Trojaner-Board

Trojaner-Board (https://www.trojaner-board.de/)
-   Plagegeister aller Art und deren Bekämpfung (https://www.trojaner-board.de/plagegeister-aller-art-deren-bekaempfung/)
-   -   Windows 8.1 remote zugriff mit selbständiger Tastatureingabe (https://www.trojaner-board.de/159649-windows-8-1-remote-zugriff-selbstaendiger-tastatureingabe.html)

Brento 12.10.2014 01:08
Windows 8.1 remote zugriff mit selbständiger Tastatureingabe
 
Liste der Anhänge anzeigen (Anzahl: 1)
Hi, vielen Dank im voraus für jede Hilfe.

Ich versuche möglichst alle relevanten Informationen zu liefern.

Folgendes Problem unter Windows 8.1 64bit (mit installiertem Antivir):
Beim spielen von World of Warcraft plötzlich chaotisches Verhalten: wild auf und zu popende Fenster (wahrscheinlich durch das auslösen von Hotkeys) und hakelige oder selbst aktive Maus. Nach Wechsel des aktiven Tab auf Firefox und anklicken des Suchfeldes durch Nutzer erfolgt folgende Texteingabe (ohne Berührung der Tastatur): "interesse an einem irrsinnig verschmusten Kat" (langsam, wie bei Hacks in alten Filmen). Dann Pause, ziehen des Netzwerkkabels nach einigen Sekunden (kein WLAN). Kein weiteres auffälliges Verhalten.

defogger und FRST ausgeführt, GMER hat sich einmal ausführen lassen, ich habe es aber wieder geschlossen um nochmal alles mit den Anweisungen abzugleichen, jetzt bringt Windows Fehlermeldung beim Startversuch von GMER (Screenshot im Anhang). Weder Reboot noch erneutes herunterladen haben etwas daran geändert.

PC wird generell nur sehr sauber genutzt, kein Torrent, Per2Per, komische Downloads oder surfen in dunklen Ecken. Einzige bisher erkennbare Auffälligkeit ist wiederholte Probleme mit Zertifikaten bei einem Hoster in Thunderbird (diese müssen immer wieder (mit mehreren Wochen Abstand) neu heruntergeladen und als Ausnahmeregeln bestätigt werden), ist möglicherweise auf mangelhafte Konfiguration zurückzuführen.

Formatieren und Neuinstallation des Systems ist ohne allzu großen Aufwand möglich, aber vorher würde ich gerne etwas mehr über den Vorfall erfahren.

Code:
defogger_disable by jpshortstuff (23.02.10.1)
Log created at 01:01 on 12/10/2014 (Debby)

Checking for autostart values...
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...


-=E.O.F=-

FRST Logfile:

FRST Logfile:
Code:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-10-2014
Ran by Debby (administrator) on SPEEDIE on 12-10-2014 01:04:33
Running from C:\Users\Debby\Downloads
Loaded Profile: Debby (Available profiles: Debby)
Platform: Windows 8.1 Pro (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Juniper Networks, Inc.) C:\Program Files (x86)\Common Files\Juniper Networks\JUNS\dsAccessService.exe
(Avira Operations GmbH & Co. KG) D:\Avira\Avira\AntiVir Desktop\sched.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
(Adobe Systems Incorporated) D:\CS2.0\Adobe Version Cue CS2\bin\VersionCueCS2.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(Advanced Micro Devices, Inc.) C:\AMD\ATI.ACE\Fuel\Fuel.Service.exe
(Avira Operations GmbH & Co. KG) D:\Avira\Avira\AntiVir Desktop\avguard.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
() D:\CS2.0\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
(Avira Operations GmbH & Co. KG) D:\Avira\Avira\AntiVir Desktop\avshadow.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) D:\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(OpenOffice.org) D:\OpenOffice\program\soffice.exe
(OpenOffice.org) D:\OpenOffice\program\soffice.bin
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Avira Operations GmbH & Co. KG) D:\Avira\Avira\AntiVir Desktop\avgnt.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Acronis) D:\Acronis\TrueImageHome\TrueImageMonitor.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe
(Advanced Micro Devices Inc.) C:\AMD\ATI.ACE\Core-Static\MOM.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(ATI Technologies Inc.) C:\AMD\ATI.ACE\Core-Static\CCC.exe
(Acronis) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2013-03-28] (Realtek Semiconductor)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [8292120 2013-11-14] (Logitech Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [516928 2013-02-15] (Acronis)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [JunosPulse] => C:\Program Files (x86)\Common Files\Juniper Networks\JamUI\Pulse.exe [2103920 2012-09-19] (Juniper Networks, Inc.)
HKLM-x32\...\Run: [avgnt] => D:\Avira\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-09] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [449168 2012-03-26] (CANON INC.)
HKLM-x32\...\Run: [TrueImageMonitor.exe] => D:\Acronis\TrueImageHome\TrueImageMonitor.exe [6421592 2013-12-13] (Acronis)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [1105848 2013-01-10] (Acronis)
HKLM-x32\...\Run: [StartCCC] => C:\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [Adobe Version Cue CS2] => d:\CS2.0\Adobe Version Cue CS2\ControlPanel\VersionCueCS2Tray.exe [856064 2005-04-06] (Adobe Sytems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [164656 2014-08-27] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-3773492537-3824981863-2960111320-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [4287536 2013-03-28] ()
HKU\S-1-5-21-3773492537-3824981863-2960111320-1001\...\Run: [Steam] => F:\Steam\steam.exe [1938624 2014-10-02] (Valve Corporation)
HKU\S-1-5-21-3773492537-3824981863-2960111320-1001\...\Run: [icq] => C:\Users\Debby\AppData\Roaming\ICQM\icq.exe [28698984 2013-09-01] (ICQ)
HKU\S-1-5-21-3773492537-3824981863-2960111320-1001\...\Run: [Skype] => D:\Skype\Phone\Skype.exe [22041192 2014-08-27] (Skype Technologies S.A.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma.lnk
ShortcutTarget: Adobe Gamma.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
Startup: C:\Users\Debby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> D:\OpenOffice\program\quickstart.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/de-de/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x30F003899AE5CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> D:\Java\bin\ssv.dll (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> D:\Java\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {AA570693-00E2-4907-B6F1-60A1199B030C} https://juniper.net/dana-cached/sc/JuniperSetupClient64.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {F27237D7-93C8-44C2-AC6E-D6057B9A918F} https://juniper.net/dana-cached/sc/JuniperSetupClient.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{C90EB938-4E2F-4EC3-BE72-4B4CD2BB4F2C}: [NameServer] 129.13.64.5,129.13.96.2

FireFox:
========
FF ProfilePath: C:\Users\Debby\AppData\Roaming\Mozilla\Firefox\Profiles\4r115ql2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> D:\Java\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.7 -> D:\VLC\npvlc.dll (VideoLAN)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin HKCU: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Avira Browser Safety - C:\Users\Debby\AppData\Roaming\Mozilla\Firefox\Profiles\4r115ql2.default\Extensions\abs@avira.com [2014-09-30]
FF Extension: ColorZilla - C:\Users\Debby\AppData\Roaming\Mozilla\Firefox\Profiles\4r115ql2.default\Extensions\{6AC85730-7D0F-4de0-B3FA-21142DD85326} [2013-03-31]
FF Extension: Firebug - C:\Users\Debby\AppData\Roaming\Mozilla\Firefox\Profiles\4r115ql2.default\Extensions\firebug@software.joehewitt.com.xpi [2013-04-04]
FF Extension: Adblock Plus - C:\Users\Debby\AppData\Roaming\Mozilla\Firefox\Profiles\4r115ql2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-03-28]
FF Extension: Greasemonkey - C:\Users\Debby\AppData\Roaming\Mozilla\Firefox\Profiles\4r115ql2.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-07-30]
FF StartMenuInternet: FIREFOX.EXE - D:\Firefox\firefox.exe

