok
11:40:11.0122 0x1e90 [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf C:\windows\System32\drivers\mshidumdf.sys
11:40:11.0135 0x1e90 mshidumdf - ok
11:40:11.0139 0x1e90 [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
11:40:11.0150 0x1e90 msisadrv - ok
11:40:11.0157 0x1e90 [ 4EAEEBAC8CFF4E0D717DFA920BC58A90, A65CB1BB3392B6A04B978348CAC18A414560A6B04A727F22DFC0ADB20DD3AF6B ] MSiSCSI C:\windows\system32\iscsiexe.dll
11:40:11.0174 0x1e90 MSiSCSI - ok
11:40:11.0178 0x1e90 msiserver - ok
11:40:11.0182 0x1e90 [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
11:40:11.0195 0x1e90 MSKSSRV - ok
11:40:11.0201 0x1e90 [ 51B3AC0560848CD6D65AC2033E293113, 73A27E88774C6929328E6C9FC9C389F4DF76D4D4D5CBFC4F51651CC308829628 ] MsLldp C:\windows\system32\DRIVERS\mslldp.sys
11:40:11.0216 0x1e90 MsLldp - ok
11:40:11.0220 0x1e90 [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
11:40:11.0233 0x1e90 MSPCLOCK - ok
11:40:11.0236 0x1e90 [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM C:\windows\system32\drivers\MSPQM.sys
11:40:11.0250 0x1e90 MSPQM - ok
11:40:11.0261 0x1e90 [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC C:\windows\system32\drivers\MsRPC.sys
11:40:11.0278 0x1e90 MsRPC - ok
11:40:11.0288 0x1e90 [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios C:\windows\System32\drivers\mssmbios.sys
11:40:11.0299 0x1e90 mssmbios - ok
11:40:11.0302 0x1e90 [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE C:\windows\system32\drivers\MSTEE.sys
11:40:11.0316 0x1e90 MSTEE - ok
11:40:11.0322 0x1e90 [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig C:\windows\System32\drivers\MTConfig.sys
11:40:11.0336 0x1e90 MTConfig - ok
11:40:11.0341 0x1e90 [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup C:\windows\system32\Drivers\mup.sys
11:40:11.0353 0x1e90 Mup - ok
11:40:11.0358 0x1e90 [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis C:\windows\system32\drivers\mvumis.sys
11:40:11.0371 0x1e90 mvumis - ok
11:40:11.0383 0x1e90 [ 8DF30698BDD9492A9D45A4B94FB4A82A, 26B1B2D7E785E29B8BCB74C467C66AE4EBDD481ACFF36334F3BDF4506B778244 ] napagent C:\windows\system32\qagentRT.dll
11:40:11.0405 0x1e90 napagent - ok
11:40:11.0417 0x1e90 [ 008F7CED69FD5B30CBDE1E03C6F36A27, D4ADA7834C470B17A3CD976012DC5A511B32545B9F91D23D09A85722E0B75320 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
11:40:11.0440 0x1e90 NativeWifiP - ok
11:40:11.0449 0x1e90 [ BFCE1225D10619029E68946929CEB64C, 499F560331FFBA82E3D673B47F027FDAB7BEE4F2CB5B811D69E0218839F6E6A5 ] NcaSvc C:\windows\System32\ncasvc.dll
11:40:11.0469 0x1e90 NcaSvc - ok
11:40:11.0476 0x1e90 [ 267C97373110B7AFD3B46DF60B6CBB85, CEBB99F71D47634BB9C04DF2836DF6B47F15B3073FEFC237F85526DF01E4E38B ] NcbService C:\windows\System32\ncbservice.dll
11:40:11.0495 0x1e90 NcbService - ok
11:40:11.0502 0x1e90 [ 9ACED0F5B458C9011F39143326494E93, 9DFFC7EE7DE6FD92545EC6A203213C498A01EEFB0BC55460D339BCE498E56A7F ] NcdAutoSetup C:\windows\System32\NcdAutoSetup.dll
11:40:11.0519 0x1e90 NcdAutoSetup - ok
11:40:11.0542 0x1e90 [ 97DC5967F65503213FD1F1B3E4A6F983, 3EC515856C7CE9B30032F963DC04190F66EE62402A819781DC45B7D088C84229 ] NDIS C:\windows\system32\drivers\ndis.sys
11:40:11.0577 0x1e90 NDIS - ok
11:40:11.0583 0x1e90 [ 8CECC8DA55F3274181FD1EA28AD76664, 188112424CEF97FB926A0FB915260B803555A775DD2E1846725A9C8616300F42 ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
11:40:11.0597 0x1e90 NdisCap - ok
11:40:11.0603 0x1e90 [ 269882812E9A68FFF1AFE1283D428322, 50B99EBC42DA9B46A8C2C28C9BADCF58AE3079535CDD1227D0F5C86291C715FF ] NdisImPlatform C:\windows\system32\DRIVERS\NdisImPlatform.sys
11:40:11.0619 0x1e90 NdisImPlatform - ok
11:40:11.0622 0x1e90 [ DC1D9F692C2AD84C214584C28501C1F7, 96FC0D1EC48FED963E02648541A2AAC8E72ED00D797EA8E3D0ED02F5EB4816C5 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
11:40:11.0637 0x1e90 NdisTapi - ok
11:40:11.0641 0x1e90 [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
11:40:11.0655 0x1e90 Ndisuio - ok
11:40:11.0661 0x1e90 [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus C:\windows\System32\drivers\NdisVirtualBus.sys
11:40:11.0676 0x1e90 NdisVirtualBus - ok
11:40:11.0685 0x1e90 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
11:40:11.0704 0x1e90 NdisWan - ok
11:40:11.0709 0x1e90 [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy C:\windows\system32\DRIVERS\ndiswan.sys
11:40:11.0727 0x1e90 NdisWanLegacy - ok
11:40:11.0733 0x1e90 [ B8F36CBC72FC5C8B8A30AD850165EA8E, 478454B1399700B745265A64EC9C797C66BD0141471200BCF222F5EB15B0F40C ] NDProxy C:\windows\system32\drivers\NDProxy.sys
11:40:11.0747 0x1e90 NDProxy - ok
11:40:11.0753 0x1e90 [ 3083926D1CC5B56EA0786527B557DD1B, 3C3F0CA0D43398576DBE8F677B353ADDA7E8F56829874958CE668E31261C1590 ] Ndu C:\windows\system32\drivers\Ndu.sys
11:40:11.0770 0x1e90 Ndu - ok
11:40:11.0774 0x1e90 [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl C:\windows\system32\DRIVERS\netaapl64.sys
11:40:11.0788 0x1e90 Netaapl - ok
11:40:11.0792 0x1e90 [ 42FF4975D032CAE558AE4BB8448F6E5A, 0B8FACF3382443DED79A8004A6AA14C32471A6A1C6BAA543AA9F3FEC52620A6D ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
11:40:11.0807 0x1e90 NetBIOS - ok
11:40:11.0817 0x1e90 [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
11:40:11.0836 0x1e90 NetBT - ok
11:40:11.0841 0x1e90 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] Netlogon C:\windows\system32\lsass.exe
11:40:11.0854 0x1e90 Netlogon - ok
11:40:11.0863 0x1e90 [ 8F074B62E66B6117D9598C62A12069C5, 5FDB19045D3E2F6D0F0C5158AC2ECB0D5404CD2AF7A319755D7E3753CA3B7CF3 ] Netman C:\windows\System32\netman.dll
11:40:11.0882 0x1e90 Netman - ok
11:40:11.0898 0x1e90 [ 4A04B1CD5BFB4A978C5F60E86D6C3E45, A946922C1C38ADD3CF9D3B09DDCC301AE4DAC960A081B2F42B32BE1E7095B3FD ] netprofm C:\windows\System32\netprofmsvc.dll
11:40:11.0923 0x1e90 netprofm - ok
11:40:11.0934 0x1e90 [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:40:11.0947 0x1e90 NetTcpPortSharing - ok
11:40:11.0953 0x1e90 [ D4DCE03870314D3354F3501F9DDD4123, 5BFE8299B3F72B8C39A4965365CBF5BA151024451F02DD872FAD1CC35CF94CEA ] netvsc C:\windows\System32\drivers\netvsc63.sys
11:40:11.0969 0x1e90 netvsc - ok
11:40:12.0036 0x1e90 [ 31D3E4959C410A7DEC2109CA8BF369AD, C62EFB02E950BCAC104051603DEDD9A497ED4FA81D3236008C15AFACE6CBE092 ] NETwNb64 C:\windows\system32\DRIVERS\NETwbw02.sys
11:40:12.0109 0x1e90 NETwNb64 - ok
11:40:12.0199 0x1e90 [ B636B4A8E59A73033B766EA7FD7C3B81, CAC8614DEE83623DE56C969C668A33366793779084B6A23F59ADC98392115F8C ] NETwNe64 C:\windows\system32\DRIVERS\NETwew02.sys
11:40:12.0291 0x1e90 NETwNe64 - ok
11:40:12.0300 0x1e90 [ 2263727032E9B19231A706046B8C82D3, AAAE23FF8164BC03F9C331C324F4C4AC7298535CC0BBBB14E9319D009D92D9E1 ] NetworkX C:\windows\system32\ckldrv.sys
11:40:12.0310 0x1e90 NetworkX - ok
11:40:12.0317 0x1e90 [ 2FF6B48563AAFC12BB8CE2B4E4D7C65F, AAA77EBD643D4EE7EF40E9388CC6F8EA9AC19E491DDE64A8D8B0CAD666B21C94 ] NitroReaderDriverReadSpool3 C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe
11:40:12.0330 0x1e90 NitroReaderDriverReadSpool3 - ok
11:40:12.0341 0x1e90 [ E94EB2A95D7D016E119C4D6868788831, 3E4A925D23262FBA0A6432DD635FBE94B0CEF76BD9BB323254B66977497FEE2A ] NlaSvc C:\windows\System32\nlasvc.dll
11:40:12.0365 0x1e90 NlaSvc - ok
11:40:12.0369 0x1e90 [ 351533ACC2A069B94E80BBFC177E8FDF, 54B2749E0496ECC94CE65657627762B485CBC825767BAEDDAD0D2598820FFB9E ] npf C:\windows\system32\drivers\npf.sys
11:40:12.0380 0x1e90 npf - ok
11:40:12.0387 0x1e90 [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs C:\windows\system32\drivers\Npfs.sys
11:40:12.0402 0x1e90 Npfs - ok
11:40:12.0405 0x1e90 [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig C:\windows\System32\drivers\npsvctrig.sys
11:40:12.0420 0x1e90 npsvctrig - ok
11:40:12.0423 0x1e90 [ 0F12A72A753CFD7FB0631EE8D08FE983, 860A96471F6CD90DDA9AB3A48E95CEAD826C87D2FA98A00EF91B61C44A4C8B82 ] nsi C:\windows\system32\nsisvc.dll
11:40:12.0440 0x1e90 nsi - ok
11:40:12.0444 0x1e90 [ 0E046FF5823B95326D10CF1B4AF23541, 39D22715003746527AB4BFEDED8C34B695DAF589091AE7F3A2A2C4B8A35675A9 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
