Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 25.04.2014, 07:07   #1
free-eagle
 
AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



Hallo,

hatte kürzlich die komische Abo Email von Media Center deren Anhang beim Öffnen der Mail! plötzlich verschwunden ist.
Danach habe ich gescannt mit meinem Norton 360 (hatte nie angeschlagen), mit Malwarebytes (ohne Ergebnis) und jetzt parallel AVG installiert und der findet 4 "infizierte" Systemdateien die er nicht löschen kann:

"";"Dienstfunktion NtMapViewOfSection-Hook -> 0xFFFFFFFF89DCBCC0, <unknown>";"Infiziert"
"";"Dienstfunktion NtCreateThreadEx-Hook -> 0xFFFFFFFF89DCB108, <unknown>";"Infiziert"
"";"Dienstfunktion NtAlpcConnectPortEx-Hook -> 0xFFFFFFFF89C31228, <unknown>";"Infiziert"
"";"Dienstfunktion NtAlpcConnectPort-Hook -> 0xFFFFFFFF89C31378, <unknown>";"Infiziert"

Beim Anschauen der Details bei AVG steht infiziert durch Anti-Rootkit....

Jetzt frage ich mich, hat mich wirklich ein Rootkit erwischt oder ist das ein Fehlalarm durch vielleicht einen der vielen anderen Virenscanner ?
Ich hatte vorher nur Norton 360 installiert und immer aktuell. Nach dieser E-Mail Geschichte hatte ich zunächst Malwarebytes installiert, danach ADWCleaner und nun zuletzt AVG.

Alle! diese Programme sind noch installiert.

Was würdet ihr tun?
Soll ich den Laptop lieber neu aufsetzen?
Mache mir auch etwas um meine Daten auf meinem Netzwerklaufwerk sorgen -das habe ich sofort ausgeschaltet nach dem mir das vor zwei Tagen seltsam vorkam mit dieser Mail.

Davon abgesehen überlege ich bei der Polizei Strafanzeige zu stellen - aber bringt das denn was ?

Ich freu mich über jeden Ratschlag. Danke vorab.

Gruß
free-eagle

Geändert von free-eagle (25.04.2014 um 07:17 Uhr)

Alt 25.04.2014, 07:23   #2
schrauber
/// the machine
/// TB-Ausbilder
 

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 25.04.2014, 08:08   #3
free-eagle
 
AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...




FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-04-2014
Ran by Jürgen (ATTENTION: The logged in user is not administrator) on JK-LAPTOP on 25-04-2014 09:02:21
Running from C:\Users\Jürgen\Downloads
Microsoft Windows 8.1 Pro mit Media Center Update 1 (X86) OS Language: German Standard
Internet Explorer Version 11
Boot Mode: Normal



==================== Processes (Whitelisted) =================

(Malwarebytes Corporation) C:\Program Files\ Malwarebytes Anti-Malware \mbam.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Microsoft Corporation) C:\Windows\System32\RuntimeBroker.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(CANON INC.) C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE
(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
(CANON INC.) C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(ActMask Co.,Ltd - hxxp://www.all2pdf.com) C:\Windows\System32\PrintDisp.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apntex.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidFind.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Mister Group) C:\Program Files\System Explorer\SystemExplorer.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgui.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Spotify Ltd) C:\Users\Jürgen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Users\Jürgen\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
(CANON INC.) C:\Program Files\Canon\Solution Menu EX\CNSEUPDT.EXE
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [196608 2008-04-30] (Alps Electric Co., Ltd.)
HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM\...\Run: [IJNetworkScanUtility] => C:\Program Files\Canon\Canon IJ Network Scan Utility\CNMNSUT.EXE [128352 2010-01-18] (CANON INC.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-06] (Apple Inc.)
HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2565520 2011-03-14] (CANON INC.)
HKLM\...\Run: [CanonSolutionMenuEx] => C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE [1612920 2011-08-04] (CANON INC.)
HKLM\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM\...\Run: [PrintDisp] => C:\WINDOWS\system32\PrintDisp.exe [877568 2013-06-25] (ActMask Co.,Ltd - hxxp://www.all2pdf.com)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM\...\Run: [KiesTrayAgent] => C:\Program Files\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-07] (Samsung Electronics Co., Ltd.)
HKLM\...\Run: [QuickTime Task] => E:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [SystemExplorerAutoStart] => C:\Program Files\System Explorer\SystemExplorer.exe [4008296 2014-04-21] (Mister Group)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
HKLM\...\Runonce: [MSPCLOCK] - rundll32.exe streamci,StreamingDeviceSetup {97ebaacc-95bd-11d0-a3ea-00a0c9223196},{53172480-4791-11D0-A5D6-28DB04C10000},{53172480-4791-11D0-A5D6-28DB04C10000}
HKLM\...\Runonce: [MSPQM] - rundll32.exe streamci,StreamingDeviceSetup {DDF4358E-BB2C-11D0-A42F-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196},{97EBAACB-95BD-11D0-A3EA-00A0C9223196}
HKLM\...\Runonce: [MSKSSRV] - rundll32.exe streamci,StreamingDeviceSetup {96E080C7-143C-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196},{3C0D501A-140B-11D1-B40F-00A0C9223196}
HKLM\...\Runonce: [MSTEE.CxTransform] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},{CF1DDA2C-9743-11D0-A3EE-00A0C9223196},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [MSTEE.Splitter] - rundll32.exe streamci,StreamingDeviceSetup {cfd669f1-9bc2-11d0-8299-0000f822fe8a},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},{0A4252A0-7E70-11D0-A5D6-28DB04C10000},C:\WINDOWS\inf\ksfilter.inf,MSTEE.Interface.Install
HKLM\...\Runonce: [WDM_DRMKAUD] - rundll32.exe streamci,StreamingDeviceSetup {EEC12DB6-AD9C-4168-8658-B03DAEF417FE},{ABD61E00-9350-47e2-A632-4438B90C6641},{FFBB6E3F-CCFE-4D84-90D9-421418B03A8E},C:\WINDOWS\inf\WDMAUDIO.inf,WDM_DRMKAUD.Interface.Install
HKU\S-1-5-21-3221724418-3018984914-2807200314-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [720064 2013-04-22] (Microsoft Corporation)
HKU\S-1-5-21-3221724418-3018984914-2807200314-1001\...\Run: [Spotify Web Helper] => C:\Users\Jürgen\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1104384 2013-08-14] (Spotify Ltd)
HKU\S-1-5-21-3221724418-3018984914-2807200314-1001\...\Run: [] => C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe [845120 2014-02-07] (Samsung)
HKU\S-1-5-21-3221724418-3018984914-2807200314-1001\...\MountPoints2: {3caec364-548c-11e3-b028-0021707e91e1} - "H:\HTC_Sync_Manager_PC.exe" 
HKU\S-1-5-21-3221724418-3018984914-2807200314-1001\...\MountPoints2: {d83ecb21-e08f-11e2-afcc-0021707e91e1} - "H:\HTC_Sync_Manager_PC.exe" 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.141\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Users\Jürgen\AppData\Local\Apps\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Jürgen\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk
ShortcutTarget: OneNote 2010 Bildschirmausschnitt- und Startprogramm.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-3221724418-3018984914-2807200314-1001\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.de/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://t.de.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x8CF1B720DB06CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de-DE,de;q=0.5
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = hxxp://nortonsafe.search.ask.com/web?q={SEARCHTERMS}&o=APN10506&l=dis&prt=NIS&chn=retail&geo=DE&ver=20&locale=de_DE&gct=kwd&qsrc=2869
BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.141\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
BHO: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files\PDF Architect\PDFIEHelper.dll (pdfforge GmbH)
BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
BHO: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files\Norton 360\Engine\21.2.0.38\IPS\IPSBHO.DLL (Symantec Corporation)
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll (IvoSoft)
Toolbar: HKLM - Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM - Perfect Print 7 - {F723BF1C-C826-44B0-A8E2-28BBA1C5D201} - C:\Program Files\soft Xpansion\Perfect Print 7 Express\ieagent32.dll (soft Xpansion)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Norton 360\Engine\21.2.0.38\coIEPlg.dll (Symantec Corporation)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 195.234.128.7 195.234.128.16