Chrome:
=======
CHR Profile: C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-30]
CHR Extension: (Google Drive) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-10-06]
CHR Extension: (YouTube) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-30]
CHR Extension: (Google-Suche) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-30]
CHR Extension: (Avira Browser Safety) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2014-08-08]
CHR Extension: (Google Wallet) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-30]
CHR Extension: (Bitdefender QuickScan) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-10-11]
CHR Extension: (Google Mail) - C:\Users\Debby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-30]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Adobe LM Service; C:\Program Files (x86)\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe [72704 2014-09-08] (Adobe Systems) [File not signed]
R2 Adobe Version Cue CS2; d:\CS2.0\Adobe Version Cue CS2\bin\VersionCueCS2.exe [163840 2005-04-06] (Adobe Systems Incorporated) [File not signed]
R2 AMD FUEL Service; C:\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2014-04-17] (Advanced Micro Devices, Inc.) [File not signed]
R2 AntiVirSchedulerService; D:\Avira\Avira\AntiVir Desktop\sched.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; D:\Avira\Avira\AntiVir Desktop\avguard.exe [431920 2014-10-09] (Avira Operations GmbH & Co. KG)
S4 AntiVirWebService; D:\Avira\Avira\AntiVir Desktop\avwebg7.exe [994096 2014-10-09] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [160048 2014-08-27] (Avira Operations GmbH & Co. KG)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [158208 2012-04-06] (Samsung Electronics)
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-12-11] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; D:\EMISOFTEMERGENCYKIT\BIN\a2ddax64.sys [26176 2014-10-11] (Emsisoft GmbH)
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
R2 AODDriver4.3; C:\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S3 Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys [31920 2013-06-02] (Wondershare)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [131608 2014-10-09] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [28600 2013-12-09] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [43064 2014-10-09] (Avira Operations GmbH & Co. KG)
R3 cleanhlp; D:\EmisoftEmergencyKit\bin\cleanhlp64.sys [57024 2014-10-11] (Emsisoft GmbH)
S4 jnprTdi_731_26369; C:\Windows\system32\Drivers\jnprTdi_731_26369.sys [107896 2012-09-19] (Juniper Networks, Inc.)
R3 JnprVaMgr; C:\Windows\system32\DRIVERS\jnprvamgr.sys [45352 2012-09-05] (Juniper Networks, Inc.)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1120032 2014-04-08] (Acronis International GmbH)
R0 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [183224 2014-04-08] (Acronis)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-12 01:04 - 2014-10-12 01:04 - 00017441 _____ () C:\Users\Debby\Downloads\FRST.txt
2014-10-12 01:04 - 2014-10-12 01:04 - 00000000 ____D () C:\FRST
2014-10-12 01:01 - 2014-10-12 01:01 - 02109952 _____ (Farbar) C:\Users\Debby\Downloads\FRST64.exe
2014-10-12 01:01 - 2014-10-12 01:01 - 00000472 _____ () C:\Users\Debby\Downloads\defogger_disable.log
2014-10-12 01:01 - 2014-10-12 01:01 - 00000000 _____ () C:\Users\Debby\defogger_reenable
2014-10-12 01:00 - 2014-10-12 01:00 - 00050477 _____ () C:\Users\Debby\Downloads\Defogger.exe
2014-10-11 23:30 - 2014-10-11 23:31 - 00000000 ___HD () C:\WINDOWS\AxInstSV
2014-10-11 23:30 - 2014-10-11 23:30 - 00000000 __SHD () C:\Users\Debby\AppData\Local\EmieUserList
2014-10-11 23:30 - 2014-10-11 23:30 - 00000000 __SHD () C:\Users\Debby\AppData\Local\EmieSiteList
2014-10-11 23:30 - 2014-10-11 23:30 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-10-11 23:28 - 2014-10-11 23:28 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Debby\Downloads\tdsskiller.exe
2014-10-11 23:03 - 2014-10-11 23:11 - 00000000 ____D () C:\Users\Debby\AppData\Roaming\QuickScan
2014-10-11 23:02 - 2014-10-11 23:02 - 00000000 _____ () C:\Users\Debby\Desktop\huhu.txt
2014-10-11 22:39 - 2014-10-11 22:39 - 00000794 _____ () C:\Users\Debby\Desktop\Start Emsisoft Emergency Kit.lnk
2014-10-02 10:17 - 2014-10-02 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-10-02 10:17 - 2014-10-02 10:17 - 00000000 ____D () C:\Program Files (x86)\Skype
2014-09-22 19:30 - 2014-09-22 19:30 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-09-19 23:20 - 2014-09-19 23:20 - 00013246 _____ () C:\Users\Debby\AppData\Local\recently-used.xbel
2014-09-14 11:39 - 2014-08-23 09:48 - 02374784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-09-14 11:39 - 2014-08-23 09:13 - 02084520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-09-14 11:39 - 2014-08-23 08:10 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-09-14 11:39 - 2014-08-23 07:32 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-09-14 11:39 - 2014-08-23 06:44 - 02860032 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-09-14 11:39 - 2014-08-23 06:34 - 13423104 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-09-14 11:39 - 2014-08-23 06:33 - 00796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-09-14 11:39 - 2014-08-23 06:31 - 01038336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-09-14 11:39 - 2014-08-23 06:20 - 11818496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-09-14 11:39 - 2014-07-30 03:56 - 00299520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-09-14 11:39 - 2014-07-29 07:22 - 00205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcpmon.dll
2014-09-14 11:39 - 2014-07-24 17:20 - 21266336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-09-14 11:39 - 2014-07-24 15:46 - 18760328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-09-14 11:39 - 2014-07-24 11:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-09-14 11:39 - 2014-07-24 11:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-09-14 11:39 - 2014-07-24 09:39 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-09-14 11:39 - 2014-07-24 09:38 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-09-14 11:39 - 2014-07-24 09:30 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-09-14 11:38 - 2014-07-24 17:28 - 00468288 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-09-14 11:38 - 2014-07-24 17:28 - 00419648 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-09-14 11:38 - 2014-07-24 17:28 - 00412992 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-09-14 11:38 - 2014-07-24 17:28 - 00280384 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-09-14 11:38 - 2014-07-24 17:28 - 00143680 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-09-14 11:38 - 2014-07-24 17:25 - 00054752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-09-14 11:38 - 2014-07-24 17:23 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-09-14 11:38 - 2014-07-24 17:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-09-14 11:38 - 2014-07-24 17:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-09-14 11:38 - 2014-07-24 17:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-09-14 11:38 - 2014-07-24 17:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-09-14 11:38 - 2014-07-24 17:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-09-14 11:38 - 2014-07-24 17:07 - 07424320 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-09-14 11:38 - 2014-07-24 17:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-09-14 11:38 - 2014-07-24 17:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-09-14 11:38 - 2014-07-24 17:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-09-14 11:38 - 2014-07-24 17:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-09-14 11:38 - 2014-07-24 17:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-09-14 11:38 - 2014-07-24 17:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-09-14 11:38 - 2014-07-24 17:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-09-14 11:38 - 2014-07-24 17:03 - 00818624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-09-14 11:38 - 2014-07-24 17:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-09-14 11:38 - 2014-07-24 17:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-09-14 11:38 - 2014-07-24 17:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-09-14 11:38 - 2014-07-24 16:57 - 02515264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-09-14 11:38 - 2014-07-24 16:57 - 00475968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-09-14 11:38 - 2014-07-24 15:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-09-14 11:38 - 2014-07-24 15:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-09-14 11:38 - 2014-07-24 15:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-09-14 11:38 - 2014-07-24 15:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-09-14 11:38 - 2014-07-24 15:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-09-14 11:38 - 2014-07-24 15:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-09-14 11:38 - 2014-07-24 15:36 - 00674512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-09-14 11:38 - 2014-07-24 15:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-09-14 11:38 - 2014-07-24 15:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-09-14 11:38 - 2014-07-24 13:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-09-14 11:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-09-14 11:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-09-14 11:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-09-14 11:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-09-14 11:38 - 2014-07-24 13:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-09-14 11:38 - 2014-07-24 13:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-09-14 11:38 - 2014-07-24 13:47 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-09-14 11:38 - 2014-07-24 13:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-09-14 11:38 - 2014-07-24 13:45 - 00076800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-09-14 11:38 - 2014-07-24 13:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-09-14 11:38 - 2014-07-24 13:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-09-14 11:38 - 2014-07-24 13:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-09-14 11:38 - 2014-07-24 13:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-09-14 11:38 - 2014-07-24 13:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-09-14 11:38 - 2014-07-24 13:33 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-09-14 11:38 - 2014-07-24 13:33 - 00050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-09-14 11:38 - 2014-07-24 13:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-09-14 11:38 - 2014-07-24 13:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-09-14 11:38 - 2014-07-24 13:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-09-14 11:38 - 2014-07-24 13:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-09-14 11:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-09-14 11:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-09-14 11:38 - 2014-07-24 12:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-09-14 11:38 - 2014-07-24 12:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-09-14 11:38 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-09-14 11:38 - 2014-07-24 12:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-09-14 11:38 - 2014-07-24 12:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-09-14 11:38 - 2014-07-24 12:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-09-14 11:38 - 2014-07-24 12:33 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-09-14 11:38 - 2014-07-24 12:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-09-14 11:38 - 2014-07-24 12:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-09-14 11:38 - 2014-07-24 12:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-09-14 11:38 - 2014-07-24 12:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-09-14 11:38 - 2014-07-24 12:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-09-14 11:38 - 2014-07-24 12:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-09-14 11:38 - 2014-07-24 12:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-09-14 11:38 - 2014-07-24 12:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-09-14 11:38 - 2014-07-24 12:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-09-14 11:38 - 2014-07-24 12:06 - 00438272 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-09-14 11:38 - 2014-07-24 12:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-09-14 11:38 - 2014-07-24 11:58 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\pmcsnap.dll
2014-09-14 11:38 - 2014-07-24 11:54 - 00249856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ppcsnap.dll
2014-09-14 11:38 - 2014-07-24 11:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-09-14 11:38 - 2014-07-24 11:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-09-14 11:38 - 2014-07-24 11:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-09-14 11:38 - 2014-07-24 11:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-09-14 11:38 - 2014-07-24 11:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-09-14 11:38 - 2014-07-24 11:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-09-14 11:38 - 2014-07-24 11:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-09-14 11:38 - 2014-07-24 11:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-09-14 11:38 - 2014-07-24 11:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-09-14 11:38 - 2014-07-24 11:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-09-14 11:38 - 2014-07-24 11:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-09-14 11:38 - 2014-07-24 11:23 - 00328704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-09-14 11:38 - 2014-07-24 11:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-09-14 11:38 - 2014-07-24 11:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-09-14 11:38 - 2014-07-24 11:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-09-14 11:38 - 2014-07-24 11:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-09-14 11:38 - 2014-07-24 11:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-09-14 11:38 - 2014-07-24 11:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-09-14 11:38 - 2014-07-24 11:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-09-14 11:38 - 2014-07-24 11:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-09-14 11:38 - 2014-07-24 11:09 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-09-14 11:38 - 2014-07-24 11:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-09-14 11:38 - 2014-07-24 11:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-09-14 11:38 - 2014-07-24 11:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-09-14 11:38 - 2014-07-24 11:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-09-14 11:38 - 2014-07-24 10:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-09-14 11:38 - 2014-07-24 10:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-09-14 11:38 - 2014-07-24 10:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-09-14 11:38 - 2014-07-24 10:49 - 01361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-09-14 11:38 - 2014-07-24 10:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-09-14 11:38 - 2014-07-24 10:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-09-14 11:38 - 2014-07-24 10:49 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-09-14 11:38 - 2014-07-24 10:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-09-14 11:38 - 2014-07-24 10:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-09-14 11:38 - 2014-07-24 10:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-09-14 11:38 - 2014-07-24 10:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-09-14 11:38 - 2014-07-24 10:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-09-14 11:38 - 2014-07-24 10:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-09-14 11:38 - 2014-07-24 10:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-09-14 11:38 - 2014-07-24 10:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-09-14 11:38 - 2014-07-24 10:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-09-14 11:38 - 2014-07-24 10:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-09-14 11:38 - 2014-07-24 10:27 - 00907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-09-14 11:38 - 2014-07-24 10:24 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 11:38 - 2014-07-24 10:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-09-14 11:38 - 2014-07-24 10:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-09-14 11:38 - 2014-07-24 10:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-09-14 11:38 - 2014-07-24 10:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-09-14 11:38 - 2014-07-24 10:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-09-14 11:38 - 2014-07-24 10:19 - 00388608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-09-14 11:38 - 2014-07-24 10:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-09-14 11:38 - 2014-07-24 10:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-09-14 11:38 - 2014-07-24 10:18 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-09-14 11:38 - 2014-07-24 10:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-09-14 11:38 - 2014-07-24 10:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-09-14 11:38 - 2014-07-24 10:15 - 00828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-09-14 11:38 - 2014-07-24 10:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-09-14 11:38 - 2014-07-24 10:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-09-14 11:38 - 2014-07-24 10:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-09-14 11:38 - 2014-07-24 10:12 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-09-14 11:38 - 2014-07-24 10:10 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-09-14 11:38 - 2014-07-24 10:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-09-14 11:38 - 2014-07-24 10:10 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-09-14 11:38 - 2014-07-24 10:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-09-14 11:38 - 2014-07-24 10:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-09-14 11:38 - 2014-07-24 10:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-09-14 11:38 - 2014-07-24 10:07 - 01705472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-09-14 11:38 - 2014-07-24 10:06 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-09-14 11:38 - 2014-07-24 10:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-09-14 11:38 - 2014-07-24 10:04 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-09-14 11:38 - 2014-07-24 10:02 - 03465216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-09-14 11:38 - 2014-07-24 10:01 - 05833216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-09-14 11:38 - 2014-07-24 10:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-09-14 11:38 - 2014-07-24 10:01 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-09-14 11:38 - 2014-07-24 10:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-09-14 11:38 - 2014-07-24 09:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-09-14 11:38 - 2014-07-24 09:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-09-14 11:38 - 2014-07-24 09:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-09-14 11:38 - 2014-07-24 09:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-09-14 11:38 - 2014-07-24 09:50 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-09-14 11:38 - 2014-07-24 09:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-09-14 11:38 - 2014-07-24 09:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-09-14 11:38 - 2014-07-24 09:46 - 08652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-09-14 11:38 - 2014-07-24 09:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-09-14 11:38 - 2014-07-24 09:43 - 02696704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-09-14 11:38 - 2014-07-24 09:43 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-09-14 11:38 - 2014-07-24 09:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-09-14 11:38 - 2014-07-24 09:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-09-14 11:38 - 2014-07-24 09:38 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-09-14 11:38 - 2014-07-24 09:33 - 03360768 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-09-14 11:38 - 2014-07-24 09:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-09-14 11:38 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-09-14 11:38 - 2014-07-24 06:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-09-14 11:38 - 2014-07-12 07:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-09-14 11:38 - 2014-07-12 07:23 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-09-14 11:38 - 2014-07-12 06:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-09-14 11:38 - 2014-07-12 06:33 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-09-14 11:38 - 2014-07-12 06:13 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-09-14 11:38 - 2014-07-10 01:19 - 00387391 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-09-14 11:38 - 2014-07-04 14:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-09-14 11:38 - 2014-07-04 12:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-09-14 11:38 - 2014-07-04 12:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-09-14 11:38 - 2014-07-04 12:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-09-14 11:38 - 2014-07-04 12:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-09-14 11:38 - 2014-07-04 11:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-09-14 11:38 - 2014-07-04 11:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-09-14 11:38 - 2014-06-27 08:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-09-14 11:38 - 2014-06-26 02:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-09-14 11:38 - 2014-06-26 02:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-09-14 11:38 - 2014-06-20 01:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-09-14 11:38 - 2014-06-19 04:13 - 00310080 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-09-14 11:38 - 2014-06-14 08:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-09-14 11:38 - 2014-06-14 07:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-09-14 11:38 - 2014-06-07 14:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-09-14 11:38 - 2014-06-07 12:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-09-14 11:38 - 2014-06-05 16:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-09-14 11:38 - 2014-06-05 12:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-09-14 11:38 - 2014-06-05 11:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-09-14 11:38 - 2014-05-31 07:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-09-14 11:38 - 2014-05-31 06:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-09-14 11:38 - 2014-05-29 08:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-09-14 11:38 - 2014-05-29 07:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-09-14 11:38 - 2014-05-29 07:20 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-09-14 11:38 - 2014-05-29 06:36 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-09-14 11:38 - 2014-05-26 09:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-09-14 11:38 - 2014-05-10 12:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-09-14 11:38 - 2014-05-10 10:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-09-14 11:38 - 2014-05-06 06:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-09-14 11:38 - 2014-05-06 02:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-09-14 11:38 - 2014-03-25 04:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-09-14 11:38 - 2014-03-25 04:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-09-14 11:38 - 2014-03-25 03:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-09-14 11:38 - 2014-03-25 03:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-09-14 11:32 - 2014-08-15 02:36 - 00146752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-09-12 00:34 - 2014-08-16 04:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-12 00:34 - 2014-08-16 04:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-12 00:34 - 2014-08-16 04:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-12 00:34 - 2014-08-16 04:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-12 00:34 - 2014-08-16 03:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-12 00:34 - 2014-08-16 03:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-12 00:34 - 2014-08-16 03:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-12 00:34 - 2014-08-16 03:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-12 00:34 - 2014-08-16 03:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-12 00:34 - 2014-08-16 03:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-12 00:34 - 2014-08-16 03:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-12 00:34 - 2014-08-16 03:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-12 00:34 - 2014-08-16 03:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-12 00:34 - 2014-08-16 03:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-12 00:34 - 2014-08-16 03:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-12 00:34 - 2014-08-16 03:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-12 00:34 - 2014-08-16 03:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-12 00:34 - 2014-08-16 03:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-12 00:34 - 2014-08-16 03:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-12 00:34 - 2014-08-16 03:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-12 00:34 - 2014-08-16 03:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-12 00:34 - 2014-08-16 02:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 00:34 - 2014-08-16 02:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-12 00:34 - 2014-08-16 02:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-12 00:34 - 2014-08-16 02:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-12 00:34 - 2014-08-16 02:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-12 00:34 - 2014-08-16 02:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-12 00:34 - 2014-08-16 02:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-12 00:34 - 2014-08-16 02:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-12 00:34 - 2014-08-16 02:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-12 00:34 - 2014-08-16 02:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-12 00:34 - 2014-08-16 02:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-12 00:34 - 2014-08-16 02:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-12 00:34 - 2014-08-16 02:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-12 00:34 - 2014-08-16 02:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-12 01:02 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-10-12 01:01 - 2014-01-08 16:38 - 00000000 ____D () C:\Users\Debby
2014-10-12 00:55 - 2014-07-30 12:50 - 00001124 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-12 00:52 - 2013-04-18 13:16 - 00000000 ____D () C:\Users\Debby\AppData\Roaming\Skype
2014-10-11 23:42 - 2013-03-28 09:00 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3773492537-3824981863-2960111320-1001
2014-10-11 23:16 - 2013-11-14 09:26 - 01898206 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-10-11 23:16 - 2013-11-14 09:11 - 00809718 _____ () C:\WINDOWS\system32\perfh007.dat
2014-10-11 23:16 - 2013-11-14 09:11 - 00178660 _____ () C:\WINDOWS\system32\perfc007.dat
2014-10-11 23:12 - 2014-07-30 12:50 - 00002202 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-11 23:11 - 2014-07-30 12:50 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-11 23:11 - 2014-01-08 16:58 - 00000000 __RDO () C:\Users\Debby\SkyDrive
2014-10-11 23:10 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-10-11 23:01 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-10-11 22:58 - 2013-11-14 00:18 - 00111454 _____ () C:\WINDOWS\PFRO.log
2014-10-11 22:37 - 2013-08-22 16:46 - 00308322 _____ () C:\WINDOWS\setupact.log
2014-10-11 22:25 - 2014-01-18 18:26 - 00000000 ____D () C:\Users\Debby\AppData\Local\Battle.net
2014-10-11 17:35 - 2014-01-08 16:43 - 01544661 _____ () C:\WINDOWS\WindowsUpdate.log
2014-10-11 17:07 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-10-09 10:53 - 2014-01-11 23:24 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avipbb.sys
2014-10-09 10:53 - 2014-01-11 23:24 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avgntflt.sys
2014-10-09 10:53 - 2014-01-11 23:24 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\WINDOWS\system32\Drivers\avnetflt.sys
2014-10-05 23:55 - 2013-03-29 21:30 - 00000000 ____D () C:\Users\Debby\AppData\Roaming\TS3Client
2014-10-02 10:17 - 2014-03-08 21:58 - 00002493 _____ () C:\Users\Public\Desktop\Skype.lnk
2014-10-02 10:17 - 2013-04-18 13:16 - 00000000 ____D () C:\ProgramData\Skype
2014-09-29 13:03 - 2013-08-22 16:44 - 00363224 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-09-28 22:03 - 2014-01-18 18:26 - 00000000 ____D () C:\Users\Debby\AppData\Roaming\Battle.net
2014-09-22 19:31 - 2014-04-27 17:04 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-22 19:30 - 2014-08-05 12:19 - 00001160 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-09-22 19:30 - 2014-01-11 23:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-09-22 11:46 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-19 23:20 - 2013-03-28 12:03 - 00000000 ____D () C:\Users\Debby\.gimp-2.8
2014-09-14 16:48 - 2013-11-14 09:13 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-09-14 16:48 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-09-14 16:48 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-09-14 16:37 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-12 00:35 - 2014-06-11 10:41 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-12 00:35 - 2014-06-11 10:41 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-12 00:35 - 2014-06-11 10:40 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-12 00:35 - 2014-06-11 10:40 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-12 00:35 - 2014-06-11 10:40 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-12 00:35 - 2014-06-11 10:40 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-12 00:35 - 2014-06-11 10:40 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-12 00:35 - 2014-06-11 10:40 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-12 00:35 - 2014-06-11 10:40 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-12 00:35 - 2014-06-11 10:40 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-12 00:35 - 2014-06-11 10:40 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-12 00:35 - 2014-06-11 10:40 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-12 00:35 - 2014-06-11 10:40 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-12 00:35 - 2014-06-11 10:40 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-12 00:35 - 2014-05-20 13:47 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-12 00:35 - 2014-05-20 13:47 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb

Some content of TEMP:
====================
C:\Users\Debby\AppData\Local\Temp\917b0b87-3358-4e79-93de-3dfc2fc99ed0.exe
C:\Users\Debby\AppData\Local\Temp\avgnt.exe
C:\Users\Debby\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-11 23:42

==================== End Of Log ============================
--- --- ---

--- --- ---


Code:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-10-2014
Ran by Debby at 2014-10-12 01:05:02
Running from C:\Users\Debby\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A Virus Named TOM (HKLM-x32\...\Steam App 207650) (Version:  - Misfits Attic)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Bridge 1.0 (x32 Version: 001.000.001 - Adobe Systems) Hidden
Adobe Common File Installer (x32 Version: 1.00.001 - Adobe System Incorporated) Hidden
Adobe Creative Suite 2 (HKLM-x32\...\{0134A1A1-C283-4A47-91A1-92F19F960372}) (Version:  - )
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Center 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe Illustrator CS2 (x32 Version: 12.000.000 - Adobe Systems Inc.) Hidden
Adobe InDesign CS2 (x32 Version: 004.000.000 - Adobe Systems Incorporated) Hidden
Adobe Photoshop CS2 (x32 Version: 9.0 - Adobe Systems, Inc.) Hidden
Adobe Reader XI (11.0.08) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Stock Photos 1.0 (x32 Version: 1.0.1 - Adobe Systems) Hidden
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version:  3.0 - Adobe Systems, Inc.)
Adobe Version Cue CS2 (x32 Version: 2.0 - Adobe Systems, Inc.) Hidden
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2014.0417.2226.38446 - Ihr Firmenname) Hidden
Anno 2070 (HKLM-x32\...\Steam App 48240) (Version:  - BlueByte)
Avira (HKLM-x32\...\{70e83cd8-4bd5-4039-ab5a-6b94a8abb641}) (Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.21.25162 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.306 - Avira)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - ‪Canon Inc.‬)
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.0 - Canon Inc.)
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG4200 series Benutzerregistrierung (HKLM-x32\...\Canon MG4200 series Benutzerregistrierung) (Version:  - Canon Inc.‎)
Canon MG4200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4200_series) (Version: 1.01 - Canon Inc.)
Canon MP560 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP560_series) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Chicken Shoot Gold (HKLM-x32\...\Steam App 259340) (Version:  - ToonTRAXX Studios)
CrystalDiskMark 3.0.2e (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.2e - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dungeon Defenders (HKLM-x32\...\Steam App 65800) (Version:  - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Faerie Solitaire (HKLM-x32\...\Steam App 38600) (Version:  - Subsoap)
Fortix (HKLM-x32\...\Steam App 45400) (Version:  - Nemesys Games)
Fotogalerie (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
ICQ 8.1 (build 6337) (HKCU\...\ICQ) (Version: 8.1.6337.0 - Mail.Ru)
Java 7 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417021FF}) (Version: 7.0.210 - Oracle)
Java SE Development Kit 7 Update 21 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170210}) (Version: 1.7.0.210 - Oracle)
Juniper Networks, Inc. Setup Client (HKCU\...\Juniper_Setup_Client) (Version: 7.3.1.26369 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client 64-bit Activex Control (HKLM\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Juniper Networks, Inc. Setup Client Activex Control (HKLM-x32\...\Juniper_Setup_Client Activex Control) (Version: 2.1.1.1 - Juniper Networks, Inc.)
Junos Pulse (Version: 3.1.26369 - Ihr Firmenname) Hidden
Junos Pulse 3.1 (HKLM-x32\...\Junos Pulse 3.1) (Version: 3.1.26369 - Juniper Networks, Inc.)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.51 (HKLM\...\Logitech Gaming Software) (Version: 8.51.5 - Logitech Inc.)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.1.177.0 - Microsoft Corporation)
Microsoft-Maus- und Tastatur-Center (Version: 2.1.177.0 - Microsoft Corporation) Hidden
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - Pocketwatch Games)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 19.0.2 (x86 de) (HKLM-x32\...\Mozilla Firefox 19.0.2 (x86 de)) (Version: 19.0.2 - Mozilla)
Mozilla Firefox 32.0.3 (x86 de) (HKCU\...\Mozilla Firefox 32.0.3 (x86 de)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0.4 - Mozilla)
Mozilla Thunderbird 17.0.4 (x86 de) (HKLM-x32\...\Mozilla Thunderbird 17.0.4 (x86 de)) (Version: 17.0.4 - Mozilla)
Mozilla Thunderbird 24.6.0 (x86 de) (HKCU\...\Mozilla Thunderbird 24.6.0 (x86 de)) (Version: 24.6.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenOffice.org 3.4.1 (HKLM-x32\...\{2303AEEA-0FA8-4AFD-80A9-8F86BA4B44D2}) (Version: 3.41.9593 - Apache Software Foundation)
Orcs Must Die! 2 (HKLM-x32\...\Steam App 201790) (Version:  - )
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
RAIDXpert (HKLM-x32\...\InstallShield_{8A4A80C2-87B1-44FB-BC24-9168930EB150}) (Version: 3.3.1540.24 - AMD)
RAIDXpert (x32 Version: 3.3.1540.24 - AMD) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6699 - Realtek Semiconductor Corp.)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.09.00 - Samsung Electronics Co., Ltd.)
Skype™ 6.20 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.20.104 - Skype Technologies S.A.)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version:  - Sumo Digital)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Suite Specific (x32 Version: 2.0.0 - Adobe Systems, Incorporated) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.10 - TeamSpeak Systems GmbH)
Torchlight II (HKLM-x32\...\Steam App 200710) (Version:  - Runic Games)
Tower Wars (HKLM-x32\...\Steam App 214360) (Version:  - SuperVillain Studios)
True Image WD Edition (HKLM-x32\...\{F801E99E-0C2D-4A37-8870-25FFE2C65547}) (Version: 16.0.5958 - Acronis)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
VLC media player 2.0.7 (HKLM\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.2-1 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Mobile-Gerätecenter (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3773492537-3824981863-2960111320-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