11:40:12.0459 0x1e90 nsiproxy - ok
11:40:12.0502 0x1e90 [ 7F68063A5A0461E02BC860CE0E6BFDDC, 47E9F75D27B97278B74034B7D3951A26B1644911ED321455E08D935731C858DE ] Ntfs C:\windows\system32\drivers\Ntfs.sys
11:40:12.0556 0x1e90 Ntfs - ok
11:40:12.0563 0x1e90 [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null C:\windows\system32\drivers\Null.sys
11:40:12.0577 0x1e90 Null - ok
11:40:12.0585 0x1e90 [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid C:\windows\system32\drivers\nvraid.sys
11:40:12.0599 0x1e90 nvraid - ok
11:40:12.0606 0x1e90 [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor C:\windows\system32\drivers\nvstor.sys
11:40:12.0621 0x1e90 nvstor - ok
11:40:12.0628 0x1e90 [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp C:\windows\system32\drivers\nv_agp.sys
11:40:12.0640 0x1e90 nv_agp - ok
11:40:12.0652 0x1e90 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
11:40:12.0669 0x1e90 odserv - ok
11:40:12.0675 0x1e90 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
11:40:12.0686 0x1e90 ose - ok
11:40:12.0699 0x1e90 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
11:40:12.0720 0x1e90 p2pimsvc - ok
11:40:12.0734 0x1e90 [ FD8F61F0D1F64BBB3D835F39A3F979C9, E5C5F86576488EA7F605E26C06EE5AFB36506A446F60C894D55E0A148BF7F02D ] p2psvc C:\windows\system32\p2psvc.dll
11:40:12.0757 0x1e90 p2psvc - ok
11:40:12.0765 0x1e90 [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport C:\windows\System32\drivers\parport.sys
11:40:12.0780 0x1e90 Parport - ok
11:40:12.0790 0x1e90 [ BAFF6122CFC9F95CA175AD8C348179A4, 079A912D951DF6A57BC1BDB0D182977EE9592751EC9DDCDA2932BDEDB333850C ] partmgr C:\windows\system32\drivers\partmgr.sys
11:40:12.0802 0x1e90 partmgr - ok
11:40:12.0805 0x1e90 PCASp60 - ok
11:40:12.0818 0x1e90 [ ABE95ABE27A8BD9701782BBCD82C9925, AE3BA1E9ECDE692374D8DAC95A8DAA289DD2470E3D8D58EFAD9F83A37F3AC8E5 ] PcaSvc C:\windows\System32\pcasvc.dll
11:40:12.0841 0x1e90 PcaSvc - ok
11:40:12.0854 0x1e90 [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci C:\windows\system32\drivers\pci.sys
11:40:12.0872 0x1e90 pci - ok
11:40:12.0876 0x1e90 [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide C:\windows\system32\drivers\pciide.sys
11:40:12.0887 0x1e90 pciide - ok
11:40:12.0893 0x1e90 [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia C:\windows\system32\drivers\pcmcia.sys
11:40:12.0906 0x1e90 pcmcia - ok
11:40:12.0913 0x1e90 [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw C:\windows\system32\drivers\pcw.sys
11:40:12.0924 0x1e90 pcw - ok
11:40:12.0930 0x1e90 [ ED54A75050211DC77F9B98C41E026858, F92FB59ADE88469EAA50E91D43165C68CC32FDE11595A0069FD43103A674FE44 ] pdc C:\windows\system32\drivers\pdc.sys
11:40:12.0941 0x1e90 pdc - ok
11:40:12.0958 0x1e90 [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH C:\windows\system32\drivers\peauth.sys
11:40:12.0985 0x1e90 PEAUTH - ok
11:40:13.0012 0x1e90 [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost C:\windows\SysWow64\perfhost.exe
11:40:13.0028 0x1e90 PerfHost - ok
11:40:13.0039 0x1e90 [ A91278E963B3EAC251665B413BBCB33E, B2FF83E045B4883BBB6C6CAEC1038402D6A3766DF7CA2CD23A3DFD54B42559F0 ] PGService C:\Program Files (x86)\Lenovo\Motion Control\PGService.exe
11:40:13.0058 0x1e90 PGService - ok
11:40:13.0066 0x1e90 [ 3A6D56E0E072AB0F022FE03ED8C2693A, 8AA5823F68FEDEDB5E8916BD35832BC438A781142CF1672983D593B903083A68 ] PhoneCompanionPusher C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionPusher.exe
11:40:13.0083 0x1e90 PhoneCompanionPusher - ok
11:40:13.0092 0x1e90 [ 0B2E100645AFAB3204313148DFE42322, C28FA6EF4FD8001E8F3367A7CB32E44F5D6A3E1EFBEC3C947A2FD3C3B0AF3568 ] PhoneCompanionVap C:\Program Files\Lenovo Yoga PhoneCompanion\PhoneCompanionVap.exe
11:40:13.0107 0x1e90 PhoneCompanionVap - ok
11:40:13.0139 0x1e90 [ 70B39E7241F750A248798CE82C44596D, 54A72199EB277EE586611DCBC21654786FD2196F91D5884C4F531297893CC3EC ] pla C:\windows\system32\pla.dll
11:40:13.0183 0x1e90 pla - ok
11:40:13.0190 0x1e90 [ 2C02AFF8383D893F8DBEB07A84F6E77C, 7CC34BAC67E2988E3D16DD6EB6F6785CD2460E3EF7FBD0BD5F86E49793BD473E ] PlugPlay C:\windows\system32\umpnpmgr.dll
11:40:13.0205 0x1e90 PlugPlay - ok
11:40:13.0209 0x1e90 [ 4570F8A37D221660F3A09D6F4DD4BA94, 0EA190CFFA53DF9CCA2D53A4EF1BCB837BA3F2489A3AC5BD11F6D6ED811D118E ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
11:40:13.0225 0x1e90 PNRPAutoReg - ok
11:40:13.0236 0x1e90 [ 26657F3B4F39A0E64AF859278B599C4E, 3DD65E0BCEF3045DBA29FB8171CA3FCC9781AED3A1C7A160CF26388CE80A3683 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
11:40:13.0257 0x1e90 PNRPsvc - ok
11:40:13.0269 0x1e90 [ BDD52AB4AEBB8B1904568DBD0CCB70CB, C3D1DBA349C79B43DCDD9EF5255C5EE973EFB844235B808B5EF9B63A51FF00AA ] PolicyAgent C:\windows\System32\ipsecsvc.dll
11:40:13.0291 0x1e90 PolicyAgent - ok
11:40:13.0300 0x1e90 [ C8DD82C3035E60D671B8CC5DF128D3A9, 6AABF632CBEDA9A7B553BC9134FF100CB6FDC88000D499D2883408FCEDD97576 ] Power C:\windows\system32\umpo.dll
11:40:13.0318 0x1e90 Power - ok
11:40:13.0381 0x1e90 [ E3514CE7CB4AF80ECCA383F065BC77C0, 1EA06D358A07EB9DFB703CEFC4EB834B947B899E0ACFE1C494E2DAED63F1D4B5 ] PrintNotify C:\windows\system32\spool\drivers\x64\3\PrintConfig.dll
11:40:13.0449 0x1e90 PrintNotify - ok
11:40:13.0463 0x1e90 [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor C:\windows\System32\drivers\processr.sys
11:40:13.0477 0x1e90 Processor - ok
11:40:13.0486 0x1e90 [ C8D39A07CAD9EF1C86BD5D7CAC98DA54, 10146D1E023D9BC5B8CBAADE6A70D87A41BDABAA44D812B609C13563DF25527A ] ProfSvc C:\windows\system32\profsvc.dll
11:40:13.0507 0x1e90 ProfSvc - ok
11:40:13.0514 0x1e90 [ FC0141B4A5AD6D637D883C1A89FC45C5, DCE8942C02EEDAE7A57707CA60CAC3A8CD6BA68E6571E405CA882D4DD6D69E43 ] Psched C:\windows\system32\DRIVERS\pacer.sys
11:40:13.0530 0x1e90 Psched - ok
11:40:13.0536 0x1e90 [ DD3FD48D69F5FBBB21D46D1514C1C2DB, 2B188E3AC4BD9B608D375DD550507717852C2AF7C0F99FFED90098999B9D4F01 ] PSI C:\windows\system32\DRIVERS\psi_mf_amd64.sys
11:40:13.0546 0x1e90 PSI - ok
11:40:13.0557 0x1e90 [ DAA9DEE0A5D5F238C4EE54C2C7FB67C5, 7EC8C603BD92699AC35BDCD294F13BEE90D5C2C195FD93A3F16928BFCF53CA93 ] QWAVE C:\windows\system32\qwave.dll
11:40:13.0580 0x1e90 QWAVE - ok
11:40:13.0585 0x1e90 [ 83868EB2924E6BC21A54337C65D614D1, 8D1BE01EBD190231153B867C32120DC8FBFBD32050448A778134D435D76A0B07 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
11:40:13.0600 0x1e90 QWAVEdrv - ok
11:40:13.0611 0x1e90 [ 5545FB5B49268C903F311849DB1942ED, 3C7FDD6A9A8A600F07A475595E48F947C36D9A6DAB6D3D84C44686B5A56FB40F ] qzozigbn C:\windows\system32\drivers\qzozigbn.sys
11:40:13.0631 0x1e90 qzozigbn - ok
11:40:13.0703 0x1e90 [ 9B35220786B06B61D19C54406904E6ED, 166FDD8CC15D3D1B13E2CECC814ED876EA66D65E9308043ED0024660C4F90E8D ] Radio.fx C:\Program Files (x86)\Tobit Radio.fx\Server\rfx-server.exe
11:40:13.0795 0x1e90 Radio.fx - ok
11:40:13.0804 0x1e90 [ B337B1F1E82A83E20A1743E008E25C0F, A2E8AF041B4CAB78AEE28A2147A189FF0F9D2FCEFB167D60FBBA0A787A5A5BE7 ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
11:40:13.0817 0x1e90 RasAcd - ok
11:40:13.0823 0x1e90 [ 044638489B4A5FE5334F46C5314A0826, E06CC2A9EF369794DAD69FBB5AFD1676D4283DDAB2AD5E3EFE454C473F62F955 ] RasAuto C:\windows\System32\rasauto.dll
11:40:13.0840 0x1e90 RasAuto - ok
11:40:13.0855 0x1e90 [ F83B38FCD4F69157B3D158433FA149CC, AB103BD3E2B3B134CB355C556DF70BCF0CF4DB11EFF7DB4A9876D5AA43D81293 ] RasMan C:\windows\System32\rasmans.dll
11:40:13.0883 0x1e90 RasMan - ok
11:40:13.0889 0x1e90 [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
11:40:13.0906 0x1e90 RasPppoe - ok
11:40:13.0917 0x1e90 [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
11:40:13.0941 0x1e90 rdbss - ok
11:40:13.0947 0x1e90 [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus C:\windows\System32\drivers\rdpbus.sys
11:40:13.0962 0x1e90 rdpbus - ok
11:40:13.0969 0x1e90 [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR C:\windows\system32\drivers\rdpdr.sys
11:40:13.0987 0x1e90 RDPDR - ok