FireFox:
========
FF ProfilePath: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF32_13_0_0_182.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 - C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @canon.com/EPPEX - C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.141\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~1\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @soft-xpansion/npsxpdf - C:\Program Files\Common Files\soft Xpansion\np-sxpdf.dll (soft-Xpansion)
FF Plugin: @tools.google.com/Google Update;version=3 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 - C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: Adobe Reader - C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\searchplugins\11-suche.xml
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\searchplugins\englische-ergebnisse.xml
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\searchplugins\gmx-suche.xml
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\searchplugins\lastminute.xml
FF SearchPlugin: C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\searchplugins\webde-suche.xml
FF Extension: WOT - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2013-11-26]
FF Extension: WEB.DE MailCheck - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\Extensions\toolbar@web.de.xpi [2013-11-27]
FF Extension: NoScript - C:\Users\Jürgen\AppData\Roaming\Mozilla\Firefox\Profiles\r5pjc8q8.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-04-24]
FF HKLM\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files\PDF Architect\FFPDFArchitectExt [2013-06-09]
FF HKLM\...\Firefox\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb
FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23]
FF HKLM\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2013-12-25]
FF HKLM\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ []
FF HKLM\...\Thunderbird\Extensions: [{704E31A6-E680-48D0-BDEA-B0FE737AEB4D}] - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb
FF Extension: soft Xpansion Perfect Print 7 Express - C:\ProgramData\soft Xpansion\Perfect Print 7 Express\Data\fftb [2013-12-23]
FF StartMenuInternet: FIREFOX.EXE - e:\Program Files\Mozilla Firefox\firefox.exe

Chrome: 
=======
Error reading preferences. Please check "preferences" file for possible corruption. <======= ATTENTION
CHR Extension: (Google Docs) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-04-21]
CHR Extension: (Google Drive) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-04-21]
CHR Extension: (YouTube) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-04-21]
CHR Extension: (Google Search) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-04-21]
CHR Extension: (Google Play) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2013-11-23]
CHR Extension: (APK Downloader) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\lnbkiaddgodnooflghhbdpbdheanmpjp [2013-11-23]
CHR Extension: (Norton Identity Protection) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-04-21]
CHR Extension: (Google Wallet) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-29]
CHR Extension: (Gmail) - C:\Users\Jürgen\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-04-21]
CHR HKLM\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files\Norton 360\Engine\21.2.0.38\Exts\Chrome.crx [2014-03-26]

========================== Services (Whitelisted) =================

R2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
R2 lmhosts; C:\WINDOWS\system32\svchost.exe [31552 2013-08-22] (Microsoft Corporation)
R2 MBAMScheduler; C:\Program Files\ Malwarebytes Anti-Malware \mbamscheduler.exe [1809720 2014-04-03] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\ Malwarebytes Anti-Malware \mbamservice.exe [857912 2014-04-03] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe [235696 2014-01-16] (McAfee, Inc.)
R2 N360; C:\Program Files\Norton 360\Engine\21.2.0.38\N360.exe [265040 2014-03-12] (Symantec Corporation)
R2 NasPmService; C:\Program Files\BUFFALO\NASNAVI\nassvc.exe [251760 2013-11-06] (BUFFALO INC.)
R2 NlaSvc; C:\WINDOWS\System32\svchost.exe [31552 2013-08-22] (Microsoft Corporation)
R2 nsi; C:\WINDOWS\system32\svchost.exe [31552 2013-08-22] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe [167424 2012-12-07] ()
R2 PDF Architect Helper Service; C:\Program Files\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
R2 PDF Architect Service; C:\Program Files\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
R2 Printer Control; C:\WINDOWS\system32\PrintCtrl.exe [102400 2012-10-21] (ActMask Co.,Ltd - HTTP://WWW.ALL2PDF.COM)
S3 ScDeviceEnum; C:\WINDOWS\System32\ScDeviceEnum.dll [105472 2013-08-22] (Microsoft Corporation)
S3 SXDS10; C:\Program Files\Common Files\soft Xpansion\sxds10.exe [234096 2013-12-23] (soft Xpansion)
R3 SystemExplorerHelpService; C:\Program Files\System Explorer\service\SystemExplorerService.exe [567256 2012-11-25] (Mister Group)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [280296 2013-10-31] (Microsoft Corporation)
S3 WEPHOSTSVC; C:\WINDOWS\system32\wephostsvc.dll [20992 2013-08-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [22224 2013-10-31] (Microsoft Corporation)
S2 WiseBootAssistant; C:\Program Files\Wise\Wise Care 365\BootTime.exe [580232 2013-12-09] (WiseCleaner.com)
S3 workfolderssvc; C:\WINDOWS\system32\workfolderssvc.dll [1210368 2013-10-22] (Microsoft Corporation)
S2 楗敳潂瑯獁楳瑳湡t; 㩃停潲牧浡䘠汩獥坜獩履楗敳䌠牡⁥㘳尵潂瑯楔敭攮數䐀IJ" [X]