==================== Restore Points  =========================

22-09-2014 09:46:00 Geplanter Prüfpunkt
30-09-2014 19:56:42 Geplanter Prüfpunkt

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 00000824 ____A C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C771EF1-CCA1-4B56-A8E0-8F8A6F8D5670} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {0D5B23E0-EBB3-4F28-955A-0E0A640957A8} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {163FD0EC-E4E0-47FF-978A-D5E6AFCED5BA} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {2DA58ED3-E462-46B3-B909-697335EC2D28} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {346DCAD6-32BA-4AF6-991B-D23BB9F3449E} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {394BBA12-6782-4067-A0DA-85714A681AF5} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {3FAE28E3-2EC3-4F53-91CD-05DABD2C8591} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {476BBBA7-900A-4215-A8AE-3B7385169883} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {63564223-53A3-4DB3-9CF6-C119697325AA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-09-11] (Microsoft Corporation)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A8843AA8-4864-4FBD-A438-C5B5C20A796B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-30] (Google Inc.)
Task: {AEAAE548-D838-4114-81FB-05990A4EA095} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {B29FC0E8-D813-474D-BCDD-8F4CDA6D95CC} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {C187FBAF-4889-44CC-B63B-BD517A722465} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F35657F7-C6D5-4611-B988-D8212BA7AF64} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-30] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-04-01 15:25 - 2011-04-11 07:26 - 00034304 _____ () C:\WINDOWS\System32\spd__l.dll
2014-04-17 22:29 - 2014-04-17 22:29 - 00214528 _____ () C:\AMD\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 00817152 _____ () C:\AMD\ATI.ACE\Fuel\Device.dll
2014-02-11 07:08 - 2014-02-11 07:08 - 03650560 _____ () C:\AMD\ATI.ACE\Fuel\Platform.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 03502080 _____ () d:\CS2.0\Adobe Version Cue CS2\data\database\bin\mysqld-nt.exe
2013-03-30 17:07 - 2012-12-11 14:07 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2012-10-16 11:39 - 2012-10-16 11:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2014-04-17 22:29 - 2014-04-17 22:29 - 00102400 _____ () C:\AMD\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2012-09-17 02:37 - 2012-09-17 02:37 - 00431163 _____ () C:\Program Files (x86)\Common Files\Juniper Networks\WX Client\sqlite3.dll
2005-04-06 16:52 - 2005-04-06 16:52 - 00028791 _____ () d:\CS2.0\Adobe Version Cue CS2\jre\bin\hpi.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00057453 _____ () d:\CS2.0\Adobe Version Cue CS2\jre\bin\verify.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00102515 _____ () d:\CS2.0\Adobe Version Cue CS2\jre\bin\java.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00053364 _____ () d:\CS2.0\Adobe Version Cue CS2\jre\bin\zip.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00057455 _____ () D:\CS2.0\Adobe Version Cue CS2\jre\bin\net.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00032880 _____ () D:\CS2.0\Adobe Version Cue CS2\jre\bin\nio.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 00434255 _____ () d:\CS2.0\Adobe Version Cue CS2\bin\ps-rw-vc-v8_58.dll
2005-04-06 16:53 - 2005-04-06 16:53 - 01019904 _____ () d:\CS2.0\Adobe Version Cue CS2\bin\ps-vc-v8_58.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00139056 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.NativeCore.dll
2014-08-27 15:00 - 2014-08-27 15:00 - 00066864 _____ () C:\Program Files (x86)\Avira\My Avira\Avira.OE.AvConnectorNative.dll
2014-09-26 10:57 - 2014-09-23 06:06 - 01098056 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libglesv2.dll
2014-09-26 10:57 - 2014-09-23 06:06 - 00174408 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\libegl.dll
2014-09-26 10:57 - 2014-09-23 06:07 - 08577864 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\pdf.dll
2014-09-26 10:57 - 2014-09-23 06:07 - 00331592 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll
2014-09-26 10:57 - 2014-09-23 06:06 - 01660232 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\ffmpegsumo.dll
2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () D:\OpenOffice\program\libxml2.dll
2014-08-05 12:19 - 2014-08-27 15:00 - 00052472 _____ () C:\Users\Debby\AppData\Local\Temp\avgnt.exe\Avira.OE.ExtApi.dll
2013-12-13 00:56 - 2013-12-13 00:56 - 13673296 _____ () D:\Acronis\TrueImageHome\ti_managers.dll
2013-01-10 13:43 - 2013-01-10 13:43 - 00014360 _____ () C:\Program Files (x86)\Common Files\Acronis\TibMounter\icudt38.dll
2013-12-12 23:30 - 2013-12-12 23:30 - 00420160 _____ () C:\Program Files (x86)\Common Files\Acronis\Home\ulxmlrpcpp.dll
2014-09-26 10:57 - 2014-09-23 06:07 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Debby\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "JunosPulse"
HKLM\...\StartupApproved\Run32: => "Adobe Version Cue CS2"
HKCU\...\StartupApproved\Run: => "Pando Media Booster"
HKCU\...\StartupApproved\Run: => "Steam"

========================= Accounts: ==========================

Administrator (S-1-5-21-3773492537-3824981863-2960111320-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3773492537-3824981863-2960111320-1004 - Limited - Enabled)
Debby (S-1-5-21-3773492537-3824981863-2960111320-1001 - Administrator - Enabled) => C:\Users\Debby
Gast (S-1-5-21-3773492537-3824981863-2960111320-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3773492537-3824981863-2960111320-1006 - Limited - Enabled)

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/11/2014 11:50:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (10/11/2014 11:49:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (10/11/2014 11:42:33 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: Das Volume "System-reserviert" wurde aufgrund eines Fehlers nicht optimiert: Falscher Parameter. (0x80070057)

Error: (10/11/2014 11:30:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Fehler beim Generieren des Aktivierungskontexts für "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1". Fehler in Manifest- oder Richtliniendatei "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" in Zeile C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
Eine für die Anwendung erforderliche Komponentenversion steht in Konflikt mit einer anderen, bereits aktiven Komponentenversion.
In Konflikt stehende Komponenten:.
Komponente 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Komponente 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.

Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: Der Ereignisfilter mit der Abfrage "select * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'" konnte im Namespace "//./root" aufgrund des Fehlers "0x80041033" nicht reaktiviert werden. Solange dieses Problem besteht, können mit diesem Filter keine Ereignisse übermittelt werden.

Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __TimerEvent" zu registrieren, deren Zielklasse "__TimerEvent" im Namespace "//./root/CIMV2" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root/subscription" nicht vorhanden ist. Die Abfrage wird ignoriert.

Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: Vom Ereignisanbieter "$Core" wurde versucht, die Abfrage "select * from __SystemEvent" zu registrieren, deren Zielklasse "__SystemEvent" im Namespace "//./root" nicht vorhanden ist. Die Abfrage wird ignoriert.


System errors:
=============
Error: (10/11/2014 11:10:25 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE)
Description: 1084ShellHWDetectionNicht verfügbar{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (10/11/2014 11:10:25 PM) (Source: DCOM) (EventID: 10010) (User: SPEEDIE)
Description: {3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE)
Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE)
Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE)
Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE)
Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE)
Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE)
Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/11/2014 11:10:10 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE)
Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (10/11/2014 11:10:09 PM) (Source: DCOM) (EventID: 10005) (User: SPEEDIE)
Description: 1084WSearchNicht verfügbar{9E175B6D-F52A-11D8-B9A5-505054503030}


Microsoft Office Sessions:
=========================
Error: (10/11/2014 11:50:17 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/11/2014 11:49:22 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestc:\program files (x86)\ESET\eset online scanner\ESETSmartInstaller.exe

Error: (10/11/2014 11:42:33 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: System-reserviertFalscher Parameter. (0x80070057)

Error: (10/11/2014 11:30:59 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Users\Debby\AppData\Local\Temp\IDC2.tmp\ESETSmartInstaller.exe

Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT-AUTORITÄT)
Description: //./rootselect * from __InstanceModificationEvent where targetinstance isa '__ArbitratorConfiguration'0x80041033

Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root/subscription

Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root

Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __TimerEvent__TimerEvent//./root/CIMV2

Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root/subscription

Error: (10/11/2014 11:00:56 PM) (Source: Microsoft-Windows-WMI) (EventID: 24) (User: NT-AUTORITÄT)
Description: $Coreselect * from __SystemEvent__SystemEvent//./root


==================== Memory info ===========================

Processor: AMD FX(tm)-6300 Six-Core Processor
Percentage of memory in use: 17%
Total physical RAM: 16341.68 MB
Available physical RAM: 13490.45 MB
Total Pagefile: 18773.68 MB
Available Pagefile: 15196.08 MB
Total Virtual: 131072 MB
Available Virtual: 131071.79 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:79.66 GB) (Free:38.24 GB) NTFS
Drive d: (Programme) (Fixed) (Total:35 GB) (Free:27.11 GB) NTFS
Drive e: (Ohne Titel CD) (CDROM) (Total:0.05 GB) (Free:0 GB) UDF
Drive f: (Games) (Fixed) (Total:117.88 GB) (Free:4.03 GB) NTFS
Drive g: (Daten) (Fixed) (Total:200 GB) (Free:131.69 GB) NTFS
Drive w: (WIN8_1_ENG) (Removable) (Total:14.71 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: 71E68881)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=79.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=35 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=117.9 GB) - (Type=OF Extended)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: C70725C5)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 14.7 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

schrauber 12.10.2014 06:20
hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

Brento 12.10.2014 15:31
Keine Funde, das hier ist der Bericht:

Code:
11:36:56.0449 0x1204  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
11:37:03.0781 0x1204  ============================================================
11:37:03.0781 0x1204  Current date / time: 2014/10/12 11:37:03.0781
11:37:03.0781 0x1204  SystemInfo:
11:37:03.0781 0x1204 
11:37:03.0781 0x1204  OS Version: 6.3.9600 ServicePack: 0.0
11:37:03.0781 0x1204  Product type: Workstation
11:37:03.0781 0x1204  ComputerName: SPEEDIE
11:37:03.0781 0x1204  UserName: Debby
11:37:03.0781 0x1204  Windows directory: C:\WINDOWS
11:37:03.0781 0x1204  System windows directory: C:\WINDOWS
11:37:03.0781 0x1204  Running under WOW64
11:37:03.0781 0x1204  Processor architecture: Intel x64
11:37:03.0781 0x1204  Number of processors: 6
11:37:03.0781 0x1204  Page size: 0x1000
11:37:03.0781 0x1204  Boot type: Normal boot
11:37:03.0781 0x1204  ============================================================
11:37:03.0924 0x1204  KLMD registered as C:\WINDOWS\system32\drivers\13897379.sys
11:37:03.0991 0x1204  System UUID: {310F67FB-1992-AA6C-1AA1-A336C98BF7FD}
11:37:04.0356 0x1204  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0',

Flags 0x00000040
11:37:04.0356 0x1204  Drive \Device\Harddisk1\DR1 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0',

Flags 0x00000040
11:37:04.0361 0x1204  Drive \Device\Harddisk2\DR2 - Size: 0x3AE800000 ( 14.73 Gb ), SectorSize: 0x200, Cylinders: 0x782, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
11:37:04.0363 0x1204  ============================================================
11:37:04.0363 0x1204  \Device\Harddisk0\DR0:
11:37:04.0363 0x1204  MBR partitions:
11:37:04.0363 0x1204  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
11:37:04.0363 0x1204  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0x9F50800
11:37:04.0363 0x1204  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0xA000000, BlocksNum 0x4600000
11:37:04.0363 0x1204  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0xE600800, BlocksNum 0xEBC4800
11:37:04.0363 0x1204  \Device\Harddisk1\DR1:
11:37:04.0373 0x1204  GPT partitions:
11:37:04.0373 0x1204  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {0E60491C-30D8-4F7C-99CA-438CFAC707BA}, Name: Microsoft

reserved partition, StartLBA 0x22, BlocksNum 0x40000
11:37:04.0373 0x1204  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {0AC10E29-6A95-49D0-A1C6-2E42433AD0A3}, Name: Basic data

partition, StartLBA 0x40800, BlocksNum 0x19000000
11:37:04.0373 0x1204  \Device\Harddisk1\DR1\Partition3: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {A9A36451-E7AB-4C54-868C-42CEA42C22EB}, Name: Basic data

partition, StartLBA 0x19040800, BlocksNum 0x5B6C5800
11:37:04.0373 0x1204  MBR partitions:
11:37:04.0373 0x1204  \Device\Harddisk2\DR2:
11:37:04.0374 0x1204  MBR partitions:
11:37:04.0374 0x1204  \Device\Harddisk2\DR2\Partition1: MBR, Type 0xC, StartLBA 0x800, BlocksNum 0x1D73800
11:37:04.0374 0x1204  ============================================================
11:37:04.0375 0x1204  C: <-> \Device\Harddisk0\DR0\Partition2
11:37:04.0375 0x1204  D: <-> \Device\Harddisk0\DR0\Partition3
11:37:04.0376 0x1204  F: <-> \Device\Harddisk0\DR0\Partition4
11:37:04.0411 0x1204  G: <-> \Device\Harddisk1\DR1\Partition2
11:37:04.0411 0x1204  ============================================================
11:37:04.0411 0x1204  Initialize success
11:37:04.0411 0x1204  ============================================================
11:38:01.0925 0x1318  ============================================================
11:38:01.0926 0x1318  Scan started
11:38:01.0926 0x1318  Mode: Manual; SigCheck; TDLFS;
11:38:01.0926 0x1318  ============================================================
11:38:01.0926 0x1318  KSN ping started
11:38:04.0271 0x1318  KSN ping finished: true
11:38:04.0607 0x1318  ================ Scan system memory ========================
11:38:04.0607 0x1318  System memory - ok
11:38:04.0607 0x1318  ================ Scan services =============================
11:38:04.0644 0x1318  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
11:38:04.0713 0x1318  1394ohci - ok
11:38:04.0725 0x1318  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware          C:\WINDOWS\system32\drivers\3ware.sys
11:38:04.0742 0x1318  3ware - ok
11:38:04.0747 0x1318  [ D27A8B7BB0E15DFBFC6B4E774EE17AD9, CBAD45B3FFFD30C34AF918009F699B65F89043D0799FC25D2472381912F86F93 ] A2DDA          D:\EMISOFTEMERGENCYKIT\BIN\a2ddax64.sys
11:38:04.0767 0x1318  A2DDA - ok
11:38:04.0786 0x1318  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
11:38:04.0815 0x1318  ACPI - ok
11:38:04.0822 0x1318  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
11:38:04.0839 0x1318  acpiex - ok
11:38:04.0844 0x1318  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
11:38:04.0857 0x1318  acpipagr - ok
11:38:04.0862 0x1318  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi        C:\WINDOWS\System32\drivers\acpipmi.sys
11:38:04.0875 0x1318  AcpiPmi - ok
11:38:04.0880 0x1318  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
11:38:04.0893 0x1318  acpitime - ok
11:38:04.0922 0x1318  [ 7736CDCCA38519FD637C82638A06B4FF, 9F6FD63A28BE387AD83707398DC67D88117E5517F8B7499315CE372F90F2B9B8 ] AcrSch2Svc      C:\Program Files (x86)\Common Files

\Acronis\Schedule2\schedul2.exe
11:38:04.0963 0x1318  AcrSch2Svc - ok
11:38:04.0970 0x1318  [ 8B46D5A1D3EF08232C04D0EAFB871FB2, 5306F8452EF675851CB0015F9E5C5EB750137D6D65C9CB7E47F8EF5B10A44D10 ] Adobe LM Service C:\Program Files (x86)\Common Files\Adobe