11:40:13.0994 0x1e90 [ BC8A79C625568DDB7DCA49D0C2741A64, AB0A7ED9EC2282EC0356D27EA4F70515943E41C2112428B787636B8BEC278933 ] RdpVideoMiniport C:\windows\system32\drivers\rdpvideominiport.sys
11:40:14.0005 0x1e90 RdpVideoMiniport - ok
11:40:14.0013 0x1e90 [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
11:40:14.0029 0x1e90 rdyboost - ok
11:40:14.0053 0x1e90 [ 615DFD97DEA56CE1C3A52185A3038FF8, 707BF5F9FAE478A12656D15013F507CC1335E7B72BD21CA99BB813CB95E37BC0 ] ReFS C:\windows\system32\drivers\ReFS.sys
11:40:14.0083 0x1e90 ReFS - ok
11:40:14.0092 0x1e90 [ 0CF7CB56BF2D5E9DBCEE0185CB626FAD, 2BD2E2FB1D2EADD1F70EF55E8523C353F95D4FEB1BAD5017FA4D94F790F27825 ] RemoteAccess C:\windows\System32\mprdim.dll
11:40:14.0111 0x1e90 RemoteAccess - ok
11:40:14.0120 0x1e90 [ AC8785B53F8436058C90450DA1840AE7, CC1FFC2713910211F8A6AD532DBB9253ACD188CBD784F1BE6613DF382825A3C1 ] RemoteRegistry C:\windows\system32\regsvc.dll
11:40:14.0137 0x1e90 RemoteRegistry - ok
11:40:14.0145 0x1e90 [ DC66AE45816614D2999DCD3834DCCC4E, 1C26225135E851DDD1307F52401DD7055B26B3F3B8FDD693B21042C2896E235A ] RFCOMM C:\windows\System32\drivers\rfcomm.sys
11:40:14.0160 0x1e90 RFCOMM - ok
11:40:14.0173 0x1e90 [ FBA61BB4C484A01A655AFB18FF86C417, D53B2110CB09D0A909C4E330C468351BFE076BB056CCDDCB8ADA2FB91E96352E ] RichVideo64 C:\Program Files\CyberLink\Shared files\RichVideo64.exe
11:40:14.0189 0x1e90 RichVideo64 - ok
11:40:14.0196 0x1e90 [ 65B9FDE300A6DECC03BA44C4616DCAD6, CAD992982733DD20282A3453DC4E554AE1FC077C35479C0CA4E8BC3A9DCD3BB0 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
11:40:14.0213 0x1e90 RpcEptMapper - ok
11:40:14.0219 0x1e90 [ A737B433ABAF3F2DCB2BD7B4CC582B26, 3B5706B0CF0969A9F82060FD4DCC745F2D83C066B663FE8A4F0F493B64032C9C ] RpcLocator C:\windows\system32\locator.exe
11:40:14.0234 0x1e90 RpcLocator - ok
11:40:14.0253 0x1e90 [ A6F17C299A03BAFEFB9257C462A19E00, EB68967D28355271897166D7B6FD963D1E546D3C24AE1AEAAC561F94357A9345 ] RpcSs C:\windows\system32\rpcss.dll
11:40:14.0282 0x1e90 RpcSs - ok
11:40:14.0291 0x1e90 [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
11:40:14.0309 0x1e90 rspndr - ok
11:40:14.0318 0x1e90 [ 9CF8593B62102545CB1652A1D8748FDD, 818639795720A7567CCE01EBC24A0119BFDCEA1B7A5ED4A11B5012D763C1B5CC ] RSUSBSTOR C:\windows\System32\Drivers\RtsUStor.sys
11:40:14.0331 0x1e90 RSUSBSTOR - ok
11:40:14.0340 0x1e90 [ 6CBF283C7EBD07B7BB01D3E33B11BB28, 90B7AF25EFDBC71FDDD48D668BF410DB828ABD512FC02146E76962A8FF053DE9 ] RtkAudioService C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
11:40:14.0355 0x1e90 RtkAudioService - ok
11:40:14.0359 0x1e90 [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap C:\windows\System32\drivers\vms3cap.sys
11:40:14.0371 0x1e90 s3cap - ok
11:40:14.0375 0x1e90 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] SamSs C:\windows\system32\lsass.exe
11:40:14.0388 0x1e90 SamSs - ok
11:40:14.0402 0x1e90 [ 0BA134F4C582D5C7FEE19599813FE7B6, 72B7FD0393C925155D5C062C2AC5971C6A69DA604388C7748EA07545740FC84C ] Samsung Link Service C:\Program Files\Samsung\Samsung Link\Samsung Link.exe
11:40:14.0422 0x1e90 Samsung Link Service - ok
11:40:14.0430 0x1e90 [ 4752E1DBF5671A941CFA6DFC4C840EB7, FEA249AA3F153398161DA8A43165E5B76C291B690C3DDF5D496099771842E273 ] SbieDrv C:\Program Files\Sandboxie\SbieDrv.sys
11:40:14.0443 0x1e90 SbieDrv - ok
11:40:14.0452 0x1e90 [ 208D06C26717783E07104F30B9D3F301, 0F020277740B5AC03DC46592896B7B83AE658DAEDD796EDD1109AE4B7C14DF22 ] SbieSvc C:\Program Files\Sandboxie\SbieSvc.exe
11:40:14.0466 0x1e90 SbieSvc - ok
11:40:14.0471 0x1e90 [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
11:40:14.0484 0x1e90 sbp2port - ok
11:40:14.0494 0x1e90 [ 74A3B67F03877D06B09B1B40C5ED582E, A8FF9BF416F0BF365BFB4E1796859825C811A74B5E54DDDCE8345193BEEBE206 ] SCardSvr C:\windows\System32\SCardSvr.dll
11:40:14.0514 0x1e90 SCardSvr - ok
11:40:14.0520 0x1e90 [ 8B9C4D55B4A536FB01C360DDB9533574, 9B939FE68F6F9C171ED0D91E2CE1E67515295D34EC23606BCDFD097DCC8CFD4A ] ScDeviceEnum C:\windows\System32\ScDeviceEnum.dll
11:40:14.0539 0x1e90 ScDeviceEnum - ok
11:40:14.0544 0x1e90 [ 13BEA6C882D4D877A5A85CA149C86BC1, 8E9BE5C2A36D5881D9985C3A31309FE03966EA13A3541D3C5B542AB67FA0D55F ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
11:40:14.0558 0x1e90 scfilter - ok
11:40:14.0586 0x1e90 [ A626F5E446860F22835E783142D7AE33, 3A786639E1FABCA512F4F91A10811DD3C4D9C9C9BB893362E4D019219D0BD8E2 ] Schedule C:\windows\system32\schedsvc.dll
11:40:14.0623 0x1e90 Schedule - ok
11:40:14.0634 0x1e90 [ 41C0D7B1A6D4AD119BA6AC0487EA5C8E, 516C2B34BA7507D0DA4148B4ABC0A8C36286570D4EA5C60B28647B1249C15018 ] SCPolicySvc C:\windows\System32\certprop.dll
11:40:14.0651 0x1e90 SCPolicySvc - ok
11:40:14.0661 0x1e90 [ C54B6B2170BF628FD42F799A66956D75, BCF460A124CAA6F1F1A9A7BCBDCC2D5E39B0404D96B7C9FFAC806E041782B91E ] sdbus C:\windows\System32\drivers\sdbus.sys
11:40:14.0676 0x1e90 sdbus - ok
11:40:14.0684 0x1e90 [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor C:\windows\System32\drivers\sdstor.sys
11:40:14.0696 0x1e90 sdstor - ok
11:40:14.0702 0x1e90 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
11:40:14.0716 0x1e90 secdrv - ok
11:40:14.0722 0x1e90 [ BA24CEA7152239F42ECD04AFB7C89D24, A2A11EABB0C283772B74667C7544B61BEB1B9745FBF065E831542129EB585AFA ] seclogon C:\windows\system32\seclogon.dll
11:40:14.0738 0x1e90 seclogon - ok
11:40:14.0762 0x1e90 [ 398A81D590424441B2F5C5C08073CADB, 1E064DFCC49EB0D8A4150276BF796B9DFA030C451570A170EC940F8CBAAD80F3 ] Secunia PSI Agent C:\Program Files (x86)\Secunia\PSI\PSIA.exe
11:40:14.0810 0x1e90 Secunia PSI Agent - ok
11:40:14.0829 0x1e90 [ 8C2D3A80FC90A860F0F24DEB67471481, CE4D17B63149C44B4CD5CB7776FD4705DC675F6D2D077D53BE15578294EBC9D4 ] Secunia Update Agent C:\Program Files (x86)\Secunia\PSI\sua.exe
11:40:14.0865 0x1e90 Secunia Update Agent - ok
11:40:14.0870 0x1e90 [ 81FE9A81EDF8016816C9E91FBFBF7D35, 87FB92A3D15F312F0B9C423EF851061A944B013E5668D8C9A441B4DC0EB690AF ] SENS C:\windows\System32\sens.dll
11:40:14.0887 0x1e90 SENS - ok
11:40:14.0895 0x1e90 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsHIDClassDriver C:\windows\System32\drivers\WUDFRd.sys
11:40:14.0914 0x1e90 SensorsHIDClassDriver - ok
11:40:14.0921 0x1e90 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] SensorsServiceDriver C:\windows\System32\drivers\WUDFRd.sys
11:40:14.0936 0x1e90 SensorsServiceDriver - ok
11:40:14.0946 0x1e90 [ 6E4012AE67F09F867EF620C8D5524C0B, 63933E51F8E413E63481369CE2F9FD224560550FBD3BD2B4573E9F4AD88708A2 ] SensrSvc C:\windows\system32\sensrsvc.dll
11:40:14.0966 0x1e90 SensrSvc - ok
11:40:14.0971 0x1e90 [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx C:\windows\system32\drivers\SerCx.sys
11:40:14.0982 0x1e90 SerCx - ok
11:40:14.0989 0x1e90 [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2 C:\windows\system32\drivers\SerCx2.sys
11:40:15.0003 0x1e90 SerCx2 - ok
11:40:15.0007 0x1e90 [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum C:\windows\System32\drivers\serenum.sys
11:40:15.0020 0x1e90 Serenum - ok
11:40:15.0026 0x1e90 [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial C:\windows\System32\drivers\serial.sys
11:40:15.0041 0x1e90 Serial - ok
11:40:15.0046 0x1e90 [ 148195AE95D9BC7375A08846439FDAC1, 3A2F78FD18AA7A6D659921E19335E943894530874AC5AB5E7219CEF28FA54F7A ] sermouse C:\windows\System32\drivers\sermouse.sys
11:40:15.0060 0x1e90 sermouse - ok
11:40:15.0085 0x1e90 [ 3A2F1A7472C3B7CC9B89C8516C726488, 9BCBBAC10C900EA7B30822B463A77EE5067F217C4B490857A09E5277983CB89B ] SessionEnv C:\windows\system32\sessenv.dll
11:40:15.0116 0x1e90 SessionEnv - ok
11:40:15.0120 0x1e90 [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy C:\windows\System32\drivers\sfloppy.sys
11:40:15.0135 0x1e90 sfloppy - ok
11:40:15.0149 0x1e90 [ 8081FF3DAE8159FE8956B09BC29CE983, AC0F305AEE8B1AB2E1275F1D33EC1D2F3E23F234F831BD9D41F415A94A19D3AB ] SharedAccess C:\windows\System32\ipnathlp.dll
11:40:15.0173 0x1e90 SharedAccess - ok
11:40:15.0194 0x1e90 [ 7FD9A61A3523A61FC135D61D6E160314, 409E1CF7A62FD90CBC31AEAFBB7230B02DBEC6CFCA2D266D221A7643FAEBA13B ] ShellHWDetection C:\windows\System32\shsvcs.dll