==================== Drivers (Whitelisted) ====================

R2 acedrv11; C:\WINDOWS\system32\drivers\acedrv11.sys [185472 2010-02-24] (Protect Software GmbH)
S0 Avgbootx; C:\WINDOWS\System32\DRIVERS\avgbootx.sys [17424 2013-09-04] (AVG Technologies CZ, s.r.o.)
R1 Avgdiskx; C:\WINDOWS\System32\DRIVERS\avgdiskx.sys [123160 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdriverx.sys [199960 2014-04-18] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\WINDOWS\System32\DRIVERS\avgidshx.sys [150296 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys [22296 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\WINDOWS\System32\DRIVERS\avgldx86.sys [193304 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\WINDOWS\System32\DRIVERS\avglogx.sys [238872 2014-03-27] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\WINDOWS\System32\DRIVERS\avgmfx86.sys [108312 2014-03-31] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\WINDOWS\System32\DRIVERS\avgrkx86.sys [28440 2014-03-27] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpx; C:\WINDOWS\system32\DRIVERS\avgwfpx.sys [214296 2014-03-31] (AVG Technologies CZ, s.r.o.)
R1 BasicRender; C:\WINDOWS\System32\drivers\BasicRender.sys [25600 2014-02-22] (Microsoft Corporation)
R3 BCM43XX; C:\WINDOWS\system32\DRIVERS\bcmwl63l.sys [4715008 2013-07-01] (Broadcom Corporation)
R1 BHDrvx86; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx86.sys [1098968 2014-03-19] (Symantec Corporation)
R1 ccSet_N360; C:\WINDOWS\system32\drivers\N360\1502000.026\ccSetx86.sys [127064 2013-09-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys [376920 2013-12-24] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [108120 2013-12-24] (Symantec Corporation)
S3 GPIO; C:\WINDOWS\System32\drivers\iaiogpio.sys [22016 2013-07-23] (Intel Corporation)
R1 IDSVix86; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140424.001\IDSvix86.sys [395992 2014-03-26] (Symantec Corporation)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2014-04-03] (Malwarebytes Corporation)
R0 MBAMSwissArmy; C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [107736 2014-04-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [51416 2014-04-03] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140424.009\NAVENG.SYS [93272 2014-04-22] (Symantec Corporation)
R3 NAVEX15; C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140424.009\NAVEX15.SYS [1612376 2014-04-22] (Symantec Corporation)
R3 SRTSP; C:\WINDOWS\System32\Drivers\N360\1502000.026\SRTSP.SYS [664280 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\WINDOWS\system32\drivers\N360\1502000.026\SRTSPX.SYS [32344 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\WINDOWS\System32\drivers\N360\1502000.026\SYMDS.SYS [367704 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\WINDOWS\System32\drivers\N360\1502000.026\SYMEFA.SYS [936152 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\WINDOWS\System32\drivers\N360\1502000.026\SYMELAM.SYS [21520 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT.SYS [142936 2013-12-25] (Symantec Corporation)
R1 SymIRON; C:\WINDOWS\system32\drivers\N360\1502000.026\Ironx86.SYS [206936 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\WINDOWS\System32\Drivers\N360\1502000.026\SYMNETS.SYS [447704 2014-02-18] (Symantec Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [93016 2013-10-31] (Microsoft Corporation)
R0 Wof; C:\WINDOWS\system32\Drivers\Wof.sys [138584 2014-03-13] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [187392 2013-08-22] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-04-25 09:02 - 2014-04-25 09:02 - 00023293 _____ () C:\Users\Jürgen\Downloads\FRST.txt
2014-04-25 09:02 - 2014-04-25 09:02 - 00000000 ____D () C:\FRST
2014-04-25 09:00 - 2014-04-25 09:00 - 01048576 _____ (Farbar) C:\Users\Jürgen\Downloads\FRST.exe
2014-04-25 08:07 - 2014-04-25 08:07 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-04-25 08:07 - 2014-04-25 08:07 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-04-25 07:48 - 2014-04-25 07:57 - 00000358 _____ () C:\Users\Jürgen\Desktop\Neues Textdokument.txt
2014-04-25 00:14 - 2014-04-25 00:16 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Avg2014
2014-04-25 00:14 - 2014-04-25 00:14 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\AVG2014
2014-04-25 00:13 - 2014-04-25 08:07 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-25 00:13 - 2014-04-25 08:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-25 00:13 - 2014-04-25 00:13 - 00000000 ____D () C:\Users\JKadmin\AppData\Roaming\AVG2014
2014-04-25 00:11 - 2014-04-25 00:13 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-25 00:11 - 2014-04-25 00:11 - 00000000 ___HD () C:\$AVG
2014-04-25 00:10 - 2014-04-25 00:10 - 00000000 ____D () C:\Program Files\AVG
2014-04-25 00:08 - 2014-04-25 08:08 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-25 00:07 - 2014-04-25 00:07 - 150392912 _____ (AVG Technologies) C:\Users\Jürgen\Downloads\avg_free_x86_all_2014_4569a7320.exe
2014-04-24 21:08 - 2014-04-24 21:11 - 00000000 ____D () C:\ProgramData\SystemExplorer
2014-04-24 21:08 - 2014-04-24 21:08 - 00001060 _____ () C:\Users\Public\Desktop\System Explorer.lnk
2014-04-24 21:08 - 2014-04-24 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2014-04-24 21:08 - 2014-04-24 21:08 - 00000000 ____D () C:\Program Files\System Explorer
2014-04-24 21:03 - 2014-04-24 21:03 - 00000000 ____D () C:\Users\Jürgen\Downloads\TcpView-3.05
2014-04-24 21:02 - 2014-04-24 21:02 - 02291136 _____ (Mister Group ) C:\Users\Jürgen\Downloads\SystemExplorerSetup_550.exe
2014-04-24 20:59 - 2014-04-24 20:59 - 00291606 _____ () C:\Users\Jürgen\Downloads\TcpView-3.05.zip
2014-04-24 20:57 - 2014-04-24 20:57 - 00000116 _____ () C:\WINDOWS\ntbtlog.txt.bak
2014-04-24 20:25 - 2014-04-24 20:25 - 00000000 ____D () C:\ProgramData\SMR410
2014-04-24 20:00 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\system32\sqlite3.dll
2014-04-23 23:11 - 2014-03-20 03:31 - 01037504 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-23 23:11 - 2014-03-20 03:12 - 00863552 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-23 23:11 - 2014-03-06 08:59 - 12732416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-04-23 23:11 - 2014-03-02 11:33 - 17387008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-23 23:11 - 2014-02-26 08:35 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-04-23 23:10 - 2014-03-20 03:20 - 18679216 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-04-23 23:10 - 2014-03-20 03:09 - 01679704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-23 23:10 - 2014-03-20 03:09 - 00283992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-23 23:10 - 2014-03-20 02:08 - 03562496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-04-23 23:10 - 2014-03-20 01:39 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2014-04-23 23:10 - 2014-03-20 01:36 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReInfo.dll
2014-04-23 23:10 - 2014-03-19 07:25 - 00491008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-04-23 23:10 - 2014-03-19 07:20 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2014-04-23 23:10 - 2014-03-19 07:08 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-04-23 23:10 - 2014-03-19 06:33 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-04-23 23:10 - 2014-03-19 06:10 - 00672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-04-23 23:10 - 2014-03-13 12:12 - 00138584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wof.sys
2014-04-23 23:10 - 2014-03-12 15:45 - 00387210 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-04-23 23:10 - 2014-03-11 17:05 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfg.exe
2014-04-23 23:10 - 2014-03-11 16:49 - 00082944 _____ (Microsoft Corporation) C:\WINDOWS\system32\BdeHdCfgLib.dll
2014-04-23 23:10 - 2014-03-11 16:28 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-04-23 23:10 - 2014-03-11 16:09 - 00761856 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2014-04-23 23:10 - 2014-03-11 15:46 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerDeviceEncryption.exe
2014-04-23 23:10 - 2014-03-11 15:34 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-04-23 23:10 - 2014-03-11 15:32 - 00299008 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-04-23 23:10 - 2014-03-11 15:30 - 00571392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-04-23 23:10 - 2014-03-11 15:02 - 00629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-04-23 23:10 - 2014-03-11 14:35 - 02317824 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-04-23 23:10 - 2014-03-08 14:00 - 01092896 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-04-23 23:10 - 2014-03-08 14:00 - 00241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcomp.dll
2014-04-23 23:10 - 2014-03-08 13:53 - 00147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-04-23 23:10 - 2014-03-08 13:49 - 00482416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-04-23 23:10 - 2014-03-08 13:49 - 00376152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-04-23 23:10 - 2014-03-08 13:45 - 00069464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-04-23 23:10 - 2014-03-08 13:35 - 00295256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-04-23 23:10 - 2014-03-08 13:34 - 01095488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2014-04-23 23:10 - 2014-03-08 10:44 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-04-23 23:10 - 2014-03-08 10:12 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxproxy.dll
2014-04-23 23:10 - 2014-03-08 09:47 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\spp.dll
2014-04-23 23:10 - 2014-03-08 09:40 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SetNetworkLocation.dll
2014-04-23 23:10 - 2014-03-08 09:14 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2014-04-23 23:10 - 2014-03-08 09:12 - 01816576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-04-23 23:10 - 2014-03-08 08:40 - 00139776 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2014-04-23 23:10 - 2014-03-08 08:38 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-04-23 23:10 - 2014-03-08 08:37 - 00755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-04-23 23:10 - 2014-03-08 08:37 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-04-23 23:10 - 2014-03-08 08:30 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2014-04-23 23:10 - 2014-03-08 08:25 - 00264192 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-04-23 23:10 - 2014-03-08 08:23 - 00731648 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-04-23 23:10 - 2014-03-08 08:02 - 00801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-04-23 23:10 - 2014-03-08 07:58 - 00567296 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-04-23 23:10 - 2014-03-08 07:42 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-04-23 23:10 - 2014-03-08 07:16 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-04-23 23:10 - 2014-03-06 13:20 - 01200296 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-04-23 23:10 - 2014-03-06 13:19 - 00390488 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-04-23 23:10 - 2014-03-06 13:19 - 00094016 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2014-04-23 23:10 - 2014-03-06 13:13 - 01779800 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-04-23 23:10 - 2014-03-06 13:13 - 00406912 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-04-23 23:10 - 2014-03-06 12:46 - 01679128 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2014-04-23 23:10 - 2014-03-06 12:43 - 01326936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-04-23 23:10 - 2014-03-06 12:43 - 00321880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2014-04-23 23:10 - 2014-03-06 12:37 - 05786968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-04-23 23:10 - 2014-03-06 12:35 - 00406512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-04-23 23:10 - 2014-03-06 12:35 - 00388408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-04-23 23:10 - 2014-03-06 12:35 - 00326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-04-23 23:10 - 2014-03-06 12:35 - 00305768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-04-23 23:10 - 2014-03-06 12:35 - 00194752 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-04-23 23:10 - 2014-03-06 12:34 - 00179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2014-04-23 23:10 - 2014-03-06 10:28 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanhlp.dll