Systems Shared\Service\Adobelmsvc.exe
11:38:04.0982 0x1318  Adobe LM Service - detected UnsignedFile.Multi.Generic ( 1 )
11:38:07.0397 0x1318  Detect skipped due to KSN trusted
11:38:07.0397 0x1318  Adobe LM Service - ok
11:38:07.0404 0x1318  [ 41D15EAD554396BF35B7C5246AD47A28, 456835B33E95D083CD0076F06B591D63FB969025940A5CFD87CAB37C658B6855 ] Adobe Version Cue CS2 d:\CS2.0\Adobe Version Cue CS2\bin

\VersionCueCS2.exe
11:38:07.0416 0x1318  Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 )
11:38:09.0855 0x1318  Detect skipped due to KSN trusted
11:38:09.0856 0x1318  Adobe Version Cue CS2 - ok
11:38:09.0861 0x1318  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe

\ARM\1.0\armsvc.exe
11:38:09.0873 0x1318  AdobeARMservice - ok
11:38:09.0893 0x1318  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX        C:\WINDOWS\system32\drivers\ADP80XX.SYS
11:38:09.0926 0x1318  ADP80XX - ok
11:38:09.0936 0x1318  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc    C:\WINDOWS\System32\aelupsvc.dll
11:38:09.0955 0x1318  AeLookupSvc - ok
11:38:09.0968 0x1318  [ ABCF9C80EAACE03021BB7F450EB8993F, 8E38726C423E82954CA85266D6F38B605D010A659420A4EF99D29035A9474BFB ] afcdp          C:\WINDOWS\system32\DRIVERS\afcdp.sys
11:38:09.0987 0x1318  afcdp - ok
11:38:10.0065 0x1318  [ 3625E0DEAE06134C3B6FD4CC90329912, B2DD2931C9CD6B6C1D8BB26D78ABD095723EBEA82B2DF26DB99605B3E106CD10 ] afcdpsrv        C:\Program Files (x86)\Common Files

\Acronis\CDP\afcdpsrv.exe
11:38:10.0162 0x1318  afcdpsrv - ok
11:38:10.0184 0x1318  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD            C:\WINDOWS\system32\drivers\afd.sys
11:38:10.0214 0x1318  AFD - ok
11:38:10.0222 0x1318  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
11:38:10.0236 0x1318  agp440 - ok
11:38:10.0242 0x1318  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache        C:\WINDOWS\system32\DRIVERS\ahcache.sys
11:38:10.0258 0x1318  ahcache - ok
11:38:10.0264 0x1318  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG            C:\WINDOWS\System32\alg.exe
11:38:10.0285 0x1318  ALG - ok
11:38:10.0294 0x1318  [ E7BDC2E7D885A65031C6B93D5A80B019, B37B05CA81A200A0C303946A21901ED382468761AB8BB8F7F310700A060E813F ] AMD External Events Utility C:\WINDOWS

\system32\atiesrxx.exe
11:38:10.0319 0x1318  AMD External Events Utility - ok
11:38:10.0323 0x1318  AMD FUEL Service - ok
11:38:10.0330 0x1318  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8          C:\WINDOWS\System32\drivers\amdk8.sys
11:38:10.0347 0x1318  AmdK8 - ok
11:38:10.0352 0x1318  [ F2FF8C1B41B3784EDBD5C6D5397F403C, 104873700D2BDF4812DC48200B4609F46A63E7A50594A0599100EF1438863708 ] amdkmafd        C:\WINDOWS\system32\drivers\amdkmafd.sys
11:38:10.0362 0x1318  amdkmafd - ok
11:38:10.0653 0x1318  [ 342156AF1FED5ED3A5D3FBB3D87F48E8, 119C85492EDCA82731E23A261DE39A72783713B01B89D8FA2F47400EB03C7C57 ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
11:38:11.0015 0x1318  amdkmdag - ok
11:38:11.0057 0x1318  [ 9DCA2AFEABF1D109FB2C229491C9F293, F020F4FDD29897C656287A2D01D51B4AE45AA604E4291BCE05FB7D994242EC04 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
11:38:11.0087 0x1318  amdkmdap - ok
11:38:11.0094 0x1318  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
11:38:11.0109 0x1318  AmdPPM - ok
11:38:11.0115 0x1318  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata        C:\WINDOWS\system32\drivers\amdsata.sys
11:38:11.0130 0x1318  amdsata - ok
11:38:11.0139 0x1318  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
11:38:11.0159 0x1318  amdsbs - ok
11:38:11.0164 0x1318  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata        C:\WINDOWS\system32\drivers\amdxata.sys
11:38:11.0176 0x1318  amdxata - ok
11:38:11.0194 0x1318  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirSchedulerService D:\Avira\Avira\AntiVir Desktop

\sched.exe
11:38:11.0215 0x1318  AntiVirSchedulerService - ok
11:38:11.0227 0x1318  [ FCFCD84A3F84375CF2EADA10650C3289, A5AC6E167C60451B2EC9561FA83C9DA5ADDF4152E1AD01A38C80D00B3118EE9A ] AntiVirService  D:\Avira\Avira\AntiVir Desktop\avguard.exe
11:38:11.0245 0x1318  AntiVirService - ok
11:38:11.0267 0x1318  [ B0BC20ADD485E48DDFC613941CBBCFD0, FCC89EA77B327D5715C3A5816522F78FD4002CC2DAFB30CB075D9C501C5181EE ] AntiVirWebService D:\Avira\Avira\AntiVir Desktop

\avwebg7.exe
11:38:11.0303 0x1318  AntiVirWebService - ok
11:38:11.0309 0x1318  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
11:38:11.0319 0x1318  AODDriver4.3 - ok
11:38:11.0324 0x1318  [ C65A3C67630A67A97AD26C21173BA61E, 9C66AF6FC15FEA0B0352540C037AD87B4113CE401C10B6A35DE98901E74152DC ] Apowersoft_AudioDevice C:\WINDOWS\system32\drivers

\Apowersoft_AudioDevice.sys
11:38:11.0334 0x1318  Apowersoft_AudioDevice - ok
11:38:11.0340 0x1318  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID          C:\WINDOWS\system32\drivers\appid.sys
11:38:11.0356 0x1318  AppID - ok
11:38:11.0362 0x1318  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
11:38:11.0376 0x1318  AppIDSvc - ok
11:38:11.0383 0x1318  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo        C:\WINDOWS\System32\appinfo.dll
11:38:11.0394 0x1318  Appinfo - ok
11:38:11.0402 0x1318  [ 8176FBA685178FB0F52D46693474FA50, 69FE3692C7FE24289A479ADD74F2C782B59A099B7B07FE5ACFC4DA899E40BFDE ] AppMgmt        C:\WINDOWS\System32\appmgmts.dll
11:38:11.0419 0x1318  AppMgmt - ok
11:38:11.0433 0x1318  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
11:38:11.0461 0x1318  AppReadiness - ok
11:38:11.0490 0x1318  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc        C:\WINDOWS

\system32\appxdeploymentserver.dll
11:38:11.0525 0x1318  AppXSvc - ok
11:38:11.0534 0x1318  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
11:38:11.0550 0x1318  arcsas - ok
11:38:11.0562 0x1318  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi          C:\WINDOWS\system32\drivers\atapi.sys
11:38:11.0573 0x1318  atapi - ok
11:38:11.0583 0x1318  [ 517334A411CD079EE9AEF4C2167875A5, 7C6A450BADCA211D553102ABDC06E1F367FBFC359711AF1DC88027B34502B484 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdWB6.sys
11:38:11.0602 0x1318  AtiHDAudioService - ok
11:38:11.0610 0x1318  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS

\System32\AudioEndpointBuilder.dll
11:38:11.0624 0x1318  AudioEndpointBuilder - ok
11:38:11.0644 0x1318  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
11:38:11.0669 0x1318  Audiosrv - ok
11:38:11.0677 0x1318  [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt        C:\WINDOWS\system32\DRIVERS\avgntflt.sys
11:38:11.0689 0x1318  avgntflt - ok
11:38:11.0696 0x1318  [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb          C:\WINDOWS\system32\DRIVERS\avipbb.sys
11:38:11.0709 0x1318  avipbb - ok
11:38:11.0716 0x1318  [ 05ABC09DC0DFA5DF79A0BB39F60636B7, FEDE900D991F1FB40BA0A44E05181A6A506DC8B5F365E78E523CB6DF2CDACC15 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira

\Avira.OE.ServiceHost.exe
11:38:11.0729 0x1318  Avira.OE.ServiceHost - ok
11:38:11.0734 0x1318  [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr          C:\WINDOWS\system32\DRIVERS\avkmgr.sys
11:38:11.0744 0x1318  avkmgr - ok
11:38:11.0749 0x1318  [ CFF660F4E0F66724E3B0D921C1A1A880, E029CEB398511489E541FC89673FE9A0C2245577A745CE911BB360A5D772CB86 ] avnetflt        C:\WINDOWS\system32\DRIVERS\avnetflt.sys
11:38:11.0760 0x1318  avnetflt - ok
11:38:11.0766 0x1318  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
11:38:11.0782 0x1318  AxInstSV - ok
11:38:11.0796 0x1318  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv        C:\WINDOWS\system32\drivers\bxvbda.sys
11:38:11.0824 0x1318  b06bdrv - ok
11:38:11.0830 0x1318  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers

\BasicDisplay.sys
11:38:11.0843 0x1318  BasicDisplay - ok
11:38:11.0848 0x1318  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender    C:\WINDOWS\System32\drivers\BasicRender.sys
11:38:11.0861 0x1318  BasicRender - ok
11:38:11.0867 0x1318  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
11:38:11.0876 0x1318  bcmfn2 - ok
11:38:11.0886 0x1318  [ E07C80468D0C599BFF01D9D4EC7AEDC3, F675F455924DEC3FF69AD816DFEB6E74C804AEC3D3BFF7515953DB9D79C9B2D0 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
11:38:11.0907 0x1318  BDESVC - ok
11:38:11.0912 0x1318  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
11:38:11.0924 0x1318  Beep - ok
11:38:11.0943 0x1318  [ 20FB137ADDE1255F15F265A7BD9579BE, 87B4D5C91EFEAD987AAC3491A4360F82824C46AFF958B6F4CAED7C12224EF159 ] BFE            C:\WINDOWS\System32\bfe.dll
11:38:11.0968 0x1318  BFE - ok
11:38:11.0995 0x1318  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
11:38:12.0032 0x1318  BITS - ok
11:38:12.0039 0x1318  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
11:38:12.0054 0x1318  bowser - ok
11:38:12.0064 0x1318  [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
11:38:12.0078 0x1318  BrokerInfrastructure - ok
11:38:12.0085 0x1318  [ 041A999E4FF9A7CDBE67357751881FB8, 356C52637EA715D6FA2B65BD311C9BF1635A582023434902EC2DE4A2448961F8 ] Browser        C:\WINDOWS\System32\browser.dll
11:38:12.0097 0x1318  Browser - ok
11:38:12.0102 0x1318  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
11:38:12.0116 0x1318  BthAvrcpTg - ok
11:38:12.0121 0x1318  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum      C:\WINDOWS\System32\drivers\bthhfenum.sys
11:38:12.0137 0x1318  BthHFEnum - ok
11:38:12.0143 0x1318  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
11:38:12.0157 0x1318  bthhfhid - ok
11:38:12.0163 0x1318  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
11:38:12.0178 0x1318  BTHMODEM - ok
11:38:12.0187 0x1318  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv        C:\WINDOWS\system32\bthserv.dll
11:38:12.0203 0x1318  bthserv - ok
11:38:12.0209 0x1318  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
11:38:12.0225 0x1318  cdfs - ok
11:38:12.0234 0x1318  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom          C:\WINDOWS\System32\drivers\cdrom.sys
11:38:12.0252 0x1318  cdrom - ok
11:38:12.0260 0x1318  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc    C:\WINDOWS\System32\certprop.dll
11:38:12.0283 0x1318  CertPropSvc - ok
11:38:12.0289 0x1318  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
11:38:12.0304 0x1318  circlass - ok
11:38:12.0308 0x1318  [ B794DCF38C965FA2F93C45A7C3D582C5, 0E483EAF835B85AA4B6F449F9BB68AF0A3EE4192D29CD72F4B812F1E4D9E9A7C ] cleanhlp        D:\EmisoftEmergencyKit\bin\cleanhlp64.sys
11:38:12.0320 0x1318  cleanhlp - ok
11:38:12.0332 0x1318  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
11:38:12.0356 0x1318  CLFS - ok
11:38:12.0368 0x1318  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
11:38:12.0381 0x1318  CmBatt - ok
11:38:12.0397 0x1318  [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG            C:\WINDOWS\system32\Drivers\cng.sys
11:38:12.0430 0x1318  CNG - ok
11:38:12.0438 0x1318  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers

\CompositeBus.sys
11:38:12.0452 0x1318  CompositeBus - ok
11:38:12.0457 0x1318  COMSysApp - ok
11:38:12.0462 0x1318  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
11:38:12.0477 0x1318  condrv - ok
11:38:12.0486 0x1318  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
11:38:12.0505 0x1318  CryptSvc - ok
11:38:12.0521 0x1318  [ EE2F3C0D6ADBC975D6B621EC15ACF4E2, D158C0FACA6344BCD77616EC3D23212F9FD76D7D0C834ACA51998B80162106D5 ] CSC            C:\WINDOWS\system32\drivers\csc.sys
11:38:12.0549 0x1318  CSC - ok
11:38:12.0570 0x1318  [ 936D9E2871CEEFF6A33695D98374367B, C30D42E870F196C4FA20AF95C7B9D9C9C5414D6DDE71268F88C3FC5BF372E61B ] CscService      C:\WINDOWS\System32\cscsvc.dll
11:38:12.0597 0x1318  CscService - ok
11:38:12.0604 0x1318  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam            C:\WINDOWS\system32\drivers\dam.sys
11:38:12.0618 0x1318  dam - ok
11:38:12.0640 0x1318  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
11:38:12.0668 0x1318  DcomLaunch - ok
11:38:12.0683 0x1318  [ D249C3A58A4FCF755EF4C94F7047E015, 68C044CE2DB93FB502F85F6E081EA164F6E6DCBA6B3EE2A5CBDA122065E522F8 ] defragsvc      C:\WINDOWS\System32\defragsvc.dll
11:38:12.0707 0x1318  defragsvc - ok
11:38:12.0720 0x1318  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
11:38:12.0738 0x1318  DeviceAssociationService - ok
11:38:12.0745 0x1318  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall  C:\WINDOWS\system32\umpnpmgr.dll
11:38:12.0765 0x1318  DeviceInstall - ok
11:38:12.0774 0x1318  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
11:38:12.0790 0x1318  Dfsc - ok
11:38:12.0801 0x1318  [ 05DE04005CE0D84D0E6AD21CAEB369C6, E6704A2A685BCFD560796D7C328F8E53DF0793DBDA590598A492D9070D109298 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
11:38:12.0823 0x1318  Dhcp - ok
11:38:12.0830 0x1318  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
11:38:12.0846 0x1318  disk - ok
11:38:12.0851 0x1318  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc          C:\WINDOWS\System32\drivers\dmvsc.sys
11:38:12.0863 0x1318  dmvsc - ok
11:38:12.0873 0x1318  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
11:38:12.0891 0x1318  Dnscache - ok
11:38:12.0900 0x1318  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc        C:\WINDOWS\System32\dot3svc.dll
11:38:12.0923 0x1318  dot3svc - ok
11:38:12.0931 0x1318  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS            C:\WINDOWS\system32\dps.dll
11:38:12.0955 0x1318  DPS - ok
11:38:12.0960 0x1318  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud        C:\WINDOWS\system32\drivers\drmkaud.sys
11:38:12.0971 0x1318  drmkaud - ok
11:38:12.0979 0x1318  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
11:38:13.0000 0x1318  DsmSvc - ok
11:38:13.0034 0x1318  [ 313DCE665B57000B18CB26C6B6A10DFE, 6C332D4AD13A316C192321AB7E7597E66AF8E1688101FFD851E06C52128DBA52 ] DXGKrnl        C:\WINDOWS\System32\drivers\dxgkrnl.sys
11:38:13.0091 0x1318  DXGKrnl - ok
11:38:13.0100 0x1318  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost        C:\WINDOWS\System32\eapsvc.dll
11:38:13.0120 0x1318  Eaphost - ok
11:38:13.0192 0x1318  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv          C:\WINDOWS\system32\drivers\evbda.sys
11:38:13.0299 0x1318  ebdrv - ok
11:38:13.0311 0x1318  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS            C:\WINDOWS\System32\lsass.exe
11:38:13.0326 0x1318  EFS - ok
11:38:13.0332 0x1318  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass    C:\WINDOWS\system32\drivers\EhStorClass.sys
11:38:13.0348 0x1318  EhStorClass - ok
11:38:13.0356 0x1318  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers

\EhStorTcgDrv.sys
11:38:13.0375 0x1318  EhStorTcgDrv - ok
11:38:13.0379 0x1318  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
11:38:13.0392 0x1318  ErrDev - ok
11:38:13.0408 0x1318  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem    C:\WINDOWS\system32\es.dll
11:38:13.0429 0x1318  EventSystem - ok
11:38:13.0438 0x1318  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat          C:\WINDOWS\system32\drivers\exfat.sys
11:38:13.0462 0x1318  exfat - ok
11:38:13.0470 0x1318  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat        C:\WINDOWS\system32\drivers\fastfat.sys
11:38:13.0492 0x1318  fastfat - ok
11:38:13.0509 0x1318  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax            C:\WINDOWS\system32\fxssvc.exe
11:38:13.0540 0x1318  Fax - ok
11:38:13.0547 0x1318  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc            C:\WINDOWS\System32\drivers\fdc.sys
11:38:13.0561 0x1318  fdc - ok
11:38:13.0566 0x1318  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost        C:\WINDOWS\system32\fdPHost.dll
11:38:13.0585 0x1318  fdPHost - ok
11:38:13.0590 0x1318  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
11:38:13.0609 0x1318  FDResPub - ok
11:38:13.0615 0x1318  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc          C:\WINDOWS\system32\fhsvc.dll
11:38:13.0632 0x1318  fhsvc - ok
11:38:13.0638 0x1318  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
11:38:13.0653 0x1318  FileInfo - ok
11:38:13.0658 0x1318  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace      C:\WINDOWS\system32\drivers\filetrace.sys
11:38:13.0677 0x1318  Filetrace - ok
11:38:13.0683 0x1318  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
11:38:13.0696 0x1318  flpydisk - ok
11:38:13.0708 0x1318  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
11:38:13.0733 0x1318  FltMgr - ok
11:38:13.0741 0x1318  [ C06AF3D1E7CA6868A6A3064CE6907C4A, A1A357CF99291E1611A4380BF8866B5B594637C186B5FD1EFDF052D4EB69FAB9 ] fltsrv          C:\WINDOWS\system32\DRIVERS\fltsrv.sys
11:38:13.0754 0x1318  fltsrv - ok
11:38:13.0784 0x1318  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache      C:\WINDOWS\system32\FntCache.dll
11:38:13.0823 0x1318  FontCache - ok
11:38:13.0831 0x1318  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net

\Framework64\v3.0\WPF\PresentationFontCache.exe
11:38:13.0862 0x1318  FontCache3.0.0.0 - ok
11:38:13.0868 0x1318  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends      C:\WINDOWS\system32\drivers\FsDepends.sys
11:38:13.0881 0x1318  FsDepends - ok
11:38:13.0886 0x1318  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
11:38:13.0898 0x1318  Fs_Rec - ok
11:38:13.0915 0x1318  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
11:38:13.0946 0x1318  fvevol - ok
11:38:13.0953 0x1318  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM          C:\WINDOWS\System32\drivers\fxppm.sys
11:38:13.0966 0x1318  FxPPM - ok
11:38:13.0972 0x1318  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
11:38:13.0987 0x1318  gagp30kx - ok
11:38:13.0991 0x1318  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers

\vmgencounter.sys
11:38:14.0003 0x1318  gencounter - ok
11:38:14.0010 0x1318  [ 8DF1254093B5C354CE725EB6B9B0DE19, DE6C5661CC076DA44B8A5D044FDB7280EDCF38D322A98C14FDC82E25586B3014 ] GPIOClx0101    C:\WINDOWS\system32\Drivers\msgpioclx.sys
11:38:14.0028 0x1318  GPIOClx0101 - ok
11:38:14.0058 0x1318  [ 69DB09F0263C637DA8568D404842466A, D042194266978AAD31E04DAF7018CD50754077212DC74A4D8AFF6BFEE80CDD20 ] gpsvc          C:\WINDOWS\System32\gpsvc.dll
11:38:14.0097 0x1318  gpsvc - ok
11:38:14.0105 0x1318  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate        C:\Program Files (x86)\Google\Update

\GoogleUpdate.exe
11:38:14.0120 0x1318  gupdate - ok
11:38:14.0125 0x1318  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update

\GoogleUpdate.exe
11:38:14.0133 0x1318  gupdatem - ok
11:38:14.0148 0x1318  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
11:38:14.0173 0x1318  HdAudAddService - ok
11:38:14.0180 0x1318  [ D4B7ED39C7900384D9E5C1283F1E7926, F93F98858067B40F1C071EAD0F8E85442A78B95342BC692AF4D726540634923F ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
11:38:14.0196 0x1318  HDAudBus - ok
11:38:14.0201 0x1318  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt        C:\WINDOWS\System32\drivers\HidBatt.sys
11:38:14.0214 0x1318  HidBatt - ok
11:38:14.0221 0x1318  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
11:38:14.0237 0x1318  HidBth - ok
11:38:14.0243 0x1318  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
11:38:14.0258 0x1318  hidi2c - ok
11:38:14.0264 0x1318  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr          C:\WINDOWS\System32\drivers\hidir.sys
11:38:14.0280 0x1318  HidIr - ok
11:38:14.0285 0x1318  [ 46BBE8EA221461A65F18A078528F4B2C, C0B0D35E2A6C750E5505156694F41F987AB548449F6C9DB1EEEAF12E5F146AD7 ] hidkmdf        C:\WINDOWS\System32\drivers\hidkmdf.sys
11:38:14.0293 0x1318  hidkmdf - ok
11:38:14.0297 0x1318  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv        C:\WINDOWS\system32\hidserv.dll
11:38:14.0312 0x1318  hidserv - ok
11:38:14.0316 0x1318  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
11:38:14.0330 0x1318  HidUsb - ok
11:38:14.0335 0x1318  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
11:38:14.0353 0x1318  hkmsvc - ok
11:38:14.0362 0x1318  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
11:38:14.0381 0x1318  HomeGroupListener - ok
11:38:14.0393 0x1318  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
11:38:14.0417 0x1318  HomeGroupProvider - ok
11:38:14.0423 0x1318  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
11:38:14.0437 0x1318  HpSAMD - ok
11:38:14.0459 0x1318  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
11:38:14.0501 0x1318  HTTP - ok
11:38:14.0507 0x1318  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
11:38:14.0518 0x1318  hwpolicy - ok
11:38:14.0522 0x1318  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
11:38:14.0534 0x1318  hyperkbd - ok
11:38:14.0538 0x1318  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
11:38:14.0550 0x1318  HyperVideo - ok
11:38:14.0557 0x1318  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
11:38:14.0573 0x1318  i8042prt - ok
11:38:14.0577 0x1318  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers

\iaLPSSi_GPIO.sys
11:38:14.0588 0x1318  iaLPSSi_GPIO - ok
11:38:14.0594 0x1318  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C    C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
11:38:14.0607 0x1318  iaLPSSi_I2C - ok
11:38:14.0623 0x1318  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
11:38:14.0649 0x1318  iaStorAV - ok
11:38:14.0662 0x1318  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV        C:\WINDOWS\system32\drivers\iaStorV.sys
11:38:14.0685 0x1318  iaStorV - ok
11:38:14.0689 0x1318  IEEtwCollectorService - ok
11:38:14.0715 0x1318  [ DEA76F90F9777E3427D70E380222B23B, B917BA423896A12E45623E3D494CA03317A6FC612CA433C62C897524DC3E756B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
11:38:14.0755 0x1318  IKEEXT - ok
11:38:14.0841 0x1318  [ 8524178B895E4BC04776B319DA3A70EC, A635EADF6E8BD985B730F2737E8DA36AC71E8FEB759787ECB24D955176622AD2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers

\RTKVHD64.sys
11:38:14.0942 0x1318  IntcAzAudAddService - ok
11:38:14.0953 0x1318  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
11:38:14.0964 0x1318  intelide - ok
11:38:14.0969 0x1318  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
11:38:14.0981 0x1318  intelpep - ok
11:38:14.0988 0x1318  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
11:38:15.0004 0x1318  intelppm - ok
11:38:15.0010 0x1318  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
11:38:15.0026 0x1318  IpFilterDriver - ok
11:38:15.0048 0x1318  [ 1670A274ED1A815311BA33CD27B0D0E8, 28378D3908DCFA2C0E8FCF83E5AFEF643C89BBB285FA0F1692FE576AEA2F4E45 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
11:38:15.0077 0x1318  iphlpsvc - ok
11:38:15.0084 0x1318  [ 9C096BF5E10CA8BFA56F32522A89FAF1, 6C1151160799338DA351C7237AB049926C6C15F24F5E154BBF5929B4A96C0B8D ] IPMIDRV        C:\WINDOWS\System32\drivers\IPMIDrv.sys
11:38:15.0099 0x1318  IPMIDRV - ok
11:38:15.0107 0x1318  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT          C:\WINDOWS\system32\drivers\ipnat.sys
11:38:15.0123 0x1318  IPNAT - ok
11:38:15.0128 0x1318  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
11:38:15.0142 0x1318  IRENUM - ok
11:38:15.0147 0x1318  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
11:38:15.0159 0x1318  isapnp - ok
11:38:15.0170 0x1318  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
11:38:15.0193 0x1318  iScsiPrt - ok
11:38:15.0199 0x1318  [ FDA8DF17AB481E5E0D98230BF9988F17, D2F74A6B86231F3FF636968FEEB2202E739C82ACD55BFD6AD2916B4ABB1D140D ] jnprTdi_731_26369 C:\Windows\system32\Drivers

\jnprTdi_731_26369.sys
11:38:15.0211 0x1318  jnprTdi_731_26369 - ok
11:38:15.0216 0x1318  [ 43389A5F75966CB4715253F1B3EAD392, 68C61701DAC97EB21AFDD9457A71417C474F9EE0B0CEE6859B694266E601803C ] JnprVaMgr      C:\WINDOWS\system32\DRIVERS\jnprvamgr.sys
11:38:15.0226 0x1318  JnprVaMgr - ok
11:38:15.0233 0x1318  [ 31208EC624250CE2FFC04C55A2F8C68D, 2BB2373DDA49EEF3F4D7F4F5F344FDC819BA4FDB5CFB9F64D6DF1FF0A031D48B ] JuniperAccessService C:\Program Files (x86)\Common Files

\Juniper Networks\JUNS\dsAccessService.exe
11:38:15.0246 0x1318  JuniperAccessService - ok
11:38:15.0252 0x1318  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
11:38:15.0266 0x1318  kbdclass - ok
11:38:15.0271 0x1318  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
11:38:15.0283 0x1318  kbdhid - ok
11:38:15.0288 0x1318  [ DB7A09BC90DF20F44F16F8B0F9ED3491, 2DF5E042284D61368A5801B2557351B2C4B1044AA6F966DF4DDCE7B453D1B9AE ] kbldfltr        C:\WINDOWS\system32\drivers\kbldfltr.sys
11:38:15.0300 0x1318  kbldfltr - ok
11:38:15.0305 0x1318  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic          C:\WINDOWS\system32\DRIVERS\kdnic.sys
11:38:15.0316 0x1318  kdnic - ok
11:38:15.0321 0x1318  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
11:38:15.0330 0x1318  KeyIso - ok
11:38:15.0336 0x1318  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
11:38:15.0351 0x1318  KSecDD - ok
11:38:15.0359 0x1318  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg        C:\WINDOWS\system32\Drivers\ksecpkg.sys
11:38:15.0378 0x1318  KSecPkg - ok
11:38:15.0382 0x1318  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk        C:\WINDOWS\system32\drivers\ksthunk.sys
11:38:15.0396 0x1318  ksthunk - ok
11:38:15.0407 0x1318  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm          C:\WINDOWS\system32\msdtckrm.dll
11:38:15.0429 0x1318  KtmRm - ok
11:38:15.0439 0x1318  [ 793EACA6BAE9F481C2059BCB3743EB4A, 2624905C6B6A1227BD1CAC7D4FE55A5F6543E1278DAB31EC553748472D180D1D ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
11:38:15.0459 0x1318  LanmanServer - ok
11:38:15.0469 0x1318  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
11:38:15.0489 0x1318  LanmanWorkstation - ok
11:38:15.0504 0x1318  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc          C:\WINDOWS

\System32\GeofenceMonitorService.dll
11:38:15.0529 0x1318  lfsvc - ok
11:38:15.0534 0x1318  [ FA529FB35694C24BF98A9EF67C1CD9D0, 7B3C587C38CF13D514140F0A55E58997D6071D1DEFD97E274E3F490660AC6075 ] LGBusEnum      C:\WINDOWS\system32\drivers\LGBusEnum.sys
11:38:15.0543 0x1318  LGBusEnum - ok
11:38:15.0548 0x1318  [ 94AF1384A67B9FCF5651E70BC9D4C526, 9C025F7BBB5BBE9DAF3DEF2F6385CE77C8F413912C4D16930814F6D19B62B367 ] LGSHidFilt      C:\WINDOWS\system32\DRIVERS\LGSHidFilt.Sys
11:38:15.0559 0x1318  LGSHidFilt - ok
11:38:15.0563 0x1318  [ 94B29CE153765E768F004FB3440BE2B0, E74C01CEBDA589CDDE35CBCBAA18700E3742DD3B48A90DB3630992467FFC5024 ] LGVirHid        C:\WINDOWS\system32\drivers\LGVirHid.sys
11:38:15.0571 0x1318  LGVirHid - ok
11:38:15.0576 0x1318  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
11:38:15.0592 0x1318  lltdio - ok
11:38:15.0601 0x1318  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc        C:\WINDOWS\System32\lltdsvc.dll
11:38:15.0624 0x1318  lltdsvc - ok
11:38:15.0629 0x1318  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts        C:\WINDOWS\System32\lmhsvc.dll
11:38:15.0641 0x1318  lmhosts - ok
11:38:15.0649 0x1318  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS        C:\WINDOWS\system32\drivers\lsi_sas.sys
11:38:15.0666 0x1318  LSI_SAS - ok
11:38:15.0672 0x1318  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
11:38:15.0689 0x1318  LSI_SAS2 - ok
11:38:15.0695 0x1318  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
11:38:15.0710 0x1318  LSI_SAS3 - ok
11:38:15.0716 0x1318  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS        C:\WINDOWS\system32\drivers\lsi_sss.sys
11:38:15.0731 0x1318  LSI_SSS - ok
11:38:15.0750 0x1318  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM            C:\WINDOWS\System32\lsm.dll
11:38:15.0777 0x1318  LSM - ok
11:38:15.0786 0x1318  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv          C:\WINDOWS\system32\drivers\luafv.sys
11:38:15.0803 0x1318  luafv - ok
11:38:15.0808 0x1318  [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt          C:\WINDOWS\system32\drivers\MBfilt64.sys
11:38:15.0818 0x1318  MBfilt - ok
11:38:15.0824 0x1318  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas        C:\WINDOWS\system32\drivers\megasas.sys
11:38:15.0838 0x1318  megasas - ok
11:38:15.0855 0x1318  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
11:38:15.0884 0x1318  megasr - ok
11:38:15.0891 0x1318  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS          C:\WINDOWS\system32\mmcss.dll
11:38:15.0907 0x1318  MMCSS - ok
11:38:15.0912 0x1318  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem          C:\WINDOWS\system32\drivers\modem.sys
11:38:15.0928 0x1318  Modem - ok
11:38:15.0936 0x1318  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor        C:\WINDOWS\System32\drivers\monitor.sys
11:38:15.0948 0x1318  monitor - ok
11:38:15.0955 0x1318  [ C030F9E822A057C1A7A9BB4EA3E8877E, 2CCEC87DEB972B6B0196A08D3781002929E9107137FE3A61F1626D3BEE26630A ] MotioninJoyXFilter C:\WINDOWS\System32\drivers\MijXfilt.sys
11:38:15.0984 0x1318  MotioninJoyXFilter - ok
11:38:15.0991 0x1318  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
11:38:16.0006 0x1318  mouclass - ok
11:38:16.0011 0x1318  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
11:38:16.0025 0x1318  mouhid - ok
11:38:16.0032 0x1318  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
11:38:16.0050 0x1318  mountmgr - ok
11:38:16.0056 0x1318  [ 8A7C8F4C713E70D73946833D76B77035, 75D07F56B8F7D50E85F6576427E8DAA3A27384F53AC31753B6213CBD011C1DEF ] MozillaMaintenance C:\Program Files (x86)\Mozilla