11:40:15.0226 0x1e90 ShellHWDetection - ok
11:40:15.0239 0x1e90 [ 5545FB5B49268C903F311849DB1942ED, 3C7FDD6A9A8A600F07A475595E48F947C36D9A6DAB6D3D84C44686B5A56FB40F ] sidtohjv C:\windows\system32\drivers\sidtohjv.sys
11:40:15.0258 0x1e90 sidtohjv - ok
11:40:15.0264 0x1e90 [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
11:40:15.0313 0x1e90 SiSRaid2 - ok
11:40:15.0387 0x1e90 [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
11:40:15.0432 0x1e90 SiSRaid4 - ok
11:40:15.0462 0x1e90 [ E6035ADBA3F13ACF1BEDA7B5D50FDBBB, A840D072395F2394E3B55A080F8F17CC3A02E8BCAFE8B8EC0374ECA1EFF05C23 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
11:40:15.0535 0x1e90 SkypeUpdate - ok
11:40:15.0553 0x1e90 [ 7F7580EB77F2F95ED67C8046C69D1242, 81CF1A440EA40FCE6B28E275BEFB5C743F3473DCF05ACBE517ECD7E904DD0A1C ] SmbDrvI C:\windows\system32\DRIVERS\Smb_driver_Intel.sys
11:40:15.0595 0x1e90 SmbDrvI - ok
11:40:15.0605 0x1e90 [ 3C84DCCE5B322F745A75CA8BA3A0F6B3, 1FB94A8A1C63D6FDB82E28ED5B696B3CB1F64183A89A3B5153B266C292CB7815 ] smphost C:\windows\System32\smphost.dll
11:40:15.0639 0x1e90 smphost - ok
11:40:15.0657 0x1e90 [ D0EB0DF8C603BBA084351A92732B1CBE, E24ED8F78EF41C1BC17386AE4BBCE0DC892C5B89B12C03FC9FB61D359B13F1B4 ] SNMPTRAP C:\windows\System32\snmptrap.exe
11:40:15.0691 0x1e90 SNMPTRAP - ok
11:40:15.0723 0x1e90 [ D24B1945ED1F9C96DA786DBBF1E983CE, B46CB0B72B7A3DF94A46B8D65E38535C5F8E72A55CF2DC48EFA1F9A0108691C4 ] spaceport C:\windows\system32\drivers\spaceport.sys
11:40:15.0773 0x1e90 spaceport - ok
11:40:15.0790 0x1e90 [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx C:\windows\system32\drivers\SpbCx.sys
11:40:15.0821 0x1e90 SpbCx - ok
11:40:15.0863 0x1e90 [ 2E3976C857D7230EC8D2B2276E688255, C0A6A84369CB3E709A6FFEBED2B38AB62D731B79D052D6D6FA8EF855BC428778 ] Spooler C:\windows\System32\spoolsv.exe
11:40:15.0932 0x1e90 Spooler - ok
11:40:16.0193 0x1e90 [ 46549AF7CB672BC8138264CC4100E9F8, 6434249FADB07A033FD40C37DF2B775CF0617CF0C3E7C170F2984BD3CE423794 ] sppsvc C:\windows\system32\sppsvc.exe
11:40:16.0385 0x1e90 sppsvc - ok
11:40:16.0411 0x1e90 [ CD599928B2CD35C5991C2E128448FDBA, 58D1CDBBF2242DD920273C1B908A4A7BA7E2848AC3BE88A18193F8D6FE3806E1 ] SPUVCbv C:\windows\System32\Drivers\SPUVCbv_x64.sys
11:40:16.0434 0x1e90 SPUVCbv - ok
11:40:16.0447 0x1e90 [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv C:\windows\system32\DRIVERS\srv.sys
11:40:16.0469 0x1e90 srv - ok
11:40:16.0487 0x1e90 [ 00D8AC8E3053290BDE6EA2FB6810D2FC, 957FEF84CBBAE71829529AE99A1B24F52D7831BD666442D0132FBB825409A75D ] srv2 C:\windows\system32\DRIVERS\srv2.sys
11:40:16.0515 0x1e90 srv2 - ok
11:40:16.0523 0x1e90 [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
11:40:16.0543 0x1e90 srvnet - ok
11:40:16.0554 0x1e90 [ CF6C3037839CF78421A94F9060C2886F, CA98C180AE03F5BE8FEFFBA75BD98DEE2AD4FA975E1EF83215C9CD2476946811 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
11:40:16.0573 0x1e90 SSDPSRV - ok
11:40:16.0580 0x1e90 [ 198A737DBA666F4808D62E9A8277A6B7, 90B6E5E2ACE95D850C913A3A1DA1F966C44955C530004C228FA93B2A536F5C27 ] SstpSvc C:\windows\system32\sstpsvc.dll
11:40:16.0598 0x1e90 SstpSvc - ok
11:40:16.0603 0x1e90 [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor C:\windows\system32\drivers\stexstor.sys
11:40:16.0613 0x1e90 stexstor - ok
11:40:16.0620 0x1e90 [ 8F3C0CCF27CFFE89424F30E9FB3381AB, 74E54541B4A16DC97098428E1715A27557BAB97E05AF346F88958580199C1541 ] StillCam C:\windows\System32\drivers\serscan.sys
11:40:16.0635 0x1e90 StillCam - ok
11:40:16.0653 0x1e90 [ 63E9CE568CF1192771A5F0460DE7D2B9, C27B21FD2C14AD41A59EF62EB8AC95C08EB13CCB1CEECD8378B8CDD4DC352E69 ] stisvc C:\windows\System32\wiaservc.dll
11:40:16.0682 0x1e90 stisvc - ok
11:40:16.0688 0x1e90 [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci C:\windows\system32\drivers\storahci.sys
11:40:16.0700 0x1e90 storahci - ok
11:40:16.0705 0x1e90 [ 8B9486B64E5FC17FB9CC04CA10B77A34, C1EAC9D27DC83E4C56B890D97988C3CCFAE3877309610601F2E3FFFE97686D43 ] storflt C:\windows\system32\drivers\vmstorfl.sys
11:40:16.0716 0x1e90 storflt - ok
11:40:16.0721 0x1e90 [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme C:\windows\system32\drivers\stornvme.sys
11:40:16.0733 0x1e90 stornvme - ok
11:40:16.0737 0x1e90 [ A45F5AC9D8069D0EC66E3CA73103073B, 996788F1C58E016E8E5CF3FD1D220A3C40AFFD6C21361A34636415DB12E0D381 ] StorSvc C:\windows\system32\storsvc.dll
11:40:16.0752 0x1e90 StorSvc - ok
11:40:16.0756 0x1e90 [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc C:\windows\system32\drivers\storvsc.sys
11:40:16.0770 0x1e90 storvsc - ok
11:40:16.0777 0x1e90 [ E395BE02F80A79A6CF973BA38DBB8135, 4C6F85B0EB8E7725BA720F9742561D229726C0D7C17505D1E79F19A5626F6325 ] svsvc C:\windows\system32\svsvc.dll
11:40:16.0793 0x1e90 svsvc - ok
11:40:16.0799 0x1e90 [ 9CFEFD62D86DABFAC12D1C5ED72BA6A4, 1FFE4371450F53FD774CA0349CC28F559695761C18759CEB04933FDF2FD98F65 ] SWDUMon C:\windows\system32\DRIVERS\SWDUMon.sys
11:40:16.0809 0x1e90 SWDUMon - ok
11:40:16.0814 0x1e90 [ 65454187E0F8B6C0DCECB0287D06EC43, 87550000CF5B3C1DF3E69633934AFE8554AE40B6638F190D3185AD63F1D7A2EE ] swenum C:\windows\System32\drivers\swenum.sys
11:40:16.0825 0x1e90 swenum - ok
11:40:16.0841 0x1e90 [ 1C71D72D4997A284128FBEE770726330, 21682BDE74A1108FED1124FB1EA35A03CBFA94ABE1B89CC0FADB4DD82596C43E ] swprv C:\windows\System32\swprv.dll
11:40:16.0870 0x1e90 swprv - ok
11:40:16.0884 0x1e90 [ F3FD427B1C036E060047B920887ACAE8, C5965F957D4D09FA5D579512251F14E7329B84C08B1A234636E750ED520AFF9E ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
11:40:16.0904 0x1e90 SynTP - ok
11:40:16.0935 0x1e90 [ 3114CB46C2853CA71525428CB0C7CB58, A9CC51506AABBC23BAB2B90E30AB13197A72268A3DE6D2F281C1C367ED7118AE ] SysMain C:\windows\system32\sysmain.dll
11:40:16.0971 0x1e90 SysMain - ok
11:40:16.0983 0x1e90 [ D73DBBB96CEE90C2856164AAD8543425, D11ADB5D4C5DD355314CA656D375D0062CAE7462E866F94F1B26D5803F65DCB2 ] SystemEventsBroker C:\windows\System32\SystemEventsBrokerServer.dll
11:40:17.0003 0x1e90 SystemEventsBroker - ok
11:40:17.0011 0x1e90 [ D6A71B95ACF71ACA63B67232059F1BCD, C5CEC032E7AB507500D1CC7A4E65DA6322412C798201A9D770CBDE892E50DFC8 ] TabletInputService C:\windows\System32\TabSvc.dll
11:40:17.0029 0x1e90 TabletInputService - ok
11:40:17.0041 0x1e90 [ 5A5BAB1CA9621E73E25EE4744B67CDA6, 479EBD7BAE1E2AD431153FDC016742F7A8D824716EAB1A4CA87EBBD21D61DECD ] TapiSrv C:\windows\System32\tapisrv.dll
11:40:17.0062 0x1e90 TapiSrv - ok
11:40:17.0113 0x1e90 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] Tcpip C:\windows\system32\drivers\tcpip.sys
11:40:17.0177 0x1e90 Tcpip - ok
11:40:17.0230 0x1e90 [ 746DDF7D59AB8D721C88D48434597E8D, 78BDBAB8D1E86A11804FEB19B355C0FAD04ACE8DD4BDDFDADCE5461E259BCE82 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
11:40:17.0295 0x1e90 TCPIP6 - ok
11:40:17.0307 0x1e90 [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
11:40:17.0320 0x1e90 tcpipreg - ok
11:40:17.0327 0x1e90 [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx C:\windows\system32\DRIVERS\tdx.sys
11:40:17.0342 0x1e90 tdx - ok
11:40:17.0348 0x1e90 [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt C:\windows\System32\drivers\terminpt.sys
11:40:17.0357 0x1e90 terminpt - ok
11:40:17.0382 0x1e90 [ C50997E282576DA492EBA66B059D4196, EBD793CB396F9503376207FA60353F5672DEDB620C8E01C8D6AE0030B3B03339 ] TermService C:\windows\System32\termsrv.dll
11:40:17.0416 0x1e90 TermService - ok
11:40:17.0422 0x1e90 [ 2180DBCE75B914E5E5BBFFFAAE97AA21, 8000AECC8855903DB50ABA7E304396D1FCEAE8DC9ADD4FC50275CF24B4D914DE ] Themes C:\windows\system32\themeservice.dll
11:40:17.0437 0x1e90 Themes - ok
11:40:17.0444 0x1e90 [ 4C5179DB61B9E14BEC15CDC4B152B2E9, 9048BEC7AD6A3F4B640E99B1F0365AC9A46740B188758FBB2C160EF30AD6E64B ] THREADORDER C:\windows\system32\mmcss.dll
11:40:17.0460 0x1e90 THREADORDER - ok
11:40:17.0468 0x1e90 [ B5ED9CC61798C7D44BD535D40B89EFB5, 1BDCEAA9AF2096381870D92129C748F4EE06A1167ABA9367B9DD43BAF27E3F5B ] TimeBroker C:\windows\System32\TimeBrokerServer.dll