2014-04-23 23:10 - 2014-03-06 10:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-04-23 23:10 - 2014-03-06 10:24 - 00068608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-04-23 23:10 - 2014-03-06 10:24 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-04-23 23:10 - 2014-03-06 10:23 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-04-23 23:10 - 2014-03-06 10:22 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-04-23 23:10 - 2014-03-06 10:22 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2014-04-23 23:10 - 2014-03-06 10:21 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-04-23 23:10 - 2014-03-06 10:21 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-04-23 23:10 - 2014-03-06 10:20 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2014-04-23 23:10 - 2014-03-06 10:20 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-04-23 23:10 - 2014-03-06 10:20 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-04-23 23:10 - 2014-03-06 10:20 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvcfg.exe
2014-04-23 23:10 - 2014-03-06 10:20 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpipreg.sys
2014-04-23 23:10 - 2014-03-06 10:20 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2014-04-23 23:10 - 2014-03-06 10:10 - 00058368 _____ (Microsoft Corporation) C:\WINDOWS\system32\l2gpstore.dll
2014-04-23 23:10 - 2014-03-06 10:09 - 00098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-04-23 23:10 - 2014-03-06 09:47 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-04-23 23:10 - 2014-03-06 09:46 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-04-23 23:10 - 2014-03-06 09:44 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsgqec.dll
2014-04-23 23:10 - 2014-03-06 09:25 - 00232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDScDrv.dll
2014-04-23 23:10 - 2014-03-06 09:16 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2014-04-23 23:10 - 2014-03-06 09:08 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-04-23 23:10 - 2014-03-06 08:42 - 00589824 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpprefcl.dll
2014-04-23 23:10 - 2014-03-06 08:29 - 11791360 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-04-23 23:10 - 2014-03-06 08:29 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2014-04-23 23:10 - 2014-03-06 08:23 - 02270208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-04-23 23:10 - 2014-03-06 08:14 - 00174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-04-23 23:10 - 2014-03-06 08:13 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-04-23 23:10 - 2014-03-06 08:11 - 02030080 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-04-23 23:10 - 2014-03-06 08:09 - 01764864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-04-23 23:10 - 2014-03-06 08:06 - 00386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlangpui.dll
2014-04-23 23:10 - 2014-03-06 08:06 - 00153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2014-04-23 23:10 - 2014-03-06 08:04 - 00300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-04-23 23:10 - 2014-03-06 08:04 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Sensors.dll
2014-04-23 23:10 - 2014-03-06 08:02 - 00623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-04-23 23:10 - 2014-03-06 08:01 - 00251392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDMon.dll
2014-04-23 23:10 - 2014-03-06 08:00 - 01309184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-04-23 23:10 - 2014-03-06 07:54 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-04-23 23:10 - 2014-03-06 07:51 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Scanners.dll
2014-04-23 23:10 - 2014-03-06 07:45 - 00833536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-04-23 23:10 - 2014-03-06 07:42 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SessEnv.dll
2014-04-23 23:10 - 2014-03-06 07:33 - 00839168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-04-23 23:10 - 2014-03-06 07:32 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-04-23 23:10 - 2014-03-06 07:27 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-04-23 23:10 - 2014-03-06 07:21 - 05770752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-04-23 23:10 - 2014-03-04 13:16 - 02088160 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-04-23 23:10 - 2014-03-04 13:10 - 00355832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-04-23 23:10 - 2014-03-04 13:09 - 01871192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-04-23 23:10 - 2014-03-04 13:09 - 00286040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-04-23 23:10 - 2014-03-04 09:26 - 00444928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AdmTmpl.dll
2014-04-23 23:10 - 2014-03-04 08:42 - 00494592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-04-23 23:10 - 2014-03-04 08:42 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-04-23 23:10 - 2014-03-04 08:39 - 00254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\pdh.dll
2014-04-23 23:10 - 2014-03-04 08:32 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidprov.dll
2014-04-23 23:10 - 2014-03-04 08:30 - 00069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2014-04-23 23:10 - 2014-03-04 08:26 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-04-23 23:10 - 2014-03-04 08:05 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.dll
2014-04-23 23:10 - 2014-03-04 07:54 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredentialMigrationHandler.dll
2014-04-23 23:10 - 2014-03-04 07:52 - 00605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2014-04-23 23:10 - 2014-02-06 23:26 - 00313344 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-04-23 23:10 - 2013-12-24 01:28 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-04-23 23:09 - 2014-04-09 12:54 - 00049544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-23 23:09 - 2014-04-09 05:21 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-23 23:09 - 2014-04-09 05:21 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-23 23:09 - 2014-04-09 05:07 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-23 23:09 - 2014-04-09 05:05 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-04-23 22:53 - 2014-02-22 16:38 - 01374384 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-04-23 22:53 - 2014-02-22 16:38 - 01129064 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-04-23 22:53 - 2014-02-22 16:25 - 02871672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-04-23 22:53 - 2014-02-22 16:08 - 00265048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-04-23 22:53 - 2014-02-22 16:04 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-04-23 22:53 - 2014-02-22 13:22 - 03499008 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-04-23 22:53 - 2014-02-22 13:17 - 00630272 _____ (Microsoft Corporation) C:\WINDOWS\system32\OobeFldr.dll
2014-04-23 22:53 - 2014-02-22 12:44 - 02178048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-04-23 22:53 - 2014-02-22 12:36 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-04-23 22:53 - 2014-02-22 12:33 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-04-23 22:53 - 2014-02-22 12:18 - 00488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-04-23 22:53 - 2014-02-22 12:02 - 08946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\glcndFilter.dll
2014-04-23 22:53 - 2014-02-22 11:33 - 11745792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-04-23 22:53 - 2014-02-22 11:33 - 01967104 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-04-23 22:53 - 2014-02-22 11:28 - 02643456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-04-23 22:53 - 2014-02-22 11:16 - 11776000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-04-23 22:53 - 2014-02-22 11:14 - 00892416 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-04-23 22:53 - 2014-02-22 11:14 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofTasks.dll
2014-04-23 22:53 - 2014-02-22 10:49 - 08874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2014-04-23 22:53 - 2014-02-22 10:35 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-04-23 22:53 - 2014-02-22 10:27 - 01143808 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-04-23 22:52 - 2014-02-22 16:52 - 01767440 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2014-04-23 22:52 - 2014-02-22 16:51 - 01063976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2014-04-23 22:52 - 2014-02-22 16:51 - 00491744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-04-23 22:52 - 2014-02-22 16:42 - 01370696 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-04-23 22:52 - 2014-02-22 16:42 - 01017936 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-04-23 22:52 - 2014-02-22 16:42 - 00422968 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2014-04-23 22:52 - 2014-02-22 16:42 - 00410568 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-04-23 22:52 - 2014-02-22 16:42 - 00369288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2014-04-23 22:52 - 2014-02-22 16:40 - 00333656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-04-23 22:52 - 2014-02-22 16:40 - 00211800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-04-23 22:52 - 2014-02-22 16:40 - 00120664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-04-23 22:52 - 2014-02-22 16:38 - 01077944 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2014-04-23 22:52 - 2014-02-22 16:38 - 00336232 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-04-23 22:52 - 2014-02-22 16:38 - 00197280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-04-23 22:52 - 2014-02-22 16:38 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-04-23 22:52 - 2014-02-22 16:26 - 00502616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-04-23 22:52 - 2014-02-22 16:26 - 00198488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdyboost.sys
2014-04-23 22:52 - 2014-02-22 16:25 - 02410496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-04-23 22:52 - 2014-02-22 16:18 - 01914616 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-04-23 22:52 - 2014-02-22 16:18 - 00759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-04-23 22:52 - 2014-02-22 16:18 - 00477744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-04-23 22:52 - 2014-02-22 16:18 - 00419928 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-04-23 22:52 - 2014-02-22 16:12 - 01468872 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2014-04-23 22:52 - 2014-02-22 16:11 - 00490136 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2014-04-23 22:52 - 2014-02-22 16:08 - 01451392 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-04-23 22:52 - 2014-02-22 16:08 - 01389960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-04-23 22:52 - 2014-02-22 16:08 - 01280960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-04-23 22:52 - 2014-02-22 16:08 - 01270608 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-04-23 22:52 - 2014-02-22 16:08 - 01167856 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-04-23 22:52 - 2014-02-22 16:08 - 00431960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-04-23 22:52 - 2014-02-22 16:08 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2014-04-23 22:52 - 2014-02-22 16:08 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-04-23 22:52 - 2014-02-22 16:08 - 00271192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2014-04-23 22:52 - 2014-02-22 16:04 - 01213240 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcmde.dll