Maintenance Service\maintenanceservice.exe
11:38:16.0071 0x1318  MozillaMaintenance - ok
11:38:16.0077 0x1318  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
11:38:16.0095 0x1318  mpsdrv - ok
11:38:16.0116 0x1318  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
11:38:16.0154 0x1318  MpsSvc - ok
11:38:16.0163 0x1318  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
11:38:16.0182 0x1318  MRxDAV - ok
11:38:16.0195 0x1318  [ 7A1A3F213CDB3363D179D5014272025D, 6756F5B7D9FBF6839DB1FF4E94EA45B5499D7DF925E75581C96FBBA4BE131542 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
11:38:16.0212 0x1318  mrxsmb - ok
11:38:16.0223 0x1318  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
11:38:16.0245 0x1318  mrxsmb10 - ok
11:38:16.0254 0x1318  [ C910E5D18958914A66F0E45689D0B40A, AD7C91DD8A60A511E580DD56BACC97F85075A539E7C5D95040A8F870A621DAF4 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
11:38:16.0273 0x1318  mrxsmb20 - ok
11:38:16.0280 0x1318  [ E0927EFA25D473367C3341B9F5969779, B77A162BD3334557623674373D8EC2BE7CC0B359DF06304E467ABFFEE0530271 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
11:38:16.0298 0x1318  MsBridge - ok
11:38:16.0310 0x1318  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC          C:\WINDOWS\System32\msdtc.exe
11:38:16.0336 0x1318  MSDTC - ok
11:38:16.0343 0x1318  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
11:38:16.0356 0x1318  Msfs - ok
11:38:16.0361 0x1318  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32    C:\WINDOWS\System32\drivers\msgpiowin32.sys
11:38:16.0374 0x1318  msgpiowin32 - ok
11:38:16.0378 0x1318  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf      C:\WINDOWS\System32\drivers\mshidkmdf.sys
11:38:16.0389 0x1318  mshidkmdf - ok
11:38:16.0393 0x1318  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf      C:\WINDOWS\System32\drivers\mshidumdf.sys
11:38:16.0404 0x1318  mshidumdf - ok
11:38:16.0409 0x1318  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
11:38:16.0419 0x1318  msisadrv - ok
11:38:16.0426 0x1318  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI        C:\WINDOWS\system32\iscsiexe.dll
11:38:16.0443 0x1318  MSiSCSI - ok
11:38:16.0447 0x1318  msiserver - ok
11:38:16.0453 0x1318  [ D22AE5313F6B7EFDDD8C117B5501F4A3, 1937EEE33BF9C4485F172B10FB17AEF3F3B8978371307F49C3338D74D96A8389 ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
11:38:16.0469 0x1318  MsKeyboardFilter - ok
11:38:16.0473 0x1318  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV        C:\WINDOWS\system32\drivers\MSKSSRV.sys
11:38:16.0485 0x1318  MSKSSRV - ok
11:38:16.0490 0x1318  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
11:38:16.0506 0x1318  MsLldp - ok
11:38:16.0510 0x1318  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
11:38:16.0521 0x1318  MSPCLOCK - ok
11:38:16.0525 0x1318  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM          C:\WINDOWS\system32\drivers\MSPQM.sys
11:38:16.0536 0x1318  MSPQM - ok
11:38:16.0547 0x1318  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC          C:\WINDOWS\system32\drivers\MsRPC.sys
11:38:16.0569 0x1318  MsRPC - ok
11:38:16.0576 0x1318  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
11:38:16.0588 0x1318  mssmbios - ok
11:38:16.0592 0x1318  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE          C:\WINDOWS\system32\drivers\MSTEE.sys
11:38:16.0604 0x1318  MSTEE - ok
11:38:16.0608 0x1318  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
11:38:16.0620 0x1318  MTConfig - ok
11:38:16.0625 0x1318  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup            C:\WINDOWS\system32\Drivers\mup.sys
11:38:16.0639 0x1318  Mup - ok
11:38:16.0644 0x1318  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
11:38:16.0658 0x1318  mvumis - ok
11:38:16.0671 0x1318  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
11:38:16.0693 0x1318  napagent - ok
11:38:16.0706 0x1318  [ 26ACA481FAFEC59FE311D719E3027BBA, 16A24CCA95A38BDFE970580159F6ACAA13FF1B74CF2290B1B020D909F90D3347 ] NativeWifiP    C:\WINDOWS\system32\DRIVERS\nwifi.sys
11:38:16.0730 0x1318  NativeWifiP - ok
11:38:16.0738 0x1318  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
11:38:16.0757 0x1318  NcaSvc - ok
11:38:16.0764 0x1318  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
11:38:16.0781 0x1318  NcbService - ok
11:38:16.0786 0x1318  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
11:38:16.0812 0x1318  NcdAutoSetup - ok
11:38:16.0836 0x1318  [ E4B4BE2D7750849C07589DA0B0AABA01, BB5AA727BA018A94B5DE2C4E0B594DD2E7A2B3457885446EE568F3A1E18AB3B0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
11:38:16.0882 0x1318  NDIS - ok
11:38:16.0888 0x1318  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap        C:\WINDOWS\system32\DRIVERS\ndiscap.sys
11:38:16.0904 0x1318  NdisCap - ok
11:38:16.0910 0x1318  [ B1AA3B19A2E596A59224F893E01A5A75, E08696CA5E087E51AC3E64D4FB8490EEADD612DDF30C9A94DD1BD1BA124B71B7 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS

\NdisImPlatform.sys
11:38:16.0926 0x1318  NdisImPlatform - ok
11:38:16.0930 0x1318  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
11:38:16.0945 0x1318  NdisTapi - ok
11:38:16.0950 0x1318  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio        C:\WINDOWS\system32\DRIVERS\ndisuio.sys
11:38:16.0964 0x1318  Ndisuio - ok
11:38:16.0968 0x1318  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers

\NdisVirtualBus.sys
11:38:16.0982 0x1318  NdisVirtualBus - ok
11:38:16.0990 0x1318  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan        C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:38:17.0011 0x1318  NdisWan - ok
11:38:17.0018 0x1318  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy  C:\WINDOWS\system32\DRIVERS\ndiswan.sys
11:38:17.0033 0x1318  NdisWanLegacy - ok
11:38:17.0039 0x1318  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy        C:\WINDOWS\system32\drivers\NDProxy.sys
11:38:17.0055 0x1318  NDProxy - ok
11:38:17.0061 0x1318  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu            C:\WINDOWS\system32\drivers\Ndu.sys
11:38:17.0079 0x1318  Ndu - ok
11:38:17.0084 0x1318  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS        C:\WINDOWS\system32\DRIVERS\netbios.sys
11:38:17.0099 0x1318  NetBIOS - ok
11:38:17.0109 0x1318  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT          C:\WINDOWS\system32\DRIVERS\netbt.sys
11:38:17.0130 0x1318  NetBT - ok
11:38:17.0135 0x1318  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
11:38:17.0145 0x1318  Netlogon - ok
11:38:17.0154 0x1318  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
11:38:17.0176 0x1318  Netman - ok
11:38:17.0191 0x1318  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
11:38:17.0214 0x1318  netprofm - ok
11:38:17.0223 0x1318  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET

\Framework64\v4.0.30319\SMSvcHost.exe
11:38:17.0239 0x1318  NetTcpPortSharing - ok
11:38:17.0245 0x1318  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
11:38:17.0260 0x1318  netvsc - ok
11:38:17.0272 0x1318  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
11:38:17.0297 0x1318  NlaSvc - ok
11:38:17.0302 0x1318  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
11:38:17.0316 0x1318  Npfs - ok
11:38:17.0322 0x1318  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig      C:\WINDOWS\System32\drivers\npsvctrig.sys
11:38:17.0336 0x1318  npsvctrig - ok
11:38:17.0341 0x1318  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi            C:\WINDOWS\system32\nsisvc.dll
11:38:17.0359 0x1318  nsi - ok
11:38:17.0368 0x1318  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
11:38:17.0382 0x1318  nsiproxy - ok
11:38:17.0425 0x1318  [ 038C77D577900EE39410662478BB0D50, A33AAFD5750245C17A47EC71F3C6EAD2E0925CAD34C65AB3E6CEE44756C668E6 ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
11:38:17.0494 0x1318  Ntfs - ok
11:38:17.0510 0x1318  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
11:38:17.0527 0x1318  Null - ok
11:38:17.0533 0x1318  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
11:38:17.0550 0x1318  nvraid - ok
11:38:17.0557 0x1318  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
11:38:17.0574 0x1318  nvstor - ok
11:38:17.0580 0x1318  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
11:38:17.0597 0x1318  nv_agp - ok
11:38:17.0608 0x1318  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
11:38:17.0630 0x1318  p2pimsvc - ok
11:38:17.0644 0x1318  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
11:38:17.0664 0x1318  p2psvc - ok
11:38:17.0672 0x1318  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport        C:\WINDOWS\System32\drivers\parport.sys
11:38:17.0690 0x1318  Parport - ok
11:38:17.0696 0x1318  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr        C:\WINDOWS\system32\drivers\partmgr.sys
11:38:17.0714 0x1318  partmgr - ok
11:38:17.0728 0x1318  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
11:38:17.0754 0x1318  PcaSvc - ok
11:38:17.0767 0x1318  [ 91ED124E261EA8FAA1C0FFDF2A71B0C4, 20E41A38067395D03184938983A9BE459717A1941352972DBC28D83D542319EC ] pci            C:\WINDOWS\system32\drivers\pci.sys
11:38:17.0790 0x1318  pci - ok
11:38:17.0795 0x1318  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
11:38:17.0806 0x1318  pciide - ok
11:38:17.0814 0x1318  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
11:38:17.0831 0x1318  pcmcia - ok
11:38:17.0836 0x1318  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw            C:\WINDOWS\system32\drivers\pcw.sys
11:38:17.0849 0x1318  pcw - ok
11:38:17.0856 0x1318  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc            C:\WINDOWS\system32\drivers\pdc.sys
11:38:17.0871 0x1318  pdc - ok
11:38:17.0889 0x1318  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
11:38:17.0922 0x1318  PEAUTH - ok
11:38:17.0972 0x1318  [ 084DE525DFE82AE7453DD527390FA110, 8216AE63AE740D97204CDED6543B66FC1FB55DB86D42FBA0EC629361C40F9EC0 ] PeerDistSvc    C:\WINDOWS\system32\peerdistsvc.dll
11:38:18.0040 0x1318  PeerDistSvc - ok
11:38:18.0061 0x1318  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
11:38:18.0075 0x1318  PerfHost - ok
11:38:18.0113 0x1318  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla            C:\WINDOWS\system32\pla.dll
11:38:18.0169 0x1318  pla - ok
11:38:18.0178 0x1318  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
11:38:18.0192 0x1318  PlugPlay - ok
11:38:18.0197 0x1318  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg    C:\WINDOWS\system32\pnrpauto.dll
11:38:18.0213 0x1318  PNRPAutoReg - ok
11:38:18.0226 0x1318  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc        C:\WINDOWS\system32\pnrpsvc.dll
11:38:18.0242 0x1318  PNRPsvc - ok
11:38:18.0255 0x1318  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent    C:\WINDOWS\System32\ipsecsvc.dll
11:38:18.0275 0x1318  PolicyAgent - ok
11:38:18.0283 0x1318  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power          C:\WINDOWS\system32\umpo.dll
11:38:18.0300 0x1318  Power - ok
11:38:18.0366 0x1318  [ C0B3AD50136FE57C2548BD75CAC49DA2, B5661CE7631C5D1B1C50F36EE66AF6DF2E9E69DA1D9BA7C852E74D206F72D8DB ] PrintNotify    C:\WINDOWS\system32\spool\drivers

\x64\3\PrintConfig.dll
11:38:18.0452 0x1318  PrintNotify - ok
11:38:18.0465 0x1318  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor      C:\WINDOWS\System32\drivers\processr.sys
11:38:18.0482 0x1318  Processor - ok
11:38:18.0491 0x1318  [ EF1F8B57323E5D3FC6A0A25F98F90DBC, F50E81151604DCD59BB647FD6767C1631AE48B5FCA6D3423C4E32535C94D6369 ] ProfSvc        C:\WINDOWS\system32\profsvc.dll
11:38:18.0506 0x1318  ProfSvc - ok
11:38:18.0513 0x1318  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
11:38:18.0533 0x1318  Psched - ok
11:38:18.0544 0x1318  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE          C:\WINDOWS\system32\qwave.dll
11:38:18.0570 0x1318  QWAVE - ok
11:38:18.0576 0x1318  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
11:38:18.0593 0x1318  QWAVEdrv - ok
11:38:18.0597 0x1318  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
11:38:18.0612 0x1318  RasAcd - ok
11:38:18.0619 0x1318  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto        C:\WINDOWS\System32\rasauto.dll
11:38:18.0638 0x1318  RasAuto - ok
11:38:18.0653 0x1318  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
11:38:18.0682 0x1318  RasMan - ok
11:38:18.0689 0x1318  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
11:38:18.0707 0x1318  RasPppoe - ok
11:38:18.0719 0x1318  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss          C:\WINDOWS\system32\DRIVERS\rdbss.sys
11:38:18.0745 0x1318  rdbss - ok
11:38:18.0752 0x1318  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
11:38:18.0765 0x1318  rdpbus - ok
11:38:18.0773 0x1318  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR          C:\WINDOWS\system32\drivers\rdpdr.sys
11:38:18.0792 0x1318  RDPDR - ok
11:38:18.0800 0x1318  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers

\rdpvideominiport.sys
11:38:18.0813 0x1318  RdpVideoMiniport - ok
11:38:18.0822 0x1318  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
11:38:18.0845 0x1318  rdyboost - ok
11:38:18.0868 0x1318  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
11:38:18.0909 0x1318  ReFS - ok
11:38:18.0921 0x1318  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
11:38:18.0943 0x1318  RemoteAccess - ok
11:38:18.0951 0x1318  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
11:38:18.0974 0x1318  RemoteRegistry - ok
11:38:18.0980 0x1318  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
11:38:18.0997 0x1318  RpcEptMapper - ok
11:38:19.0002 0x1318  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
11:38:19.0015 0x1318  RpcLocator - ok
11:38:19.0034 0x1318  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs          C:\WINDOWS\system32\rpcss.dll
11:38:19.0061 0x1318  RpcSs - ok
11:38:19.0068 0x1318  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
11:38:19.0086 0x1318  rspndr - ok
11:38:19.0103 0x1318  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168        C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
11:38:19.0130 0x1318  RTL8168 - ok
11:38:19.0136 0x1318  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap          C:\WINDOWS\System32\drivers\vms3cap.sys
11:38:19.0149 0x1318  s3cap - ok
11:38:19.0155 0x1318  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs          C:\WINDOWS\system32\lsass.exe
11:38:19.0165 0x1318  SamSs - ok
11:38:19.0173 0x1318  [ B136E29C89CD7234DEC1A4104E5D30CC, 59B534D928EA77B904380679C701EC56A964E5039F69ED1A7372A95E215A9144 ] Samsung UPD Service2 C:\Windows\System32\SUPDSvc2.exe
11:38:19.0196 0x1318  Samsung UPD Service2 - ok
11:38:19.0204 0x1318  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
11:38:19.0222 0x1318  sbp2port - ok
11:38:19.0230 0x1318  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
11:38:19.0252 0x1318  SCardSvr - ok
11:38:19.0260 0x1318  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
11:38:19.0280 0x1318  ScDeviceEnum - ok
11:38:19.0285 0x1318  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
11:38:19.0302 0x1318  scfilter - ok
11:38:19.0331 0x1318  [ D3AE5DB16EAF913860EC28654CE00E6B, AD76B6044F7247C6E86F6DCB7CFD6B25BCA2B9F09A97A419F043A999E66726A2 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
11:38:19.0371 0x1318  Schedule - ok
11:38:19.0381 0x1318  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc    C:\WINDOWS\System32\certprop.dll
11:38:19.0396 0x1318  SCPolicySvc - ok
11:38:19.0407 0x1318  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus          C:\WINDOWS\System32\drivers\sdbus.sys
11:38:19.0429 0x1318  sdbus - ok
11:38:19.0436 0x1318  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
11:38:19.0473 0x1318  sdstor - ok
11:38:19.0519 0x1318  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
11:38:19.0532 0x1318  secdrv - ok
11:38:19.0540 0x1318  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
11:38:19.0558 0x1318  seclogon - ok
11:38:19.0566 0x1318  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
11:38:19.0586 0x1318  SENS - ok
11:38:19.0594 0x1318  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
11:38:19.0612 0x1318  SensrSvc - ok
11:38:19.0618 0x1318  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx          C:\WINDOWS\system32\drivers\SerCx.sys
11:38:19.0633 0x1318  SerCx - ok
11:38:19.0640 0x1318  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
11:38:19.0656 0x1318  SerCx2 - ok
11:38:19.0661 0x1318  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum        C:\WINDOWS\System32\drivers\serenum.sys
11:38:19.0673 0x1318  Serenum - ok
11:38:19.0680 0x1318  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
11:38:19.0695 0x1318  Serial - ok
11:38:19.0700 0x1318  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
11:38:19.0713 0x1318  sermouse - ok
11:38:19.0728 0x1318  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
11:38:19.0749 0x1318  SessionEnv - ok
11:38:19.0755 0x1318  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy        C:\WINDOWS\System32\drivers\sfloppy.sys
11:38:19.0767 0x1318  sfloppy - ok
11:38:19.0780 0x1318  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
11:38:19.0805 0x1318  SharedAccess - ok
11:38:19.0824 0x1318  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
11:38:19.0858 0x1318  ShellHWDetection - ok
11:38:19.0864 0x1318  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
11:38:19.0876 0x1318  SiSRaid2 - ok
11:38:19.0882 0x1318  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
11:38:19.0895 0x1318  SiSRaid4 - ok
11:38:19.0900 0x1318  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost        C:\WINDOWS\System32\smphost.dll
11:38:19.0912 0x1318  smphost - ok
11:38:19.0924 0x1318  [ E3E56CAF0472163871B922FC7CBC9654, 1D7208519DB904E1B27F8D5214CA219BD52AB8C1AB64F22F8959DC4E8955AD37 ] snapman        C:\WINDOWS\system32\DRIVERS\snapman.sys
11:38:19.0941 0x1318  snapman - ok
11:38:19.0946 0x1318  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
11:38:19.0961 0x1318  SNMPTRAP - ok
11:38:19.0975 0x1318  [ 240C5C3793206725AA05665851E8C214, 96ADFB85EB1623EB00C251C1C6A1F441A1795F0EBFD10B17DD1CA58E3AE8A90D ] spaceport      C:\WINDOWS\system32\drivers\spaceport.sys
11:38:19.0998 0x1318  spaceport - ok
11:38:20.0005 0x1318  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx          C:\WINDOWS\system32\drivers\SpbCx.sys
11:38:20.0019 0x1318  SpbCx - ok
11:38:20.0038 0x1318  [ 42FEA9E0BA9761D9E65A4F167D91515B, 9A34CE83F3ACD50608671BDABE5E475F8E0C8335D3B8B7B3D7E84B2A319FA29F ] Spooler        C:\WINDOWS\System32\spoolsv.exe
11:38:20.0071 0x1318  Spooler - ok
11:38:20.0198 0x1318  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
11:38:20.0383 0x1318  sppsvc - ok
11:38:20.0405 0x1318  [ 6416E79A58A8FCC33A447A4DDDD3BF04, 839E3107ACCD520C309BD6C8324DF7A8EB724EAD442AB1F1CACB0D83F84BE488 ] srv            C:\WINDOWS\system32\DRIVERS\srv.sys
11:38:20.0428 0x1318  srv - ok
11:38:20.0447 0x1318  [ 5BED3AB69797C8786EF70AEA8C33748B, 0474EE6C43D437CBA9848BCF25D1341B122D7E9F371A0FF3C62C83D14B2CB095 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
11:38:20.0476 0x1318  srv2 - ok
11:38:20.0488 0x1318  [ D047CD668E6277FD80F0C613946F034C, BD0209E7FD89F9295D4DE48C9652DF2A2990277C16AFA473B96704B1CBD2F338 ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
11:38:20.0508 0x1318  srvnet - ok
11:38:20.0517 0x1318  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV        C:\WINDOWS\System32\ssdpsrv.dll
11:38:20.0534 0x1318  SSDPSRV - ok
11:38:20.0542 0x1318  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc        C:\WINDOWS\system32\sstpsvc.dll
11:38:20.0562 0x1318  SstpSvc - ok
11:38:20.0583 0x1318  [ 1C4DA19038C500059BDF5BD529B43725, E6E88717648327ACAB346492581F0F595CA89DE68DCBBA9F5F560B0276A3CD19 ] Steam Client Service C:\Program Files (x86)\Common Files