11:40:17.0487 0x1e90 TimeBroker - ok
11:40:17.0496 0x1e90 [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM C:\windows\system32\drivers\tpm.sys
11:40:17.0509 0x1e90 TPM - ok
11:40:17.0516 0x1e90 [ 884113C2BB703FE806C8608B75F34831, 24DE5750CA4363455412BABB0B1FAB08497153E8F158ED44958F100410F93506 ] TrkWks C:\windows\System32\trkwks.dll
11:40:17.0534 0x1e90 TrkWks - ok
11:40:17.0541 0x1e90 [ 370A6907DDF79532A39319492B1FA38A, 46AECC5160F04FC3FFE4D37B404CCBBD1C5DC1501C2CEEE8284FF544DBDF10F8 ] truecrypt C:\windows\system32\drivers\truecrypt.sys
11:40:17.0557 0x1e90 truecrypt - ok
11:40:17.0569 0x1e90 [ 3E75A47D2DEFD2683DCA409572FBE8B2, 33964B1A05E045D3B878CDFD9F52A9086B4FA54D6D4D1DC38062D2874CACD4A0 ] trufos C:\windows\system32\DRIVERS\trufos.sys
11:40:17.0589 0x1e90 trufos - ok
11:40:17.0595 0x1e90 [ 44A94FB4C76528D2382FFE04B05827C3, B0BCDF7CD1D65E61A9061D539D83527A89B69583958F8A26C6BF9766C1B61E0C ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
11:40:17.0612 0x1e90 TrustedInstaller - ok
11:40:17.0620 0x1e90 [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
11:40:17.0635 0x1e90 TsUsbFlt - ok
11:40:17.0641 0x1e90 [ 20185BEB7512EDE4EFECDFA148AC9F99, 6F539478493C0F87F3DDF67A4A6D4D41E9474EEF21434E856350CE149A34EA9F ] TsUsbGD C:\windows\System32\drivers\TsUsbGD.sys
11:40:17.0657 0x1e90 TsUsbGD - ok
11:40:17.0664 0x1e90 [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
11:40:17.0683 0x1e90 tunnel - ok
11:40:17.0687 0x1e90 [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35 C:\windows\system32\drivers\uagp35.sys
11:40:17.0699 0x1e90 uagp35 - ok
11:40:17.0705 0x1e90 [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor C:\windows\System32\drivers\uaspstor.sys
11:40:17.0717 0x1e90 UASPStor - ok
11:40:17.0726 0x1e90 [ 807F8CF3E973305FC435C61CBBEE2A49, 43CDEAC2BFC5091C11DFC0E7F7171AF9A598AE56CB056C3CF382AE7807F79EF0 ] UCX01000 C:\windows\System32\drivers\ucx01000.sys
11:40:17.0740 0x1e90 UCX01000 - ok
11:40:17.0757 0x1e90 [ C61EAF8E1E4B2F62BA4FDF457440B2C6, 961F76A789925234AC27F56AAE34556FA06088D71580B42C24B0BC209EAFD67E ] udfs C:\windows\system32\DRIVERS\udfs.sys
11:40:17.0778 0x1e90 udfs - ok
11:40:17.0788 0x1e90 [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI C:\windows\System32\drivers\UEFI.sys
11:40:17.0799 0x1e90 UEFI - ok
11:40:17.0807 0x1e90 [ A867F0F978EE64C87FADC3B100869EE4, 2686BE85F963D0D0BB275E92E5B543280D8742CF10772303E3189D0719B6A277 ] UI0Detect C:\windows\system32\UI0Detect.exe
11:40:17.0823 0x1e90 UI0Detect - ok
11:40:17.0828 0x1e90 [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
11:40:17.0839 0x1e90 uliagpkx - ok
11:40:17.0844 0x1e90 [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus C:\windows\System32\drivers\umbus.sys
11:40:17.0859 0x1e90 umbus - ok
11:40:17.0867 0x1e90 [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass C:\windows\System32\drivers\umpass.sys
11:40:17.0880 0x1e90 UmPass - ok
11:40:17.0889 0x1e90 [ A023F267A262D5DA6CE1436D9C5E8FD9, 92AD7AF91184C244A7E392F49663143193A80D5D81114546A00F18227DE31D23 ] UmRdpService C:\windows\System32\umrdp.dll
11:40:17.0912 0x1e90 UmRdpService - ok
11:40:17.0926 0x1e90 [ 358696C459C8FFC30770448977014F5A, A2D612E826AB65B7EDB3629C55875F67814E86ABD3B27C7BE1760D2103DF18FA ] UPDATESRV C:\Program Files\Bitdefender\Bitdefender 2015\updatesrv.exe
11:40:17.0937 0x1e90 UPDATESRV - ok
11:40:17.0952 0x1e90 [ C98493DD8E6A50154FAC75C15E1C36BB, CECD1C826C8F7AF05468871BF6A0ACDBB6B0202F4F87F48C6D367E5BD699E800 ] upnphost C:\windows\System32\upnphost.dll
11:40:17.0976 0x1e90 upnphost - ok
11:40:17.0983 0x1e90 [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64 C:\windows\System32\Drivers\usbaapl64.sys
11:40:17.0997 0x1e90 USBAAPL64 - ok
11:40:18.0007 0x1e90 [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp C:\windows\System32\drivers\usbccgp.sys
11:40:18.0021 0x1e90 usbccgp - ok
11:40:18.0028 0x1e90 [ 0139248F6B95CF0D837B5B46A2722D40, 38E3E704E0364F07732DB418AEBD126B040FB3CDB7D78EA36E8605D50D528A80 ] usbcir C:\windows\System32\drivers\usbcir.sys
11:40:18.0043 0x1e90 usbcir - ok
11:40:18.0050 0x1e90 [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci C:\windows\System32\drivers\usbehci.sys
11:40:18.0062 0x1e90 usbehci - ok
11:40:18.0082 0x1e90 [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub C:\windows\System32\drivers\usbhub.sys
11:40:18.0103 0x1e90 usbhub - ok
11:40:18.0121 0x1e90 [ 95B0179BDA907252025DEEA183699FB3, A6BDFB93EE9418A83407024204A41640A08638C60E2BE75C249D102601DC1D80 ] USBHUB3 C:\windows\System32\drivers\UsbHub3.sys
11:40:18.0140 0x1e90 USBHUB3 - ok
11:40:18.0146 0x1e90 [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci C:\windows\System32\drivers\usbohci.sys
11:40:18.0169 0x1e90 usbohci - ok
11:40:18.0173 0x1e90 [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint C:\windows\System32\drivers\usbprint.sys
11:40:18.0188 0x1e90 usbprint - ok
11:40:18.0197 0x1e90 [ 66732C13628BDB1AB0D6FD46027327C2, B582C0F348D8F79419CA5A58F10CA151E06D7CA3BE162344CADA46D9D7FED97C ] USBSTOR C:\windows\System32\drivers\USBSTOR.SYS
11:40:18.0209 0x1e90 USBSTOR - ok
11:40:18.0214 0x1e90 [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci C:\windows\System32\drivers\usbuhci.sys
11:40:18.0230 0x1e90 usbuhci - ok
11:40:18.0241 0x1e90 [ 5C8F604F6DC74177CDD8372D7B1ADFF0, C1DE9A37A7A01CCCBFCE13C1E5B26683F620AB21EDA5A14C82022E2F49C84484 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
11:40:18.0258 0x1e90 usbvideo - ok
11:40:18.0270 0x1e90 [ 44603DA5A87FB491EF59C889EBBB4DDB, 59AA9B6B0B5D66F9312CD3F999D0D9F12F1A2C5D230365AD7287CD71FD86961C ] USBXHCI C:\windows\System32\drivers\USBXHCI.SYS
11:40:18.0288 0x1e90 USBXHCI - ok
11:40:18.0293 0x1e90 [ 382100E75B6F4668AEAEF228C6CEFFAD, 9C7229F10F11D18E1FED6395391A46225A84B421034B9AB6F81AF7430FDC556F ] VaultSvc C:\windows\system32\lsass.exe
11:40:18.0305 0x1e90 VaultSvc - ok
11:40:18.0325 0x1e90 [ D6C1F7B354C49A248BD897D4B7BA3C37, 90C9E8BED1AEB314636A7BC86E26E484EADE53C744D2E8A7A316459709760A5E ] VBoxDrv C:\windows\system32\DRIVERS\VBoxDrv.sys
11:40:18.0353 0x1e90 VBoxDrv - ok
11:40:18.0360 0x1e90 [ 95717FCA60876284568B5CD476A59C41, 9A360985F072448A89890ACC5DD2155DDA0FD1EC2FFAC4697F0CFE60548CC980 ] VBoxNetAdp C:\windows\system32\DRIVERS\VBoxNetAdp.sys
11:40:18.0373 0x1e90 VBoxNetAdp - ok
11:40:18.0379 0x1e90 [ 15C038D331E2497DF81926A379D87FEC, C56208F4F6D1FD2E6CB6ECB6B258ABE71B22CC07136258C623FE42676E6F26AF ] VBoxNetFlt C:\windows\system32\DRIVERS\VBoxNetFlt.sys
11:40:18.0392 0x1e90 VBoxNetFlt - ok
11:40:18.0398 0x1e90 [ 93B031F740A2E1BB8B6C713DD09A897F, 22AF911DD4C1C1E256F0CA086CF32F222E1040056C859A2E97AA1D39A0A4B0AB ] VBoxUSBMon C:\windows\system32\DRIVERS\VBoxUSBMon.sys
11:40:18.0410 0x1e90 VBoxUSBMon - ok
11:40:18.0415 0x1e90 [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
11:40:18.0426 0x1e90 vdrvroot - ok
11:40:18.0456 0x1e90 [ 8A4D808D1EC7C1C47B2C8BF488A9A07A, 63C07312ADB6F8A8BDE93361C30AC63DAB4DE1141AF54630EEF11E54B0BF983D ] vds C:\windows\System32\vds.exe
11:40:18.0494 0x1e90 vds - ok
11:40:18.0503 0x1e90 [ D984692B223DAFE89225712D254FAE0A, 1FA77E5648210005C57D20430C1CFA6A42D2C27088BE5F5757384BC70E5BF38A ] veracrypt C:\windows\system32\drivers\veracrypt.sys
11:40:18.0517 0x1e90 veracrypt - ok
11:40:18.0522 0x1e90 [ F7579733F4E8FF9B534C3F7D38F25C2C, 449FED49F2178D2A8000549B180606D050751762F53E600C13CFBEC91601DE87 ] VeriFaceSrv C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe
11:40:18.0534 0x1e90 VeriFaceSrv - ok
11:40:18.0541 0x1e90 [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt C:\windows\system32\drivers\VerifierExt.sys
11:40:18.0555 0x1e90 VerifierExt - ok
11:40:18.0574 0x1e90 [ F6ECFD6128A16A4851CFE98D4E01B011, C349893E8D7FB9B510A3FAD040F70C3C72B0ACDD5F6EB336951849F9E953717D ] vhdmp C:\windows\System32\drivers\vhdmp.sys
11:40:18.0595 0x1e90 vhdmp - ok
11:40:18.0601 0x1e90 [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide C:\windows\system32\drivers\viaide.sys
11:40:18.0611 0x1e90 viaide - ok