2014-04-23 22:52 - 2014-02-22 16:04 - 01206000 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-04-23 22:52 - 2014-02-22 16:04 - 01155392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-04-23 22:52 - 2014-02-22 16:04 - 01011280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2014-04-23 22:52 - 2014-02-22 16:04 - 00869720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-04-23 22:52 - 2014-02-22 16:04 - 00707048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-04-23 22:52 - 2014-02-22 16:04 - 00650736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2014-04-23 22:52 - 2014-02-22 16:04 - 00518552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2014-04-23 22:52 - 2014-02-22 16:04 - 00317584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-04-23 22:52 - 2014-02-22 16:04 - 00296448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-04-23 22:52 - 2014-02-22 16:04 - 00285144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2014-04-23 22:52 - 2014-02-22 13:28 - 02428928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2014-04-23 22:52 - 2014-02-22 13:23 - 00903168 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-04-23 22:52 - 2014-02-22 13:22 - 00219648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-04-23 22:52 - 2014-02-22 13:19 - 00205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-04-23 22:52 - 2014-02-22 13:16 - 00617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-04-23 22:52 - 2014-02-22 13:16 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\system32\WofUtil.dll
2014-04-23 22:52 - 2014-02-22 13:11 - 00160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-04-23 22:52 - 2014-02-22 13:06 - 00148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\slc.dll
2014-04-23 22:52 - 2014-02-22 12:58 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-04-23 22:52 - 2014-02-22 12:57 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-04-23 22:52 - 2014-02-22 12:40 - 00479744 _____ (Microsoft Corporation) C:\WINDOWS\system32\recimg.exe
2014-04-23 22:52 - 2014-02-22 12:40 - 00138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2014-04-23 22:52 - 2014-02-22 12:14 - 02811392 _____ (Microsoft Corporation) C:\WINDOWS\system32\themeui.dll
2014-04-23 22:52 - 2014-02-22 12:14 - 00575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-04-23 22:52 - 2014-02-22 12:09 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfp.exe
2014-04-23 22:52 - 2014-02-22 12:02 - 00282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DfpCommon.dll
2014-04-23 22:52 - 2014-02-22 12:02 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-04-23 22:52 - 2014-02-22 12:01 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-04-23 22:52 - 2014-02-22 12:01 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-04-23 22:52 - 2014-02-22 11:52 - 00926720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-04-23 22:52 - 2014-02-22 11:46 - 00528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-04-23 22:52 - 2014-02-22 11:44 - 00675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-04-23 22:52 - 2014-02-22 11:40 - 00524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-04-23 22:52 - 2014-02-22 11:39 - 00854528 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-04-23 22:52 - 2014-02-22 11:37 - 02220032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-04-23 22:52 - 2014-02-22 11:36 - 01392640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2014-04-23 22:52 - 2014-02-22 11:33 - 01882624 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-04-23 22:52 - 2014-02-22 11:32 - 01162752 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-04-23 22:52 - 2014-02-22 11:26 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-04-23 22:52 - 2014-02-22 11:24 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-04-23 22:52 - 2014-02-22 11:23 - 00344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-04-23 22:52 - 2014-02-22 11:23 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-04-23 22:52 - 2014-02-22 11:21 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-04-23 22:52 - 2014-02-22 11:20 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2014-04-23 22:52 - 2014-02-22 11:19 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-04-23 22:52 - 2014-02-22 11:16 - 00593408 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2014-04-23 22:52 - 2014-02-22 11:14 - 00752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2014-04-23 22:52 - 2014-02-22 11:13 - 00348672 _____ (Microsoft Corporation) C:\WINDOWS\system32\energy.dll
2014-04-23 22:52 - 2014-02-22 11:13 - 00113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-04-23 22:52 - 2014-02-22 11:12 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\DismApi.dll
2014-04-23 22:52 - 2014-02-22 11:10 - 00300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-04-23 22:52 - 2014-02-22 11:08 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-04-23 22:52 - 2014-02-22 11:07 - 01203200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2014-04-23 22:52 - 2014-02-22 11:07 - 00613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-04-23 22:52 - 2014-02-22 11:07 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2014-04-23 22:52 - 2014-02-22 11:06 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-04-23 22:52 - 2014-02-22 11:06 - 00434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msTextPrediction.dll
2014-04-23 22:52 - 2014-02-22 11:04 - 01029120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-04-23 22:52 - 2014-02-22 11:00 - 01341440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2014-04-23 22:52 - 2014-02-22 11:00 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2014-04-23 22:52 - 2014-02-22 10:59 - 01403392 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-04-23 22:52 - 2014-02-22 10:59 - 00553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-04-23 22:52 - 2014-02-22 10:58 - 00479232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-04-23 22:52 - 2014-02-22 10:57 - 00829440 _____ (Microsoft Corporation) C:\WINDOWS\system32\perftrack.dll
2014-04-23 22:52 - 2014-02-22 10:56 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\swprv.dll
2014-04-23 22:52 - 2014-02-22 10:51 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-04-23 22:52 - 2014-02-22 10:47 - 00517120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-04-23 22:52 - 2014-02-22 10:45 - 00612352 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-04-23 22:52 - 2014-02-22 10:45 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-04-23 22:52 - 2014-02-22 10:43 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2014-04-23 22:52 - 2014-02-22 10:43 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2014-04-23 22:52 - 2014-02-22 10:42 - 00709120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfuimanager.dll
2014-04-23 22:52 - 2014-02-22 10:41 - 00662528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-04-23 22:52 - 2014-02-22 10:39 - 00556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-04-23 22:52 - 2014-02-22 10:37 - 01716736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-04-23 22:52 - 2014-02-22 10:37 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-04-23 22:52 - 2014-02-22 10:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-04-23 22:52 - 2014-02-22 10:32 - 01789440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-04-23 22:52 - 2014-02-22 10:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-04-23 22:52 - 2014-02-22 10:28 - 00557568 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2014-04-23 22:52 - 2014-02-22 10:21 - 00600576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2014-04-23 22:52 - 2014-02-22 10:21 - 00518144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmIndexer.dll
2014-04-23 22:52 - 2014-02-22 10:20 - 02302976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpccpl.dll
2014-04-23 22:52 - 2014-02-22 10:19 - 00698880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-04-23 22:52 - 2014-02-22 10:17 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-04-23 22:52 - 2014-02-22 10:03 - 01496576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2014-04-23 22:52 - 2014-02-22 10:01 - 00978944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-04-23 22:52 - 2014-02-22 10:00 - 00514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-04-23 22:52 - 2014-02-22 06:35 - 00262335 _____ () C:\WINDOWS\system32\dfpinc.dat
2014-04-23 22:52 - 2014-02-08 03:08 - 00081975 _____ () C:\WINDOWS\system32\systemsf.ebd
2014-04-23 22:52 - 2014-02-08 03:08 - 00024518 _____ () C:\WINDOWS\system32\systemsflm.ebd
2014-04-23 22:52 - 2014-02-02 15:33 - 00230808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-04-23 22:52 - 2014-01-29 09:44 - 01369736 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-04-23 22:52 - 2014-01-29 08:41 - 00218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2014-04-23 22:52 - 2014-01-29 08:25 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2014-04-23 22:52 - 2014-01-08 02:33 - 00552632 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-04-23 22:52 - 2013-12-10 08:10 - 00406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2014-04-23 22:51 - 2014-02-22 16:52 - 00251504 _____ (Microsoft Corporation) C:\WINDOWS\system32\powrprof.dll
2014-04-23 22:51 - 2014-02-22 16:52 - 00171936 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2014-04-23 22:51 - 2014-02-22 16:52 - 00063592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-04-23 22:51 - 2014-02-22 16:51 - 00140456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2014-04-23 22:51 - 2014-02-22 16:51 - 00066624 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-04-23 22:51 - 2014-02-22 16:51 - 00065056 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-04-23 22:51 - 2014-02-22 16:42 - 00232896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sqmapi.dll
2014-04-23 22:51 - 2014-02-22 16:42 - 00146672 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2014-04-23 22:51 - 2014-02-22 16:42 - 00137344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2014-04-23 22:51 - 2014-02-22 16:42 - 00098072 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-04-23 22:51 - 2014-02-22 16:41 - 00033056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2014-04-23 22:51 - 2014-02-22 16:40 - 00311128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-04-23 22:51 - 2014-02-22 16:40 - 00261464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-04-23 22:51 - 2014-02-22 16:40 - 00163672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-04-23 22:51 - 2014-02-22 16:40 - 00122712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-04-23 22:51 - 2014-02-22 16:40 - 00064344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2014-04-23 22:51 - 2014-02-22 16:38 - 00506120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-04-23 22:51 - 2014-02-22 16:38 - 00136320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-04-23 22:51 - 2014-02-22 16:38 - 00125976 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2014-04-23 22:51 - 2014-02-22 16:38 - 00107352 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-04-23 22:51 - 2014-02-22 16:38 - 00078000 _____ (Microsoft Corporation) C:\WINDOWS\system32\easinvoker.exe
2014-04-23 22:51 - 2014-02-22 16:26 - 00197976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-04-23 22:51 - 2014-02-22 16:26 - 00130904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-04-23 22:51 - 2014-02-22 16:26 - 00063832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2014-04-23 22:51 - 2014-02-22 16:26 - 00030552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ploptin.dll
2014-04-23 22:51 - 2014-02-22 16:26 - 00025944 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysResetErr.exe
2014-04-23 22:51 - 2014-02-22 16:25 - 00180240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-04-23 22:51 - 2014-02-22 16:18 - 00224664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-04-23 22:51 - 2014-02-22 16:18 - 00089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RestoreOptIn.exe
2014-04-23 22:51 - 2014-02-22 16:18 - 00046000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wpcfltr.sys
2014-04-23 22:51 - 2014-02-22 16:18 - 00041320 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudNotifications.exe
2014-04-23 22:51 - 2014-02-22 16:18 - 00029912 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserAccountBroker.exe
2014-04-23 22:51 - 2014-02-22 16:10 - 00105896 _____ (Microsoft Corporation) C:\WINDOWS\system32\smss.exe