\Steam\SteamService.exe
11:38:20.0618 0x1318  Steam Client Service - ok
11:38:20.0625 0x1318  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
11:38:20.0638 0x1318  stexstor - ok
11:38:20.0655 0x1318  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
11:38:20.0681 0x1318  stisvc - ok
11:38:20.0689 0x1318  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
11:38:20.0699 0x1318  storahci - ok
11:38:20.0705 0x1318  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt        C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
11:38:20.0719 0x1318  storflt - ok
11:38:20.0726 0x1318  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
11:38:20.0740 0x1318  stornvme - ok
11:38:20.0745 0x1318  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc        C:\WINDOWS\system32\storsvc.dll
11:38:20.0760 0x1318  StorSvc - ok
11:38:20.0765 0x1318  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc        C:\WINDOWS\system32\drivers\storvsc.sys
11:38:20.0781 0x1318  storvsc - ok
11:38:20.0787 0x1318  [ 03618F935379614837F915D04C45FC0E, 9CC0CBA7AFC58E7F921C13FA3F5269714F1F827535A311E11EA48689C4D539DE ] storvsp        C:\WINDOWS\System32\drivers\storvsp.sys
11:38:20.0801 0x1318  storvsp - ok
11:38:20.0807 0x1318  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc          C:\WINDOWS\system32\svsvc.dll
11:38:20.0825 0x1318  svsvc - ok
11:38:20.0830 0x1318  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
11:38:20.0841 0x1318  swenum - ok
11:38:20.0860 0x1318  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv          C:\WINDOWS\System32\swprv.dll
11:38:20.0892 0x1318  swprv - ok
11:38:21.0042 0x1318  [ 0A6013B6C86F3A82243CF7D848FED243, A7842027AA74A92DC0B36F994ABF66AE5566503A66936884079278D082DC4287 ] syncagentsrv    C:\Program Files (x86)\Common Files

\Acronis\SyncAgent\syncagentsrv.exe
11:38:21.0211 0x1318  syncagentsrv - ok
11:38:21.0252 0x1318  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain        C:\WINDOWS\system32\sysmain.dll
11:38:21.0290 0x1318  SysMain - ok
11:38:21.0303 0x1318  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS

\System32\SystemEventsBrokerServer.dll
11:38:21.0324 0x1318  SystemEventsBroker - ok
11:38:21.0332 0x1318  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
11:38:21.0345 0x1318  TabletInputService - ok
11:38:21.0358 0x1318  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv        C:\WINDOWS\System32\tapisrv.dll
11:38:21.0382 0x1318  TapiSrv - ok
11:38:21.0439 0x1318  [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] Tcpip          C:\WINDOWS\system32\drivers\tcpip.sys
11:38:21.0523 0x1318  Tcpip - ok
11:38:21.0581 0x1318  [ FEBAA7D782E30882FFF1CBCBBE8AD467, B54333F52CF901CADB3B71334BFAFA63C508A0F7EA7E700C5578FC20D780403E ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
11:38:21.0652 0x1318  TCPIP6 - ok
11:38:21.0664 0x1318  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
11:38:21.0679 0x1318  tcpipreg - ok
11:38:21.0718 0x1318  [ AC28A6FCA485821499FF018695CEDE16, 8BA6086EB1831FDEDB9E195EA7D5F2FE2B0944E4E0B0CDB41CD06971F7DAC805 ] tdrpman        C:\WINDOWS\system32\DRIVERS\tdrpman.sys
11:38:21.0764 0x1318  tdrpman - ok
11:38:21.0774 0x1318  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx            C:\WINDOWS\system32\DRIVERS\tdx.sys
11:38:21.0791 0x1318  tdx - ok
11:38:21.0796 0x1318  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
11:38:21.0811 0x1318  terminpt - ok
11:38:21.0838 0x1318  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService    C:\WINDOWS\System32\termsrv.dll
11:38:21.0878 0x1318  TermService - ok
11:38:21.0885 0x1318  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
11:38:21.0908 0x1318  Themes - ok
11:38:21.0914 0x1318  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER    C:\WINDOWS\system32\mmcss.dll
11:38:21.0925 0x1318  THREADORDER - ok
11:38:21.0951 0x1318  [ DE604462206F7D8C203F767F425FCA8D, 149FBF6367C45415B939A9B1A7A10DA7A5E19F28CE533BCBE2B20DA4B78F8645 ] tib            C:\WINDOWS\system32\DRIVERS\tib.sys
11:38:21.0988 0x1318  tib - ok
11:38:21.0999 0x1318  [ 8C750FE6DE38AF13506B99EC2F519F79, 232D18416E9DE3A676C625280CF172ED180B5AF98C69E5B24CC780D480549E35 ] tib_mounter    C:\WINDOWS\system32\DRIVERS\tib_mounter.sys
11:38:22.0016 0x1318  tib_mounter - ok
11:38:22.0026 0x1318  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
11:38:22.0052 0x1318  TimeBroker - ok
11:38:22.0061 0x1318  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM            C:\WINDOWS\system32\drivers\tpm.sys
11:38:22.0080 0x1318  TPM - ok
11:38:22.0087 0x1318  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
11:38:22.0104 0x1318  TrkWks - ok
11:38:22.0109 0x1318  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
11:38:22.0125 0x1318  TrustedInstaller - ok
11:38:22.0132 0x1318  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
11:38:22.0147 0x1318  TsUsbFlt - ok
11:38:22.0152 0x1318  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD        C:\WINDOWS\System32\drivers\TsUsbGD.sys
11:38:22.0165 0x1318  TsUsbGD - ok
11:38:22.0173 0x1318  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
11:38:22.0194 0x1318  tunnel - ok
11:38:22.0200 0x1318  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
11:38:22.0215 0x1318  uagp35 - ok
11:38:22.0222 0x1318  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
11:38:22.0238 0x1318  UASPStor - ok
11:38:22.0247 0x1318  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
11:38:22.0266 0x1318  UCX01000 - ok
11:38:22.0276 0x1318  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
11:38:22.0301 0x1318  udfs - ok
11:38:22.0333 0x1318  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
11:38:22.0360 0x1318  UEFI - ok
11:38:22.0369 0x1318  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect      C:\WINDOWS\system32\UI0Detect.exe
11:38:22.0387 0x1318  UI0Detect - ok
11:38:22.0392 0x1318  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
11:38:22.0406 0x1318  uliagpkx - ok
11:38:22.0411 0x1318  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus          C:\WINDOWS\System32\drivers\umbus.sys
11:38:22.0425 0x1318  umbus - ok
11:38:22.0430 0x1318  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
11:38:22.0442 0x1318  UmPass - ok
11:38:22.0452 0x1318  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
11:38:22.0473 0x1318  UmRdpService - ok
11:38:22.0487 0x1318  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
11:38:22.0508 0x1318  upnphost - ok
11:38:22.0516 0x1318  [ FF78D053A05E5A394F4E3C1816CC65A8, 5DAE02414271231F5FDBB751AFEB99874779B467947020815D4AE54432D4269D ] usbccgp        C:\WINDOWS\System32\drivers\usbccgp.sys
11:38:22.0535 0x1318  usbccgp - ok
11:38:22.0541 0x1318  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
11:38:22.0559 0x1318  usbcir - ok
11:38:22.0565 0x1318  [ 48BA326A3DBA5B5BEB5F2777F4618696, B9EC8155F11A3A7644BD9DC8910681B46AE44AE3BF53F052DF50E9C5555E3229 ] usbehci        C:\WINDOWS\System32\drivers\usbehci.sys
11:38:22.0581 0x1318  usbehci - ok
11:38:22.0586 0x1318  [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter      C:\WINDOWS\system32\DRIVERS\usbfilter.sys
11:38:22.0596 0x1318  usbfilter - ok
11:38:22.0610 0x1318  [ FEF0BC107812B36849741C3211BA6B60, B3EF738BE1E6B6027F29C9713CD3F367EA067D2BE46580AFBC0FB58046EF6BBD ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
11:38:22.0639 0x1318  usbhub - ok
11:38:22.0655 0x1318  [ 65392F3F3F65E4C6CC82A0F4F8A0B051, C11B662A28D95820717DFFC6B76DBB755E4876009A2342E5E3992DE32D6BFF61 ] USBHUB3        C:\WINDOWS\System32\drivers\UsbHub3.sys
11:38:22.0684 0x1318  USBHUB3 - ok
11:38:22.0691 0x1318  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci        C:\WINDOWS\System32\drivers\usbohci.sys
11:38:22.0703 0x1318  usbohci - ok
11:38:22.0708 0x1318  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
11:38:22.0721 0x1318  usbprint - ok
11:38:22.0730 0x1318  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR        C:\WINDOWS\System32\drivers\USBSTOR.SYS
11:38:22.0747 0x1318  USBSTOR - ok
11:38:22.0753 0x1318  [ 064260B3A5868AC894A4943543BC7AB7, D3534E98B34C4AC9A430D7E0AB301A0E5E1511E3117C2FEA392636B0DE2C38E2 ] usbuhci        C:\WINDOWS\System32\drivers\usbuhci.sys
11:38:22.0765 0x1318  usbuhci - ok
11:38:22.0779 0x1318  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI        C:\WINDOWS\System32\drivers\USBXHCI.SYS
11:38:22.0800 0x1318  USBXHCI - ok
11:38:22.0805 0x1318  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
11:38:22.0815 0x1318  VaultSvc - ok
11:38:22.0820 0x1318  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
11:38:22.0832 0x1318  vdrvroot - ok
11:38:22.0861 0x1318  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds            C:\WINDOWS\System32\vds.exe
11:38:22.0903 0x1318  vds - ok
11:38:22.0912 0x1318  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt    C:\WINDOWS\system32\drivers\VerifierExt.sys
11:38:22.0930 0x1318  VerifierExt - ok
11:38:22.0948 0x1318  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp          C:\WINDOWS\System32\drivers\vhdmp.sys
11:38:22.0980 0x1318  vhdmp - ok
11:38:22.0985 0x1318  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
11:38:22.0998 0x1318  viaide - ok
11:38:23.0006 0x1318  [ 3CE922E34DB12D9F3C0EA856BC09687C, E50A1885FBC775E49614989ECFEA4ACBBDDA16AF459CC5361EED9E23CC7CD42C ] Vid            C:\WINDOWS\System32\drivers\Vid.sys
11:38:23.0025 0x1318  Vid - ok
11:38:23.0031 0x1318  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus          C:\WINDOWS\system32\drivers\vmbus.sys
11:38:23.0046 0x1318  vmbus - ok
11:38:23.0051 0x1318  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
11:38:23.0062 0x1318  VMBusHID - ok
11:38:23.0069 0x1318  [ 68F8C26DEA2D42E8DEC0778943433C80, 81E8F9D62815F94952CEEABD0689473CC330F7890F66872DCD35A43C06ED33CD ] vmbusr          C:\WINDOWS\System32\drivers\vmbusr.sys
11:38:23.0085 0x1318  vmbusr - ok
11:38:23.0099 0x1318  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
11:38:23.0125 0x1318  vmicguestinterface - ok
11:38:23.0138 0x1318  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat  C:\WINDOWS\System32\ICSvc.dll
11:38:23.0158 0x1318  vmicheartbeat - ok
11:38:23.0171 0x1318  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
11:38:23.0190 0x1318  vmickvpexchange - ok
11:38:23.0205 0x1318  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv        C:\WINDOWS\System32\ICSvc.dll
11:38:23.0224 0x1318  vmicrdv - ok
11:38:23.0237 0x1318  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
11:38:23.0258 0x1318  vmicshutdown - ok
11:38:23.0271 0x1318  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
11:38:23.0291 0x1318  vmictimesync - ok
11:38:23.0305 0x1318  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss        C:\WINDOWS\System32\ICSvc.dll
11:38:23.0323 0x1318  vmicvss - ok
11:38:23.0330 0x1318  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
11:38:23.0344 0x1318  volmgr - ok
11:38:23.0356 0x1318  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx        C:\WINDOWS\system32\drivers\volmgrx.sys
11:38:23.0379 0x1318  volmgrx - ok
11:38:23.0392 0x1318  [ 64CA2B4A49A8EAF495E435623ECCE7DB, 81151F295A54DE2B8B88C7F48C86BF58CDFF96F98493509C06D6F41484594386 ] volsnap        C:\WINDOWS\system32\drivers\volsnap.sys
11:38:23.0415 0x1318  volsnap - ok
11:38:23.0420 0x1318  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
11:38:23.0435 0x1318  vpci - ok
11:38:23.0440 0x1318  [ ADBE96C33D1A5BB1BBAF90B4BC84F523, 6E9C9ED3D51E4B6E494D42ECA6F824AD86D676C12C39BBE6B8BD96366BCB02DA ] vpcivsp        C:\WINDOWS\System32\drivers\vpcivsp.sys
11:38:23.0454 0x1318  vpcivsp - ok
11:38:23.0461 0x1318  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid        C:\WINDOWS\system32\drivers\vsmraid.sys
11:38:23.0478 0x1318  vsmraid - ok
11:38:23.0508 0x1318  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS            C:\WINDOWS\system32\vssvc.exe
11:38:23.0554 0x1318  VSS - ok
11:38:23.0567 0x1318  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
11:38:23.0590 0x1318  VSTXRAID - ok
11:38:23.0595 0x1318  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
11:38:23.0608 0x1318  vwifibus - ok
11:38:23.0620 0x1318  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time        C:\WINDOWS\system32\w32time.dll
11:38:23.0640 0x1318  W32Time - ok
11:38:23.0646 0x1318  [ FDA15A0510F84FA46452B74529147A15, DAF92C2B733311B767895175E27B671C80DC028EEB477C28E0209C6467E072D1 ] WacHidRouter    C:\WINDOWS\System32\drivers

\wachidrouter.sys
11:38:23.0657 0x1318  WacHidRouter - ok
11:38:23.0661 0x1318  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
11:38:23.0674 0x1318  WacomPen - ok
11:38:23.0678 0x1318  [ EABFDBDC9BEDD325F260A3A9FEE5B3F9, 496AD989DA6F500140FCDB88C65CECD4F306D3FBDAACE1D42C5312C1E321B9D1 ] wacomrouterfilter C:\WINDOWS\System32\drivers