11:40:18.0620 0x1e90 [ 511AD3FF957A0127E6BD336FF6F89C38, 55325BFD0857A1204F7F6F8ED8C91C07B0E20A50402105708E7365ECD9E25A21 ] vmbus C:\windows\system32\drivers\vmbus.sys
11:40:18.0632 0x1e90 vmbus - ok
11:40:18.0636 0x1e90 [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID C:\windows\System32\drivers\VMBusHID.sys
11:40:18.0650 0x1e90 VMBusHID - ok
11:40:18.0654 0x1e90 vmci - ok
11:40:18.0668 0x1e90 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicguestinterface C:\windows\System32\ICSvc.dll
11:40:18.0692 0x1e90 vmicguestinterface - ok
11:40:18.0704 0x1e90 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicheartbeat C:\windows\System32\ICSvc.dll
11:40:18.0728 0x1e90 vmicheartbeat - ok
11:40:18.0745 0x1e90 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmickvpexchange C:\windows\System32\ICSvc.dll
11:40:18.0768 0x1e90 vmickvpexchange - ok
11:40:18.0782 0x1e90 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicrdv C:\windows\System32\ICSvc.dll
11:40:18.0803 0x1e90 vmicrdv - ok
11:40:18.0817 0x1e90 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicshutdown C:\windows\System32\ICSvc.dll
11:40:18.0840 0x1e90 vmicshutdown - ok
11:40:18.0852 0x1e90 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmictimesync C:\windows\System32\ICSvc.dll
11:40:18.0875 0x1e90 vmictimesync - ok
11:40:18.0888 0x1e90 [ C42C38E15C0DC39D4B0BDF34F733E468, 7264680C44FA68BB1FC0A490FE3988AFDE19892295F7458943D8CBEE6C01D4F0 ] vmicvss C:\windows\System32\ICSvc.dll
11:40:18.0911 0x1e90 vmicvss - ok
11:40:18.0916 0x1e90 VMnetAdapter - ok
11:40:18.0922 0x1e90 [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr C:\windows\system32\drivers\volmgr.sys
11:40:18.0934 0x1e90 volmgr - ok
11:40:18.0945 0x1e90 [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx C:\windows\system32\drivers\volmgrx.sys
11:40:18.0963 0x1e90 volmgrx - ok
11:40:18.0977 0x1e90 [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap C:\windows\system32\drivers\volsnap.sys
11:40:18.0994 0x1e90 volsnap - ok
11:40:19.0002 0x1e90 [ EF31713EE4C7CCFE4049F7E7F15645A2, 35D198D3F1061E19A7EF89FA1E75377049CD6BCA9702F8076B9F95BB8737E0D4 ] vpci C:\windows\System32\drivers\vpci.sys
11:40:19.0014 0x1e90 vpci - ok
11:40:19.0021 0x1e90 [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid C:\windows\system32\drivers\vsmraid.sys
11:40:19.0036 0x1e90 vsmraid - ok
11:40:19.0067 0x1e90 [ 3B7F9612439EA47151EC5EAB232C1C3F, CA08CCB14CB46512F72E2C20454242B18BC57E34C55B42A37B7EC27B79242CDC ] VSS C:\windows\system32\vssvc.exe
11:40:19.0108 0x1e90 VSS - ok
11:40:19.0140 0x1e90 [ EA0C3B02445CD6B4394C347C8D989491, 1948C54AEE5D4C0D8E54B790A47CA4194669DBF4DEDCE87F0CA5E7933E5CB6D2 ] VSSERV C:\Program Files\Bitdefender\Bitdefender 2015\vsserv.exe
11:40:19.0178 0x1e90 VSSERV - ok
11:40:19.0190 0x1e90 [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID C:\windows\system32\drivers\vstxraid.sys
11:40:19.0208 0x1e90 VSTXRAID - ok
11:40:19.0214 0x1e90 [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus C:\windows\System32\drivers\vwifibus.sys
11:40:19.0230 0x1e90 vwifibus - ok
11:40:19.0237 0x1e90 [ 35BF5C5F5E3C9902C98978C7640574DA, C61E50B04000DCEC72365723F0C0725C2E005529DAF2777A59E624C14DA29E55 ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
11:40:19.0250 0x1e90 vwififlt - ok
11:40:19.0255 0x1e90 [ 65ED7B9CFEA893DF7748D5FF692690DE, 73AB9D8BB928B3247BDFC7BB47AD7FCA763B375DC250C251DB4E0573531040E8 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
11:40:19.0268 0x1e90 vwifimp - ok
11:40:19.0281 0x1e90 [ DC821E811EFBB65CDD77FBB8B6ECA385, B7C8AACDF81DBA298F2F384983D36B269876C31F0398D89BF9070217A069B96F ] W32Time C:\windows\system32\w32time.dll
11:40:19.0304 0x1e90 W32Time - ok
11:40:19.0309 0x1e90 [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen C:\windows\System32\drivers\wacompen.sys
11:40:19.0325 0x1e90 WacomPen - ok
11:40:19.0356 0x1e90 [ A81988DCC4FA440AA88B84CA452F5E22, 3573AAA09971E8ADB6FEFA778E02B2D8EE5E4249267CF37A524D9F019CC836FB ] wbengine C:\windows\system32\wbengine.exe
11:40:19.0399 0x1e90 wbengine - ok
11:40:19.0414 0x1e90 [ 0F1DFA2FED73FA78B8C3CDE332A870F6, 1089F6F585F5350D349A640EBD3117832DF6B3657EB6667CB00AE217E04ACA17 ] WbioSrvc C:\windows\System32\wbiosrvc.dll
11:40:19.0437 0x1e90 WbioSrvc - ok
11:40:19.0450 0x1e90 [ 0EAEC313B24837613621B4A2536ED382, 61C194ED7FA7D65BBE61A546D5FCA52F52AB08324E084D3EC23C9706E9BF0175 ] Wcmsvc C:\windows\System32\wcmsvc.dll
11:40:19.0476 0x1e90 Wcmsvc - ok
11:40:19.0491 0x1e90 [ F6B4C2280FF7C7156AC8A4687B9DA35E, 1899D584D7469BB49355D84080051E2575B033E6312009D9C6C1DD3F7F9AA4C5 ] wcncsvc C:\windows\System32\wcncsvc.dll
11:40:19.0513 0x1e90 wcncsvc - ok
11:40:19.0519 0x1e90 [ B7BF1D783F5B2484E8CE1C0C78257F16, 468601199FCCF63DBAE86EE6B8825EA85B2A1EE177413353FFA2CC9CA5249FCD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
11:40:19.0535 0x1e90 WcsPlugInService - ok
11:40:19.0539 0x1e90 [ 1751F6B031ADAC34724511057D2E455D, BCBC77DE02718868302F7469E8FBB8F2E7E0F8A5D3E46A5B4D48713E829FBAF6 ] WdBoot C:\windows\system32\drivers\WdBoot.sys
11:40:19.0552 0x1e90 WdBoot - ok
11:40:19.0571 0x1e90 [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
11:40:19.0598 0x1e90 Wdf01000 - ok
11:40:19.0608 0x1e90 [ D296D0F0DB2CD1504F90405603664493, 9531034AE2E027B5C7366713AA9003085501800B35F971D1CE7FFB8E5DAE3825 ] WdFilter C:\windows\system32\drivers\WdFilter.sys
11:40:19.0625 0x1e90 WdFilter - ok
11:40:19.0633 0x1e90 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiServiceHost C:\windows\system32\wdi.dll
11:40:19.0651 0x1e90 WdiServiceHost - ok
11:40:19.0656 0x1e90 [ F581F9C9D6953FABFA24E67105F0B614, 5A7BB72523D1C53BBE68700537D7AE0D150BC7E4B8227A916B2E29EE4CA267A9 ] WdiSystemHost C:\windows\system32\wdi.dll
11:40:19.0674 0x1e90 WdiSystemHost - ok
11:40:19.0683 0x1e90 [ 9F4DF0043965808973023A9B51A11136, 3A799125CBC5C214D9FBB91C348B39563B1FDB7403B520270752E9A177464723 ] WdNisDrv C:\windows\system32\Drivers\WdNisDrv.sys
11:40:19.0695 0x1e90 WdNisDrv - ok
11:40:19.0699 0x1e90 WdNisSvc - ok
11:40:19.0707 0x1e90 [ 185E4111627F7AA6799E1366B5E91D65, 7A02C816DFBCCF47EDB49E5E2005A3D0B80719FAC94F9298D2DBAC63950EDA05 ] WebClient C:\windows\System32\webclnt.dll
11:40:19.0727 0x1e90 WebClient - ok
11:40:19.0738 0x1e90 [ 384E1D04FE20845B2559D292F17A9FA1, AD3B0B2B2219691AC30FEEC8AFDB3BBB74B51BB7D02038AE2B4DEA514E245315 ] Wecsvc C:\windows\system32\wecsvc.dll
11:40:19.0757 0x1e90 Wecsvc - ok
11:40:19.0763 0x1e90 [ 455014F4E48B67EBE0F032E2B0E06BF2, A36435784A034B27056A0E606683A20C69F1B0AB2B6BAEDEAEAA190F6287CAEF ] WEPHOSTSVC C:\windows\system32\wephostsvc.dll
11:40:19.0779 0x1e90 WEPHOSTSVC - ok
11:40:19.0786 0x1e90 [ F13DBA57CEA9B7074B95EDCA6AD2635E, 1D9BA4841EF1343A5D9096B5FE27FC65DC1901D6683DD13516171638549666B5 ] wercplsupport C:\windows\System32\wercplsupport.dll
11:40:19.0807 0x1e90 wercplsupport - ok
11:40:19.0814 0x1e90 [ FD7E58B6AA3EABF2D12B9762A20E11E4, 4C5E2E246C5C70074866BB3DBC2AAF483ECE4345004CCB8D1FE285047268685D ] WerSvc C:\windows\System32\WerSvc.dll
11:40:19.0833 0x1e90 WerSvc - ok
11:40:19.0839 0x1e90 [ 715ABA3DD164D06457A2A3C92F6EA9D5, E6F8269D2FFC4A548B65724C0A3F53756ED15E47229861FBD40B656EE40FE166 ] WFPLWFS C:\windows\system32\DRIVERS\wfplwfs.sys
11:40:19.0852 0x1e90 WFPLWFS - ok
11:40:19.0858 0x1e90 [ 8C840E1FD7584E74BD0CC1EA581EC187, 148E534A94B4882E7396B13FABE17407802292E7890713540080D03D5629C81D ] WiaRpc C:\windows\System32\wiarpc.dll
11:40:19.0875 0x1e90 WiaRpc - ok
11:40:19.0882 0x1e90 [ 5F66B7BB330AA80067FC66149A692620, 92C5D7115A168A23108B65EEEB5FBA8FA43D781855355792596D2419160263C2 ] WIMMount C:\windows\system32\drivers\wimmount.sys
11:40:19.0893 0x1e90 WIMMount - ok
11:40:19.0897 0x1e90 WinDefend - ok
11:40:19.0921 0x1e90 [ 10DAD6A7FC617A221313BD584E3C3A00, F139B878668ECF38FE59831E8595A207D5CEEE76C6FFDA8C9F735435E601A763 ] WinHttpAutoProxySvc C:\windows\system32\winhttp.dll
11:40:19.0950 0x1e90 WinHttpAutoProxySvc - ok
11:40:19.0963 0x1e90 [ FC8BD690321216C32BB58B035B6D5674, D61698DB19D9DB2593B60B6BA13F7B7735667206F41D751D507135469D6D3CDD ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