2014-04-23 22:51 - 2014-02-22 16:08 - 00079496 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcd.dll
2014-04-23 22:51 - 2014-02-22 13:28 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2014-04-23 22:51 - 2014-02-22 13:28 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-04-23 22:51 - 2014-02-22 13:24 - 00800256 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2014-04-23 22:51 - 2014-02-22 13:24 - 00792576 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-04-23 22:51 - 2014-02-22 13:24 - 00780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2014-04-23 22:51 - 2014-02-22 13:24 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\SSShim.dll
2014-04-23 22:51 - 2014-02-22 13:22 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2014-04-23 22:51 - 2014-02-22 13:22 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\watchdog.sys
2014-04-23 22:51 - 2014-02-22 13:22 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2014-04-23 22:51 - 2014-02-22 13:18 - 00640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-04-23 22:51 - 2014-02-22 13:16 - 00055808 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-04-23 22:51 - 2014-02-22 13:16 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\system32\clrhost.dll
2014-04-23 22:51 - 2014-02-22 13:15 - 00088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-04-23 22:51 - 2014-02-22 13:13 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2014-04-23 22:51 - 2014-02-22 13:12 - 00310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2014-04-23 22:51 - 2014-02-22 13:11 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\spbcd.dll
2014-04-23 22:51 - 2014-02-22 13:09 - 00024576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-04-23 22:51 - 2014-02-22 13:09 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-04-23 22:51 - 2014-02-22 13:09 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-04-23 22:51 - 2014-02-22 13:05 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-04-23 22:51 - 2014-02-22 13:01 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionQueue.dll
2014-04-23 22:51 - 2014-02-22 13:01 - 00112640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2014-04-23 22:51 - 2014-02-22 12:58 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2014-04-23 22:51 - 2014-02-22 12:58 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdboot.exe
2014-04-23 22:51 - 2014-02-22 12:57 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-04-23 22:51 - 2014-02-22 12:56 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-04-23 22:51 - 2014-02-22 12:54 - 00035024 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentServer.exe
2014-04-23 22:51 - 2014-02-22 12:53 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PkgMgr.exe
2014-04-23 22:51 - 2014-02-22 12:47 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmdskmgr.dll
2014-04-23 22:51 - 2014-02-22 12:46 - 00111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-04-23 22:51 - 2014-02-22 12:43 - 00157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\RelPost.exe
2014-04-23 22:51 - 2014-02-22 12:41 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\dot3mm.dll
2014-04-23 22:51 - 2014-02-22 12:40 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppnp.dll
2014-04-23 22:51 - 2014-02-22 12:38 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2014-04-23 22:51 - 2014-02-22 12:37 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-04-23 22:51 - 2014-02-22 12:33 - 00402944 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2014-04-23 22:51 - 2014-02-22 12:33 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAMM.dll
2014-04-23 22:51 - 2014-02-22 12:30 - 00213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\cleanmgr.exe
2014-04-23 22:51 - 2014-02-22 12:26 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2014-04-23 22:51 - 2014-02-22 12:25 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorageContextHandler.dll
2014-04-23 22:51 - 2014-02-22 12:24 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\RASMM.dll
2014-04-23 22:51 - 2014-02-22 12:21 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2014-04-23 22:51 - 2014-02-22 12:21 - 00104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContent.dll
2014-04-23 22:51 - 2014-02-22 12:21 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\srclient.dll
2014-04-23 22:51 - 2014-02-22 12:21 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2014-04-23 22:51 - 2014-02-22 12:17 - 00570368 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-04-23 22:51 - 2014-02-22 12:17 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-04-23 22:51 - 2014-02-22 12:17 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2014-04-23 22:51 - 2014-02-22 12:17 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAConn.dll
2014-04-23 22:51 - 2014-02-22 12:16 - 00592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\sud.dll
2014-04-23 22:51 - 2014-02-22 12:16 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2014-04-23 22:51 - 2014-02-22 12:16 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\srchadmin.dll
2014-04-23 22:51 - 2014-02-22 12:16 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-04-23 22:51 - 2014-02-22 12:15 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2014-04-23 22:51 - 2014-02-22 12:15 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2014-04-23 22:51 - 2014-02-22 12:14 - 02165760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncCenter.dll
2014-04-23 22:51 - 2014-02-22 12:13 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2014-04-23 22:51 - 2014-02-22 12:12 - 00552960 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscui.dll
2014-04-23 22:51 - 2014-02-22 12:12 - 00352768 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwizeng.dll
2014-04-23 22:51 - 2014-02-22 12:09 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\migisol.dll
2014-04-23 22:51 - 2014-02-22 12:09 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-04-23 22:51 - 2014-02-22 12:04 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\netid.dll
2014-04-23 22:51 - 2014-02-22 12:03 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-04-23 22:51 - 2014-02-22 12:01 - 00726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2014-04-23 22:51 - 2014-02-22 12:00 - 00217600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssphtb.dll
2014-04-23 22:51 - 2014-02-22 12:00 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitagent.exe
2014-04-23 22:51 - 2014-02-22 11:58 - 00090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsAnytimeUpgradeResults.exe
2014-04-23 22:51 - 2014-02-22 11:55 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-04-23 22:51 - 2014-02-22 11:54 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2014-04-23 22:51 - 2014-02-22 11:54 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-04-23 22:51 - 2014-02-22 11:52 - 00342016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sharemediacpl.dll
2014-04-23 22:51 - 2014-02-22 11:48 - 01136128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2014-04-23 22:51 - 2014-02-22 11:44 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-04-23 22:51 - 2014-02-22 11:43 - 01294848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2014-04-23 22:51 - 2014-02-22 11:42 - 00869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2014-04-23 22:51 - 2014-02-22 11:42 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2014-04-23 22:51 - 2014-02-22 11:41 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-04-23 22:51 - 2014-02-22 11:40 - 02537472 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameux.dll
2014-04-23 22:51 - 2014-02-22 11:40 - 01095680 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2014-04-23 22:51 - 2014-02-22 11:39 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PurchaseWindowsLicense.dll
2014-04-23 22:51 - 2014-02-22 11:36 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2014-04-23 22:51 - 2014-02-22 11:36 - 00391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WLanConn.dll
2014-04-23 22:51 - 2014-02-22 11:31 - 00242688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2014-04-23 22:51 - 2014-02-22 11:29 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-04-23 22:51 - 2014-02-22 11:28 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2014-04-23 22:51 - 2014-02-22 11:28 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceassociation.dll
2014-04-23 22:51 - 2014-02-22 11:27 - 00484864 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-04-23 22:51 - 2014-02-22 11:26 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.exe
2014-04-23 22:51 - 2014-02-22 11:25 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2014-04-23 22:51 - 2014-02-22 11:23 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2014-04-23 22:51 - 2014-02-22 11:22 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll
2014-04-23 22:51 - 2014-02-22 11:21 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-04-23 22:51 - 2014-02-22 11:20 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-04-23 22:51 - 2014-02-22 11:19 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Sockets.PushEnabledApplication.dll
2014-04-23 22:51 - 2014-02-22 11:17 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\dasHost.exe
2014-04-23 22:51 - 2014-02-22 11:16 - 00291328 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-04-23 22:51 - 2014-02-22 11:15 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Dism.exe
2014-04-23 22:51 - 2014-02-22 11:15 - 00178176 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-04-23 22:51 - 2014-02-22 11:10 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2014-04-23 22:51 - 2014-02-22 11:08 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-04-23 22:51 - 2014-02-22 11:08 - 00306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\das.dll
2014-04-23 22:51 - 2014-02-22 11:08 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-04-23 22:51 - 2014-02-22 11:07 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2014-04-23 22:51 - 2014-02-22 11:06 - 00251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2014-04-23 22:51 - 2014-02-22 11:03 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-04-23 22:51 - 2014-02-22 11:02 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2014-04-23 22:51 - 2014-02-22 10:58 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcli.dll
2014-04-23 22:51 - 2014-02-22 10:56 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-04-23 22:51 - 2014-02-22 10:55 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\slpts.dll
2014-04-23 22:51 - 2014-02-22 10:54 - 00137216 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2014-04-23 22:51 - 2014-02-22 10:54 - 00045568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-04-23 22:51 - 2014-02-22 10:52 - 00969728 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-04-23 22:51 - 2014-02-22 10:49 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-04-23 22:51 - 2014-02-22 10:48 - 00506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdbui.dll
2014-04-23 22:51 - 2014-02-22 10:48 - 00123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-04-23 22:51 - 2014-02-22 10:48 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-04-23 22:51 - 2014-02-22 10:48 - 00016384 _____ (Microsoft Corporation) C:\WINDOWS\system32\energytask.dll
2014-04-23 22:51 - 2014-02-22 10:47 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-04-23 22:51 - 2014-02-22 10:47 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AepRoam.dll
2014-04-23 22:51 - 2014-02-22 10:45 - 00164352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-04-23 22:51 - 2014-02-22 10:45 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-04-23 22:51 - 2014-02-22 10:44 - 00154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-04-23 22:51 - 2014-02-22 10:43 - 01108480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-04-23 22:51 - 2014-02-22 10:43 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioCredProv.dll
2014-04-23 22:51 - 2014-02-22 10:43 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-04-23 22:51 - 2014-02-22 10:42 - 00943104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WlanMM.dll