\wacomrouterfilter.sys
11:38:23.0687 0x1318  wacomrouterfilter - ok
11:38:23.0720 0x1318  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
11:38:23.0768 0x1318  wbengine - ok
11:38:23.0784 0x1318  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
11:38:23.0808 0x1318  WbioSrvc - ok
11:38:23.0819 0x1318  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
11:38:23.0842 0x1318  Wcmsvc - ok
11:38:23.0855 0x1318  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc        C:\WINDOWS\System32\wcncsvc.dll
11:38:23.0879 0x1318  wcncsvc - ok
11:38:23.0885 0x1318  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
11:38:23.0899 0x1318  WcsPlugInService - ok
11:38:23.0904 0x1318  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
11:38:23.0917 0x1318  WdBoot - ok
11:38:23.0938 0x1318  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
11:38:23.0971 0x1318  Wdf01000 - ok
11:38:23.0981 0x1318  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
11:38:24.0001 0x1318  WdFilter - ok
11:38:24.0007 0x1318  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
11:38:24.0023 0x1318  WdiServiceHost - ok
11:38:24.0028 0x1318  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost  C:\WINDOWS\system32\wdi.dll
11:38:24.0043 0x1318  WdiSystemHost - ok
11:38:24.0051 0x1318  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
11:38:24.0067 0x1318  WdNisDrv - ok
11:38:24.0070 0x1318  WdNisSvc - ok
11:38:24.0079 0x1318  [ 91B18D7A1702ED589E67C6C81052B955, 5D1DA8B86106A28E50BBCCB36527CC130D41201F5BE1D3DC5F1D6F7ECCF807BA ] WebClient      C:\WINDOWS\System32\webclnt.dll
11:38:24.0098 0x1318  WebClient - ok
11:38:24.0106 0x1318  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
11:38:24.0127 0x1318  Wecsvc - ok
11:38:24.0132 0x1318  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
11:38:24.0174 0x1318  WEPHOSTSVC - ok
11:38:24.0179 0x1318  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport  C:\WINDOWS\System32\wercplsupport.dll
11:38:24.0193 0x1318  wercplsupport - ok
11:38:24.0199 0x1318  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
11:38:24.0212 0x1318  WerSvc - ok
11:38:24.0219 0x1318  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS        C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
11:38:24.0236 0x1318  WFPLWFS - ok
11:38:24.0242 0x1318  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
11:38:24.0256 0x1318  WiaRpc - ok
11:38:24.0261 0x1318  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
11:38:24.0273 0x1318  WIMMount - ok
11:38:24.0276 0x1318  WinDefend - ok
11:38:24.0298 0x1318  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
11:38:24.0324 0x1318  WinHttpAutoProxySvc - ok
11:38:24.0335 0x1318  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt        C:\WINDOWS\system32\wbem\WMIsvc.dll
11:38:24.0350 0x1318  Winmgmt - ok
11:38:24.0403 0x1318  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM          C:\WINDOWS\system32\WsmSvc.dll
11:38:24.0532 0x1318  WinRM - ok
11:38:24.0565 0x1318  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
11:38:24.0581 0x1318  WinUsb - ok
11:38:24.0613 0x1318  [ 3F5EF31C6AA204B099EE76497DF80A26, CBE648A4E7E1D98A3D8C72582C1CB3C2FD2329EAA24EE4DCAD271AAA6F4D82CE ] WlanSvc        C:\WINDOWS\System32\wlansvc.dll
11:38:24.0661 0x1318  WlanSvc - ok
11:38:24.0697 0x1318  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc        C:\WINDOWS\system32\wlidsvc.dll
11:38:24.0742 0x1318  wlidsvc - ok
11:38:24.0749 0x1318  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi        C:\WINDOWS\System32\drivers\wmiacpi.sys
11:38:24.0760 0x1318  WmiAcpi - ok
11:38:24.0769 0x1318  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
11:38:24.0787 0x1318  wmiApSrv - ok
11:38:24.0790 0x1318  WMPNetworkSvc - ok
11:38:24.0798 0x1318  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof            C:\WINDOWS\system32\drivers\Wof.sys
11:38:24.0815 0x1318  Wof - ok
11:38:24.0852 0x1318  [ 61BF52E9FFAB27A0B6D621BE26088373, 81291D52C381360E69D51E7DEB05CFAC651A7E9EF781CA23062C0583D0C94708 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
11:38:24.0903 0x1318  workfolderssvc - ok
11:38:24.0911 0x1318  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr        C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
11:38:24.0925 0x1318  wpcfltr - ok
11:38:24.0930 0x1318  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
11:38:24.0944 0x1318  WPCSvc - ok
11:38:24.0950 0x1318  [ 618A19EB31ECA7B7F2AA0207BAF598A5, CB18CF9B781EAB3D775F8201F294A7135E058D6C963D2CC759DCA14D95EED538 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
11:38:24.0966 0x1318  WPDBusEnum - ok
11:38:24.0970 0x1318  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr      C:\WINDOWS\system32\drivers\WpdUpFltr.sys
11:38:24.0982 0x1318  WpdUpFltr - ok
11:38:24.0986 0x1318  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl        C:\WINDOWS\system32\drivers\ws2ifsl.sys
11:38:25.0001 0x1318  ws2ifsl - ok
11:38:25.0007 0x1318  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
11:38:25.0024 0x1318  wscsvc - ok
11:38:25.0029 0x1318  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
11:38:25.0041 0x1318  WSDPrintDevice - ok
11:38:25.0045 0x1318  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan        C:\WINDOWS\System32\drivers\WSDScan.sys
11:38:25.0057 0x1318  WSDScan - ok
11:38:25.0061 0x1318  WSearch - ok
11:38:25.0130 0x1318  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService      C:\WINDOWS\System32\WSService.dll
11:38:25.0246 0x1318  WSService - ok
11:38:25.0267 0x1318  [ FF3F745A22B0C9C2EF1600762E8858A1, A63A66537A5316963825A963F2A9EC2BEB68027EB3A2EF28DC2C936FF194915A ] WTabletServiceCon C:\Program Files\Tablet\Pen

\WTabletServiceCon.exe
11:38:25.0289 0x1318  WTabletServiceCon - ok
11:38:25.0355 0x1318  [ D24002EB2F4A8A04897703067E81CC5D, 03806198D26DD7BA3E27EFE0911B49E5B48CAD8A05EC4F56AF45CF1E3FAD6916 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
11:38:25.0437 0x1318  wuauserv - ok
11:38:25.0450 0x1318  [ D537815E450A149752C15868392AD1F3, 8788CE493349299DB36E409C8CC3C6EA08301FA492C95D9D556E00BC13A05F13 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
11:38:25.0465 0x1318  WudfPf - ok
11:38:25.0473 0x1318  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
11:38:25.0492 0x1318  WUDFRd - ok
11:38:25.0498 0x1318  [ 9CDC2059A23E3C9B57696178508777E7, B680A2E2EDA5C8C6A547E7D9B2F2F8E6407C3EA0A01B82A4B88D48A27913A597 ] wudfsvc        C:\WINDOWS\System32\WUDFSvc.dll
11:38:25.0514 0x1318  wudfsvc - ok
11:38:25.0522 0x1318  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdFs      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:38:25.0535 0x1318  WUDFWpdFs - ok
11:38:25.0542 0x1318  [ 7CCBBCEE408A5DBE3FE47297DB5A6CFC, FB44B65B37B1C1A12C618E16BEF195EF861A87179B9216E43024C671C3AE052C ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
11:38:25.0554 0x1318  WUDFWpdMtp - ok
11:38:25.0568 0x1318  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc        C:\WINDOWS\System32\wwansvc.dll
11:38:25.0598 0x1318  WwanSvc - ok
11:38:25.0606 0x1318  [ 9176C0822FAA649E45121875BE32F5D2, B7A7A906A7BB0F760ED241F998C647D728C4DB5D8778AFE585DF38331165803F ] xusb21          C:\WINDOWS\System32\drivers\xusb21.sys
11:38:25.0618 0x1318  xusb21 - ok
11:38:25.0622 0x1318  ================ Scan global ===============================
11:38:25.0628 0x1318  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
11:38:25.0639 0x1318  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
11:38:25.0648 0x1318  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
11:38:25.0663 0x1318  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
11:38:25.0678 0x1318  [ Global ] - ok
11:38:25.0678 0x1318  ================ Scan MBR ==================================
11:38:25.0680 0x1318  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:38:25.0740 0x1318  \Device\Harddisk0\DR0 - ok
11:38:25.0743 0x1318  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
11:38:25.0818 0x1318  \Device\Harddisk1\DR1 - ok
11:38:25.0820 0x1318  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
11:38:25.0883 0x1318  \Device\Harddisk2\DR2 - ok
11:38:25.0883 0x1318  ================ Scan VBR ==================================
11:38:25.0886 0x1318  [ DEE0E776DBB6F59F907ACED6A8E67663 ] \Device\Harddisk0\DR0\Partition1
11:38:25.0887 0x1318  \Device\Harddisk0\DR0\Partition1 - ok
11:38:25.0889 0x1318  [ 087BFFA3A4721D75DC43AC200046DDB2 ] \Device\Harddisk0\DR0\Partition2
11:38:25.0891 0x1318  \Device\Harddisk0\DR0\Partition2 - ok
11:38:25.0893 0x1318  [ 381688CB67F8B8BD3B549A221001CE20 ] \Device\Harddisk0\DR0\Partition3
11:38:25.0894 0x1318  \Device\Harddisk0\DR0\Partition3 - ok
11:38:25.0896 0x1318  [ A08EF720EFE3972576B6CE0F7CBBE509 ] \Device\Harddisk0\DR0\Partition4
11:38:25.0897 0x1318  \Device\Harddisk0\DR0\Partition4 - ok
11:38:25.0900 0x1318  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
11:38:25.0900 0x1318  \Device\Harddisk1\DR1\Partition1 - ok
11:38:25.0903 0x1318  [ 7877D0273B7E0A40F2B191CC3B779DE6 ] \Device\Harddisk1\DR1\Partition2
11:38:25.0940 0x1318  \Device\Harddisk1\DR1\Partition2 - ok
11:38:25.0943 0x1318  [ 9525E1547D0947D09BBD26AA538844D2 ] \Device\Harddisk1\DR1\Partition3
11:38:25.0943 0x1318  \Device\Harddisk1\DR1\Partition3 - ok
11:38:25.0946 0x1318  [ C6D5AAA77E5957321E4F81DB944DB8B4 ] \Device\Harddisk2\DR2\Partition1
11:38:25.0947 0x1318  \Device\Harddisk2\DR2\Partition1 - ok
11:38:25.0948 0x1318  ================ Scan generic autorun ======================
11:38:26.0227 0x1318  [ C2A0B14B6E6555CF9D53ECB142465697, 9611506ED174E82516CB1614BFE5730B0BDDE76D58574D0406C1FED873F6308D ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
11:38:26.0531 0x1318  RTHDVCPL - ok
11:38:26.0569 0x1318  [ 233A10D4B3F6897899112E4EC60F1906, 1F7E768E57064938114DF2EFC5B219EB0D30A7D9E574924E9CED054462505AF0 ] C:\WINDOWS\WindowsMobile\wmdc.exe
11:38:26.0593 0x1318  Windows Mobile Device Center - ok
11:38:26.0766 0x1318  [ 1539331FFDB2D977BFF14F5737F5063E, 29C6CDEDA01D406BEE2B6E06CC42491A9EA89E45751D92DB4A2E9C017527B44A ] C:\Program Files\Logitech Gaming Software\LCore.exe
11:38:26.0937 0x1318  Launch LCore - ok
11:38:26.0962 0x1318  [ 5168320D7F4C50B0CA14E79406C1D6B7, D3F18EBBB34AB2B8562F1D39D0C15FA12B9B59341949AC2F7CF9436A3E536D71 ] C:\Program Files (x86)\Common Files\Acronis

\Schedule2\schedhlp.exe
11:38:26.0985 0x1318  Acronis Scheduler2 Service - ok
11:38:27.0002 0x1318  [ C6352C29C56077749CEEDD08680D347D, DF520DA9E9F8D34004E497969FC4AB0D9F057EEE5D8A0BBB91C5EBC983011ABD ] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
11:38:27.0028 0x1318  BambooCore - ok
11:38:27.0054 0x1318  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM

\1.0\AdobeARM.exe
11:38:27.0088 0x1318  Adobe ARM - ok
11:38:27.0133 0x1318  [ E2B81EEDF59A180CCFA1609B9CB2D523, 8AFF688DBB764353004EEE354F3AA4D515D8CFEC6A21A5121351EF510FA6589D ] C:\Program Files (x86)\Common Files\Juniper Networks\JamUI

\Pulse.exe
11:38:27.0194 0x1318  JunosPulse - ok
11:38:27.0216 0x1318  [ DAA21DC0AA2E688370D356757892816D, 97EBF3B8A4B8544B6C1379A391AA4079F38EB4D507931249BC1427D961F58F8C ] D:\Avira\Avira\AntiVir Desktop\avgnt.exe
11:38:27.0237 0x1318  avgnt - ok
11:38:27.0254 0x1318  [ B793DDE01D181ED91F333BF10FE2FC50, F9BA0FD8EC0C0E9D7E5969BC9ED0D0322EDFC8E65B11F642A7118B41F5BF197F ] C:\Program Files (x86)\Canon\IJ Network Scanner Selector

EX\CNMNSST.exe
11:38:27.0275 0x1318  IJNetworkScannerSelectorEX - ok
11:38:27.0408 0x1318  [ 8512F9B1EBCDAC8E103773CFBF8CE431, 7566261C3AF8C9343564D5076299AE54D2938FD9C9BD69FE10EFF16471DD9945 ] D:\Acronis\TrueImageHome\TrueImageMonitor.exe
11:38:27.0555 0x1318  TrueImageMonitor.exe - ok
11:38:27.0590 0x1318  [ 3CEF82F01A4E5071D60CF45264FC50EB, 3E30C49E6B43EF901DBED56A18B88BE5741A8B9576587891BDED6C7174AC5859 ] C:\Program Files (x86)\Common Files\Acronis\TibMounter

\TibMounterMonitor.exe
11:38:27.0628 0x1318  AcronisTibMounterMonitor - ok
11:38:27.0651 0x1318  [ 06BB3578BE06B0980AF9917EC94488EC, 4C66DC5C55E7AC80838D21AA04D194ACE62D70FF0D469FAB910FFE05B1C2A4E7 ] C:\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
11:38:27.0680 0x1318  StartCCC - ok
11:38:27.0700 0x1318  [ 98FAFD82E4F0674D2D7BB3C8FD141D32, 4F44F6B17E40268B8EE0251E6D913157CA1E7CE4C9D9B434262E74F136453A10 ] d:\CS2.0\Adobe Version Cue CS2\ControlPanel

\VersionCueCS2Tray.exe
11:38:27.0721 0x1318  Adobe Version Cue CS2 - detected UnsignedFile.Multi.Generic ( 1 )
11:38:30.0116 0x1318  Detect skipped due to KSN trusted
11:38:30.0116 0x1318  Adobe Version Cue CS2 - ok
11:38:30.0122 0x1318  [ 845EB283583BD3C89F09636A10114EF3, BCB3002B867052FB381B1E44D31E381200751E1AD3F991EB4233B73E3E034A0E ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
11:38:30.0136 0x1318  Avira Systray - ok
11:38:30.0222 0x1318  [ 6625AF1A749E4BEDFBC020AADF614B01, 3637086569EF5729951556EF38F76FD3F9DFC672A138CDC56B4E0B5B226317E5 ] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
11:38:30.0323 0x1318  Pando Media Booster - ok
11:38:30.0368 0x1318  [ E80434BDF3D84D479E937C3436C57B6A, E2C2856D7A869548577123021DFDD41E9996A0A4476860DB3814D3773DBEB146 ] F:\Steam\steam.exe
11:38:30.0422 0x1318  Steam - ok
11:38:30.0428 0x1318  icq - ok
11:38:30.0431 0x1318  Skype - ok
11:38:30.0432 0x1318  Waiting for KSN requests completion. In queue: 163
11:38:31.0433 0x1318  Waiting for KSN requests completion. In queue: 163
11:38:32.0433 0x1318  Waiting for KSN requests completion. In queue: 163
11:38:33.0467 0x1318  AV detected via SS2: Avira Desktop, D:\Avira\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.266 ), 0x41000 ( enabled : updated )
11:38:33.0478 0x1318  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
11:38:33.0486 0x1318  Win FW state via NFP2: enabled
11:38:35.0833 0x1318  ============================================================
11:38:35.0833 0x1318  Scan finished
11:38:35.0833 0x1318  ============================================================
11:38:35.0841 0x1810  Detected object count: 0
11:38:35.0841 0x1810  Actual detected object count: 0
UPDATE

Da das System möglichst bald wieder zur Verfügung stehen soll und ich aber fürs erste nur heute ausreichend Zeit habe mich darum zu kümmern, formatiere ich jetzt das System und installiere Windows neu. Trotzdem vielen Dank für die Hilfe, sollte noch Erkenntnisse über die Art und/oder Quelle der Infektion auftauchen würde ich mich freuen mehr zu erfahren, um das System in Zukunft besser abzusichern.

schrauber 13.10.2014 13:08
alles klar.


Alle Zeitangaben in WEZ +1. Es ist jetzt 15:41 Uhr.

Copyright ©2000-2025, Trojaner-Board


Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131