11:40:19.0982 0x1e90 Winmgmt - ok
11:40:20.0040 0x1e90 [ 75436315AA383CF527695C6D49D0CA59, E3D55F2ACBD45D4D031FA6CA799394459C89BE50FF6ADE4FE36F2CAB2D2E63D0 ] WinRM C:\windows\system32\WsmSvc.dll
11:40:20.0110 0x1e90 WinRM - ok
11:40:20.0124 0x1e90 [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb C:\windows\System32\drivers\WinUsb.sys
11:40:20.0138 0x1e90 WinUsb - ok
11:40:20.0171 0x1e90 [ DC079BA8390089E4EBCA63D27EEA3ECB, 4D549217A68292E2B16C09FD9F84317011EE54A2DAF4E2AB85554267DF0D3249 ] WlanSvc C:\windows\System32\wlansvc.dll
11:40:20.0212 0x1e90 WlanSvc - ok
11:40:20.0250 0x1e90 [ 06BF5897949A8F24893F792E876B71F5, 9D3719492A86BF52A56E2EA798FD6FDB5862A03F6D360FCC4B0CEA9BE9792AE4 ] wlidsvc C:\windows\system32\wlidsvc.dll
11:40:20.0373 0x1e90 wlidsvc - ok
11:40:20.0427 0x1e90 [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi C:\windows\System32\drivers\wmiacpi.sys
11:40:20.0452 0x1e90 WmiAcpi - ok
11:40:20.0469 0x1e90 [ B96F7A1236C3F21212DE2C40A3DDB005, 5A29EBB6DA036E303611EB1304192655021405BB05452FD37886DDE604FF0D9D ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
11:40:20.0507 0x1e90 wmiApSrv - ok
11:40:20.0515 0x1e90 WMPNetworkSvc - ok
11:40:20.0528 0x1e90 [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof C:\windows\system32\drivers\Wof.sys
11:40:20.0555 0x1e90 Wof - ok
11:40:20.0601 0x1e90 [ 588040D595BBF0856CA1ADD941A8ED17, CBC92BB5453FE1BEA6F33239B7CE884F312559591383408EA5F95A006156C5D3 ] workfolderssvc C:\windows\system32\workfolderssvc.dll
11:40:20.0646 0x1e90 workfolderssvc - ok
11:40:20.0655 0x1e90 [ A2468CC3509394A33C4C32F99563D845, 62690C7D41F382DF74B8F4B942647842858E37DE35FF2DE028192E4D09ABB2C5 ] wpcfltr C:\windows\system32\DRIVERS\wpcfltr.sys
11:40:20.0670 0x1e90 wpcfltr - ok
11:40:20.0676 0x1e90 [ 19F4DF69876DA7E9C4965351560FE6B7, 127247A7964F55EE3AF842D25120F5ACD387632BEE2BF3D28FAC05840CEA19BA ] WPCSvc C:\windows\System32\wpcsvc.dll
11:40:20.0698 0x1e90 WPCSvc - ok
11:40:20.0705 0x1e90 [ 2ADE11F3D84709C5F6781E4C59F11683, F003C43396CF8FCF44EAB87583650DB4D2A233322D28D6A78D1694945D9073BB ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
11:40:20.0724 0x1e90 WPDBusEnum - ok
11:40:20.0729 0x1e90 [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr C:\windows\system32\drivers\WpdUpFltr.sys
11:40:20.0739 0x1e90 WpdUpFltr - ok
11:40:20.0744 0x1e90 [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
11:40:20.0758 0x1e90 ws2ifsl - ok
11:40:20.0767 0x1e90 [ 5596C0960ED6ED7494BF2A55DE428684, C95CF09A657F37F421CC80E16F2F95B8EC59A8D5D48F104551155EAC8E53DCB2 ] wscsvc C:\windows\System32\wscsvc.dll
11:40:20.0785 0x1e90 wscsvc - ok
11:40:20.0790 0x1e90 [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice C:\windows\System32\drivers\WSDPrint.sys
11:40:20.0803 0x1e90 WSDPrintDevice - ok
11:40:20.0808 0x1e90 [ 58035FD3369879E02D65989C44D27450, B9245DB5C17F7CE94FAA20AB4B0D06A4DFB6133C6E82343758CDC713EB64DFEF ] WSDScan C:\windows\System32\drivers\WSDScan.sys
11:40:20.0821 0x1e90 WSDScan - ok
11:40:20.0825 0x1e90 WSearch - ok
11:40:20.0892 0x1e90 [ 6B2D71124C1EA86B74412F414C42431D, 078CC6C9667EF6BDA3E6900BC26A5A5B030CAA66928A6BBB7B7DC43C5C199EDC ] WSService C:\windows\System32\WSService.dll
11:40:20.0987 0x1e90 WSService - ok
11:40:21.0000 0x1e90 [ 72B4E9DF6456C43C42A1419B09486045, 536BA7377B5BEA7EA46864453933111DB88DB8FB689C68915ACD7261A996E61D ] wsvd C:\windows\system32\DRIVERS\wsvd.sys
11:40:21.0012 0x1e90 wsvd - ok
11:40:21.0081 0x1e90 [ BB6F53F80AA1789815963C16E303A973, B140D5A4633C39E84A5C7DB86C7E869FB5D993B924998BF8CC2B8F07E382CCEA ] wuauserv C:\windows\system32\wuaueng.dll
11:40:21.0172 0x1e90 wuauserv - ok
11:40:21.0183 0x1e90 [ 481286719402E4BAEFEA0604AB1B5113, F3CF65DF2AB39F79AE4C1335831408418E40726706E0242677E8B96B0FAD988F ] WudfPf C:\windows\system32\drivers\WudfPf.sys
11:40:21.0198 0x1e90 WudfPf - ok
11:40:21.0205 0x1e90 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFRd C:\windows\System32\drivers\WUDFRd.sys
11:40:21.0223 0x1e90 WUDFRd - ok
11:40:21.0232 0x1e90 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFSensorLP C:\windows\System32\drivers\WUDFRd.sys
11:40:21.0250 0x1e90 WUDFSensorLP - ok
11:40:21.0258 0x1e90 [ 51D28F7F1F888DDCF2C67DCF3B79A5D3, 74FF2936AFCEB9A36175D5B00EB91A5AD614B52BE3FB3FA9B994A025A484D2B7 ] wudfsvc C:\windows\System32\WUDFSvc.dll
11:40:21.0277 0x1e90 wudfsvc - ok
11:40:21.0289 0x1e90 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdFs C:\windows\System32\drivers\WUDFRd.sys
11:40:21.0306 0x1e90 WUDFWpdFs - ok
11:40:21.0315 0x1e90 [ D7B4859227B02BCC1055B279A63C937F, 82C99844CC596C2723523B1B98573488FF23337947B78AA04BA21E58394BB751 ] WUDFWpdMtp C:\windows\System32\drivers\WUDFRd.sys
11:40:21.0333 0x1e90 WUDFWpdMtp - ok
11:40:21.0348 0x1e90 [ A0900F8F628B5AF6841414EB3CF11E50, 8A531F2472FF4B4D895D469D28C215C834ECADBEF539894B8F3F606079A86184 ] WwanSvc C:\windows\System32\wwansvc.dll
11:40:21.0375 0x1e90 WwanSvc - ok
11:40:21.0385 0x1e90 [ 17BFB2EE1B300127071ED386E9B8F47D, E485768AD6B356DAF565A958BB8E4DCFD6C2BF69D7938EFE065A99E81993F36F ] ymc C:\ProgramData\LenovoTransition\Server\x64\ymc.exe
11:40:21.0399 0x1e90 ymc - ok
11:40:21.0404 0x1e90 [ D4518D2080B3D29FCCDFAEC61529F537, 4941F4835283BD7F7A66F7C19501D7A6BB38C54C90EF59437681D7F02AAA385D ] YogaPicks.AppService C:\Program Files (x86)\Lenovo\Yoga Picks\Service\x64\YogaPicks.AppService.exe
11:40:21.0416 0x1e90 YogaPicks.AppService - ok
11:40:21.0436 0x1e90 ================ Scan global ===============================
11:40:21.0441 0x1e90 [ 243F54DBA6EB48A369CA465E263ABA4A, 9D9F9DE783D000F3EA130EB68FD71319F21E4F1CD4232FB8B2F8A9A67E08F5F4 ] C:\windows\system32\basesrv.dll
11:40:21.0451 0x1e90 [ EAB311B0A7A8EA0346F14F08D4BC8F46, 11168E4074679F8A69DA714C0ABD0C68BA49D171B379343F14783C9C563202CA ] C:\windows\system32\winsrv.dll
11:40:21.0471 0x1e90 [ 3600ED7EA8AED849E20700551C0BD63B, 4A8C346C1646E80B58EF93F87F915A41E05CA2E993BB1C96955AE62A0669AF66 ] C:\windows\system32\sxssrv.dll
11:40:21.0485 0x1e90 [ E0C7813A97CA7947FF5C18A8F3B61A45, 083BB4F3B20419C87DB656F1465E5F782ACDE76838CDE6207F26AAD035C69DE0 ] C:\windows\system32\services.exe
11:40:21.0494 0x1e90 [ Global ] - ok
11:40:21.0496 0x1e90 ================ Scan MBR ==================================
11:40:21.0498 0x1e90 [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
11:40:21.0545 0x1e90 \Device\Harddisk0\DR0 - ok
11:40:21.0546 0x1e90 ================ Scan VBR ==================================
11:40:21.0549 0x1e90 [ 6A3838061438CA364EC40B4B764C0077 ] \Device\Harddisk0\DR0\Partition1
11:40:21.0551 0x1e90 \Device\Harddisk0\DR0\Partition1 - ok
11:40:21.0552 0x1e90 [ 63A85DA009B45D4F8DE97BF67DE7B8FB ] \Device\Harddisk0\DR0\Partition2
11:40:21.0553 0x1e90 \Device\Harddisk0\DR0\Partition2 - ok
11:40:21.0555 0x1e90 [ 88663AC9F022E578CF14F59ACF86D921 ] \Device\Harddisk0\DR0\Partition3
11:40:21.0556 0x1e90 \Device\Harddisk0\DR0\Partition3 - ok
11:40:21.0558 0x1e90 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition4
11:40:21.0558 0x1e90 \Device\Harddisk0\DR0\Partition4 - ok
11:40:21.0562 0x1e90 [ C50D5104A0B672E2B0373ACD5B3FEDA2 ] \Device\Harddisk0\DR0\Partition5
11:40:21.0564 0x1e90 \Device\Harddisk0\DR0\Partition5 - ok
11:40:21.0570 0x1e90 [ 3862F91EEE7124B83447C7B4558BB454 ] \Device\Harddisk0\DR0\Partition6
11:40:21.0572 0x1e90 \Device\Harddisk0\DR0\Partition6 - ok
11:40:21.0575 0x1e90 [ E992A244394540034241333AF1AD2935 ] \Device\Harddisk0\DR0\Partition7
11:40:21.0577 0x1e90 \Device\Harddisk0\DR0\Partition7 - ok
11:40:21.0582 0x1e90 [ E257E21CB7AEB80B12B56DEF417B74C5 ] \Device\Harddisk0\DR0\Partition8
11:40:21.0584 0x1e90 \Device\Harddisk0\DR0\Partition8 - ok
11:40:21.0584 0x1e90 ================ Scan generic autorun ======================
11:40:21.0852 0x1e90 [ 2A7EAF9A5DCC6DF4DFA1162AE69A2AA7, DA2BEC60E08748774B38B727FF83850B64F8C39A17FD7559EE8318683C2E672E ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:40:22.0093 0x1e90 RtHDVCpl - ok
11:40:22.0132 0x1e90 [ 2BFBD5FB7B6EFFF59AD79BB8A8796926, BBD0BC11B9BAA0691BAAE7C7960F51183A6D5ACD322B7092E436900FA495FBDB ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:40:22.0164 0x1e90 RtHDVBg_Dolby - ok