2014-04-23 22:51 - 2014-02-22 10:42 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-04-23 22:51 - 2014-02-22 10:42 - 00078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AltTab.dll
2014-04-23 22:51 - 2014-02-22 10:41 - 03278848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2014-04-23 22:51 - 2014-02-22 10:40 - 00203776 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToDevice.dll
2014-04-23 22:51 - 2014-02-22 10:39 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-04-23 22:51 - 2014-02-22 10:39 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\provsvc.dll
2014-04-23 22:51 - 2014-02-22 10:38 - 00470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\timedate.cpl
2014-04-23 22:51 - 2014-02-22 10:38 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-04-23 22:51 - 2014-02-22 10:38 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Renewal.dll
2014-04-23 22:51 - 2014-02-22 10:33 - 00308224 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcpl.dll
2014-04-23 22:51 - 2014-02-22 10:33 - 00130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingMonitor.dll
2014-04-23 22:51 - 2014-02-22 10:29 - 00191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2014-04-23 22:51 - 2014-02-22 10:25 - 00352256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-04-23 22:51 - 2014-02-22 10:24 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\IdCtrls.dll
2014-04-23 22:51 - 2014-02-22 10:23 - 00165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-04-23 22:51 - 2014-02-22 10:19 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthBroker.dll
2014-04-23 22:51 - 2014-02-22 10:17 - 00109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudStorageWizard.exe
2014-04-23 22:51 - 2014-02-22 09:56 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-04-23 22:51 - 2014-02-22 09:54 - 00214016 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-04-23 22:51 - 2014-02-01 08:00 - 00002255 _____ () C:\WINDOWS\system32\WimBootCompress.ini
2014-04-23 22:51 - 2014-01-31 13:11 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpchttp.dll
2014-04-23 22:51 - 2014-01-31 11:35 - 03085824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2014-04-23 22:51 - 2014-01-31 11:10 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2014-04-23 22:51 - 2014-01-31 11:08 - 00507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-04-23 22:51 - 2014-01-31 11:04 - 00409600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-04-23 22:51 - 2014-01-31 10:24 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-04-23 22:51 - 2014-01-29 09:43 - 00411992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-04-23 22:51 - 2014-01-29 09:38 - 00735576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-04-23 22:51 - 2014-01-29 08:25 - 00457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2014-04-23 22:51 - 2014-01-27 19:25 - 00667136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-04-23 22:51 - 2014-01-27 18:47 - 01165312 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-04-23 22:51 - 2014-01-22 07:50 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\deviceaccess.dll
2014-04-23 22:51 - 2014-01-17 19:04 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ninput.dll
2014-04-23 22:51 - 2013-12-04 16:19 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-04-23 22:51 - 2013-12-04 15:53 - 00473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-04-23 22:51 - 2013-11-27 10:56 - 00167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\netiohlp.dll
2014-04-23 22:51 - 2013-11-23 10:37 - 00036696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2014-04-23 22:51 - 2013-11-08 05:47 - 00370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-04-23 22:50 - 2014-02-22 13:25 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\f3ahvoas.dll
2014-04-23 22:50 - 2014-02-22 13:25 - 00008192 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-1.dll
2014-04-23 22:50 - 2014-02-22 13:25 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-ntuser-private-l1-1-0.dll
2014-04-23 22:50 - 2014-02-22 13:24 - 00005632 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-session-winsta-l1-1-0.dll
2014-04-23 22:50 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-networking-wcmapi-l1-1-0.dll
2014-04-23 22:50 - 2014-02-22 13:24 - 00003584 ____H (Microsoft Corporation) C:\WINDOWS\system32\ext-ms-win-kernel32-package-l1-1-1.dll
2014-04-23 22:50 - 2014-02-22 13:23 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2014-04-23 22:50 - 2014-02-22 13:07 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-04-23 22:50 - 2014-02-22 12:59 - 00163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ocsetapi.dll
2014-04-23 22:50 - 2014-02-22 12:59 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-04-23 22:50 - 2014-02-22 12:50 - 00181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2014-04-23 22:50 - 2014-02-22 12:50 - 00136192 _____ (Microsoft Corporation) C:\WINDOWS\system32\diskpart.exe
2014-04-23 22:50 - 2014-02-22 12:47 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupugc.exe
2014-04-23 22:50 - 2014-02-22 12:40 - 00304640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-04-23 22:50 - 2014-02-22 12:33 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-04-23 22:50 - 2014-02-22 12:32 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-04-23 22:50 - 2014-02-22 12:31 - 00438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-04-23 22:50 - 2014-02-22 12:27 - 00625664 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2014-04-23 22:50 - 2014-02-22 12:25 - 00101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\scavengeui.dll
2014-04-23 22:50 - 2014-02-22 12:23 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnpclean.dll
2014-04-23 22:50 - 2014-02-22 12:23 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockScreenContentHost.dll
2014-04-23 22:50 - 2014-02-22 12:08 - 00244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbadmin.exe
2014-04-23 22:50 - 2014-02-22 12:03 - 02544128 _____ (Microsoft Corporation) C:\WINDOWS\system32\themecpl.dll
2014-04-23 22:50 - 2014-02-22 11:59 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-04-23 22:50 - 2014-02-22 11:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-04-23 22:50 - 2014-02-22 11:53 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-04-23 22:50 - 2014-02-22 11:27 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\GlobCollationHost.dll
2014-04-23 22:50 - 2014-02-22 11:26 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2014-04-23 22:50 - 2014-02-22 11:23 - 00256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2014-04-23 22:50 - 2014-02-22 11:21 - 00314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2014-04-23 22:50 - 2014-02-22 11:19 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\korwbrkr.dll
2014-04-23 22:50 - 2014-02-22 11:16 - 00017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxshared.dll
2014-04-23 22:50 - 2014-02-22 11:09 - 00208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-04-23 22:50 - 2014-02-22 10:50 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-04-23 22:50 - 2014-02-22 10:48 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-04-23 22:50 - 2014-02-22 10:48 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ConfigureExpandedStorage.dll
2014-04-23 22:50 - 2014-02-22 10:48 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2014-04-23 22:50 - 2014-02-22 10:48 - 00010240 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-04-23 22:50 - 2014-02-22 10:43 - 00390144 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2014-04-23 22:50 - 2014-02-22 10:39 - 00193024 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthprops.cpl
2014-04-23 22:50 - 2014-02-22 10:20 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncPolicy.dll
2014-04-23 22:50 - 2014-02-22 06:46 - 00002440 ___RS () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileManager.lnk
2014-04-23 22:50 - 2014-02-22 06:38 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-23 22:50 - 2014-02-22 06:38 - 00000369 _____ () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-23 22:50 - 2014-02-22 06:38 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2014-04-23 22:50 - 2014-02-22 06:38 - 00000369 _____ () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2014-04-23 22:50 - 2014-02-08 03:08 - 00100197 _____ () C:\WINDOWS\system32\RacRules.xml
2014-04-23 22:50 - 2014-02-01 08:00 - 00011109 _____ () C:\WINDOWS\system32\connectedsearch-results.searchconnector-ms
2014-04-23 22:50 - 2014-02-01 08:00 - 00007762 _____ () C:\WINDOWS\system32\connectedsearch-suggestions.searchconnector-ms
2014-04-23 22:50 - 2014-02-01 08:00 - 00007130 _____ () C:\WINDOWS\system32\connectedsearch-zeroinput.searchconnector-ms
2014-04-23 22:50 - 2014-01-27 13:52 - 00050053 _____ () C:\WINDOWS\system32\srms.dat
2014-04-23 22:50 - 2013-11-27 11:20 - 00013312 _____ (Microsoft Corporation) C:\WINDOWS\system32\finger.exe
2014-04-23 21:44 - 2014-04-23 21:44 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 21:43 - 2014-04-23 21:43 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-23 21:43 - 2014-04-23 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-23 21:43 - 2014-04-23 21:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 21:43 - 2014-04-23 21:43 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-23 21:43 - 2014-04-03 09:51 - 00073432 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-23 21:43 - 2014-04-03 09:51 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-23 21:43 - 2014-04-03 09:50 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-23 17:48 - 2014-04-23 17:48 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-23 07:54 - 2014-04-23 07:54 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-23 07:54 - 2014-04-23 07:54 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-23 07:54 - 2014-04-23 07:54 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-23 07:54 - 2014-04-23 07:54 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-23 07:54 - 2014-04-23 07:54 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-23 07:53 - 2014-04-23 07:53 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-04-22 22:10 - 2014-04-22 22:10 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-22 18:02 - 2014-04-14 20:05 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-22 18:01 - 2014-04-22 18:01 - 00004310 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log
2014-04-22 18:01 - 2014-04-22 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-22 18:01 - 2014-04-14 20:13 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-04-22 18:01 - 2014-04-14 20:05 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-22 18:01 - 2014-04-14 20:04 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-18 15:02 - 2014-04-18 15:02 - 00199960 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverx.sys
2014-04-13 13:55 - 2014-04-13 13:55 - 00000000 ____D () C:\Users\Jürgen\eTeks
2014-04-13 13:45 - 2014-04-13 13:46 - 00000004 _____ () C:\end
2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 ____D () C:\Program Files\Sweet Home 3D
2014-04-09 18:07 - 2014-04-09 18:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-03-31 16:20 - 2014-03-31 16:20 - 00214296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpx.sys
2014-03-31 16:11 - 2014-03-31 16:11 - 00108312 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2014-03-27 22:15 - 2014-03-27 22:15 - 00193304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2014-03-27 22:14 - 2014-03-27 22:14 - 00123160 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiskx.sys
2014-03-27 22:04 - 2014-03-27 22:04 - 00238872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys
2014-03-27 22:04 - 2014-03-27 22:04 - 00150296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys
2014-03-27 22:03 - 2014-03-27 22:03 - 00028440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx86.sys
2014-03-27 22:03 - 2014-03-27 22:03 - 00022296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsshimw8x.sys