11:40:22.0168 0x1e90 [ 4A0477ADCD07EC9D21257A2E456B16C5, CEF9C81730C12283A7600C3D921D89A62B14D1C46544B493F3AF7520DD2D1F79 ] C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
11:40:22.0185 0x1e90 IAStorIcon - detected UnsignedFile.Multi.Generic ( 1 )
11:40:22.0185 0x1e90 Detect skipped due to KSN trusted
11:40:22.0185 0x1e90 IAStorIcon - ok
11:40:22.0190 0x1e90 [ 92BED6F62FBAC9E327A3BF599CE9AB32, 6ED9BB1B97AB0BDC64CE07FB8757651A83C918320320B84AB823933B8ACFDEB6 ] C:\windows\system32\DptfPolicyLpmServiceHelper.exe
11:40:22.0202 0x1e90 DptfPolicyLpmServiceHelper - ok
11:40:22.0204 0x1e90 BTMTrayAgent - ok
11:40:22.0222 0x1e90 [ 5689BB0DB40DC712CC87A4F27925F939, 57164AEC7101BBB1E1321B1BD8CF91453F4A9AC549851885087B42E23D777DB2 ] C:\Program Files\Lenovo Yoga PhoneCompanion\Yoga Phone Companion.exe
11:40:22.0246 0x1e90 Yoga PhoneCompanion - ok
11:40:22.0254 0x1e90 [ 7ECEA25EAF0AE3333FF5B4449FBDB6D4, 2C35D9F85A968F4305B945D66B234955BA7F9D4A8FCBEAF085313E3413CC1C0F ] C:\Program Files (x86)\Lenovo\Lenovo Transition\Transition.exe
11:40:22.0276 0x1e90 AutoStartTransition - ok
11:40:22.0278 0x1e90 Energy Manager - ok
11:40:22.0284 0x1e90 [ ACFA436C851BC9204A6E2B8EBC8B888D, F895E7A77C2C04E61FD8D09909E08172FFEBF039D6DCF7C3D84FF1992D5FFFD3 ] C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe
11:40:22.0294 0x1e90 Lenovo Utility - ok
11:40:22.0309 0x1e90 [ F51C6B5377271E6F317D84FD0230F7CD, 66E8B5B57642C39626EAF4654DEC0D23948CDAD513C60059582A18E17D1ACCBC ] C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe
11:40:22.0330 0x1e90 Samsung Link - ok
11:40:22.0335 0x1e90 [ 02A27FC0972181EF743160BE9F62F2B4, 0E5B5684E892B1CE83C8A50A23F8478E8D01E2DD283337B5B263FDA4C2654E9F ] C:\Program Files\iTunes\iTunesHelper.exe
11:40:22.0348 0x1e90 iTunesHelper - ok
11:40:22.0381 0x1e90 [ 3707200C0C00FB0A36C3DF2A8D605214, 6CC9BBED17BCFEFF3659269110E25309275ECD606F716A3B3A2E5B27F533B214 ] C:\Program Files\Bitdefender\Bitdefender 2015\bdagent.exe
11:40:22.0419 0x1e90 Bdagent - ok
11:40:22.0426 0x1e90 [ 58D4F708D35E07139D62F32A31FAE7AE, 45C6E4ED441B655BB0185689CEB57EFCFF0F00970C074534BC05A4B43448F17F ] C:\Program Files (x86)\Lenovo\Yoga Picks\Yoga Picks.exe
11:40:22.0436 0x1e90 Yoga Picks - ok
11:40:22.0444 0x1e90 [ 0E34B7BB1FCF22BCC1E394D16F9E992B, 382CA8E6BAC301E2F277F8EDA03D263FF71272796A8EED582C36294EEE9191F9 ] C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe
11:40:22.0454 0x1e90 GrooveMonitor - ok
11:40:22.0476 0x1e90 [ 57C635C41750117D206C90DA9C599777, D5291ED79FC08217758FB526FC8CCC9D374B65B49446104D271C36B0C1298446 ] C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
11:40:22.0523 0x1e90 BrMfcWnd - detected UnsignedFile.Multi.Generic ( 1 )
11:40:22.0523 0x1e90 Detect skipped due to KSN trusted
11:40:22.0523 0x1e90 BrMfcWnd - ok
11:40:22.0528 0x1e90 [ 4DE3EF07E0854547309C6B40235A9D44, F73D8E6D98583865D1C8DB728058D83C72A3908E21E04EF313FCB829C040A1EC ] C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe
11:40:22.0547 0x1e90 ControlCenter3 - detected UnsignedFile.Multi.Generic ( 1 )
11:40:22.0547 0x1e90 Detect skipped due to KSN trusted
11:40:22.0547 0x1e90 ControlCenter3 - ok
11:40:22.0590 0x1e90 [ 85090DBB0B29396708B1F4835714FA1F, F57B0A7F4A9EBAACC1A67323EBB93D96FA910524FAE842953551DBA103EF71C5 ] C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe
11:40:22.0656 0x1e90 FileZilla Server Interface - detected UnsignedFile.Multi.Generic ( 1 )
11:40:22.0657 0x1e90 Detect skipped due to KSN trusted
11:40:22.0657 0x1e90 FileZilla Server Interface - ok
11:40:22.0663 0x1e90 [ 25550E7DB114579EB50BC98A8DFD8B9F, 11F81387B6EE44FBE4DCF251A0D4AFF3E84C550BACCA39B71B41B452D512628B ] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe
11:40:22.0682 0x1e90 ControlCenter4 - detected UnsignedFile.Multi.Generic ( 1 )
11:40:22.0682 0x1e90 Detect skipped due to KSN trusted
11:40:22.0682 0x1e90 ControlCenter4 - ok
11:40:22.0763 0x1e90 [ A12927788DE1555B598DFD16B4FA3F8B, 57B36F188FC212D73CFBE6431FC5095BAB3C189D04D34CA428801F6823636DFA ] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
11:40:22.0867 0x1e90 BrStsMon00 - detected UnsignedFile.Multi.Generic ( 1 )
11:40:22.0867 0x1e90 Detect skipped due to KSN trusted
11:40:22.0867 0x1e90 BrStsMon00 - ok
11:40:22.0904 0x1e90 [ CCD7E282045AB48CEA58AA2E2A715362, 87952B5BD23F451DB5A17B280B4047E41AEF37DEB0B8FECDA48D6F1F9C7DE866 ] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
11:40:22.0959 0x1e90 BrHelp - detected UnsignedFile.Multi.Generic ( 1 )
11:40:22.0959 0x1e90 Detect skipped due to KSN trusted
11:40:22.0960 0x1e90 BrHelp - ok
11:40:22.0968 0x1e90 [ 4E574FEBE7CD85BB0A086ABEF602F910, 24A950E3F8DEA6E5D611229EC0B0C9007C416C2C88577E85B69D7F86187E806A ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
11:40:22.0982 0x1e90 SunJavaUpdateSched - ok
11:40:23.0193 0x1e90 [ 4CFC383993D02D4DEB0D84B98B52FBE4, 3909E4D3F1F9A124CC46CCD47D38BDF925813AB8415EAC8C6D7DB050CECB8767 ] C:\Program Files (x86)\Swisscom\My Swisscom Assistant\MySwisscomAssistant_Launcher.exe
11:40:23.0414 0x1e90 My Swisscom Assistant - ok
11:40:23.0422 0x1e90 AshSnap - ok
11:40:23.0423 0x1e90 msnmsgr - ok
11:40:23.0430 0x1e90 jaepew.exe - ok
11:40:23.0431 0x1e90 zzihaw.exe - ok
11:40:23.0433 0x1e90 buwctr.exe - ok
11:40:23.0451 0x1e90 [ 9DA1393F5C9350A3CFB039B6EB71A28F, 21DBC6ACFFBDEDAEB97690B83068B054DA9C3C117DF47135CFAA06E91916DBA8 ] C:\Program Files\Sandboxie\SbieCtrl.exe
11:40:23.0475 0x1e90 SandboxieControl - ok
11:40:23.0510 0x1e90 [ 2261FC3573534BD28EFF1B4C69339D70, 0AB4A132FBA1EC88FDC9145DB34D8A9ED40D4BB579FDE2C21F2846730993295E ] C:\Program Files (x86)\Tobit Radio.fx\Client\rfx-tray.exe
11:40:23.0574 0x1e90 rfxsrvtray - ok
11:40:23.0579 0x1e90 Skype - ok
11:40:23.0906 0x1e90 [ 2F088741EB6F6A35B1C0B662C63A1B0D, 1BB2B5C577479DB7CA6AFF9EC7DF40AC77551CB84727D7EA55B7FBA063432206 ] C:\Users\Marcel\AppData\Local\Learnpulse\Screenpresso\Screenpresso.exe
11:40:24.0117 0x1e90 Screenpresso - ok
11:40:24.0144 0x1e90 [ 48F63FA958EBD9535A4096421BD56A82, F870BBB70F350308CB00555AB8698566B422BD0C1FE10569331F9696F70863FB ] C:\Program Files\Bitdefender\Bitdefender 2015\bdwtxag.exe
11:40:24.0169 0x1e90 Bitdefender-Geldbörse-Agent - ok
11:40:24.0174 0x1e90 AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.7.205.0 ), 0x60100 ( disabled : updated )
11:40:24.0175 0x1e90 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2223.1143 ), 0x40000 ( disabled : updated )
11:40:24.0177 0x1e90 FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.3.2223.1143 ), 0x41010 ( enabled )
11:40:26.0524 0x1e90 ============================================================
11:40:26.0524 0x1e90 Scan finished
11:40:26.0524 0x1e90 ============================================================
11:40:26.0540 0x4af4 Detected object count: 0
11:40:26.0540 0x4af4 Actual detected object count: 0
Good news oder eher Verunsicherung? Danke nochmals für deinen Support sugus666 |
|
17.08.2015, 07:06
| #10 |
| /// the machine /// TB-Ausbilder | Behinderung durch Trojaner?
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
17.08.2015, 14:26
| #11 |
| | Behinderung durch Trojaner? hallo Schrauber, besten Dank! hat alles bestens geklappt... soweit wie ich es erkennen kann wenigstens...: ich kann die Sicherung wieder machen (Systemabbild) ohne Zugriffsprobleme und die ISO-Datai konnte ich auch ohne FM downloaden. Gruss und eine schöne Woche sugus666 |
|
18.08.2015, 09:37
| #12 |
| /// the machine /// TB-Ausbilder | Behinderung durch Trojaner? alles klar 
__________________ gruß, schrauber Proud Member of UNITE and ASAP since 2009 Spenden Anleitungen und Hilfestellungen Trojaner-Board Facebook-Seite Keine Hilfestellung via PM! |
|
| Themen zu Behinderung durch Trojaner? |
| administrator, bitdefender, cmd, dateien, defender, diverse, einstellung, fehler, folge, foren, hijack, hijackthis, iso-datei, malwarebytes, microsoft, programme, prüfen, ratlos, starten, system32, taskmanager, trojaner, trojaner?, virus, windows |
Linear-Darstellung