==================== One Month Modified Files and Folders =======

2014-04-25 09:02 - 2014-04-25 09:02 - 00023293 _____ () C:\Users\Jürgen\Downloads\FRST.txt
2014-04-25 09:02 - 2014-04-25 09:02 - 00000000 ____D () C:\FRST
2014-04-25 09:00 - 2014-04-25 09:00 - 01048576 _____ (Farbar) C:\Users\Jürgen\Downloads\FRST.exe
2014-04-25 09:00 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-04-25 08:58 - 2013-12-23 12:19 - 01885620 _____ () C:\WINDOWS\WindowsUpdate.log
2014-04-25 08:58 - 2013-11-24 01:59 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\ClassicShell
2014-04-25 08:58 - 2013-10-20 13:16 - 00000000 __RDO () C:\Users\Jürgen\SkyDrive
2014-04-25 08:57 - 2013-04-07 21:31 - 00002197 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-04-25 08:57 - 2013-04-07 21:31 - 00001116 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-04-25 08:55 - 2013-12-23 12:25 - 00000422 _____ () C:\WINDOWS\Tasks\Wise Care 365.job
2014-04-25 08:12 - 2013-04-07 21:31 - 00001120 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-04-25 08:08 - 2014-04-25 00:08 - 00000000 ____D () C:\ProgramData\MFAData
2014-04-25 08:07 - 2014-04-25 08:07 - 00000000 ____D () C:\Users\Default\AppData\Roaming\TuneUp Software
2014-04-25 08:07 - 2014-04-25 08:07 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\TuneUp Software
2014-04-25 08:07 - 2014-04-25 00:13 - 00000967 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
2014-04-25 08:07 - 2014-04-25 00:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
2014-04-25 07:57 - 2014-04-25 07:48 - 00000358 _____ () C:\Users\Jürgen\Desktop\Neues Textdokument.txt
2014-04-25 07:51 - 2013-02-02 22:10 - 00000884 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-04-25 07:45 - 2013-12-23 12:16 - 00000000 ____D () C:\Users\JKadmin\AppData\Roaming\Wise Care 365
2014-04-25 07:44 - 2013-08-22 09:23 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-04-25 00:16 - 2014-04-25 00:14 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\Avg2014
2014-04-25 00:14 - 2014-04-25 00:14 - 00000000 ____D () C:\Users\Jürgen\AppData\Roaming\AVG2014
2014-04-25 00:13 - 2014-04-25 00:13 - 00000000 ____D () C:\Users\JKadmin\AppData\Roaming\AVG2014
2014-04-25 00:13 - 2014-04-25 00:11 - 00000000 ____D () C:\ProgramData\AVG2014
2014-04-25 00:13 - 2013-03-18 20:26 - 00000000 ____D () C:\Users\JKadmin\AppData\Roaming\TuneUp Software
2014-04-25 00:13 - 2012-07-26 08:53 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-04-25 00:11 - 2014-04-25 00:11 - 00000000 ___HD () C:\$AVG
2014-04-25 00:10 - 2014-04-25 00:10 - 00000000 ____D () C:\Program Files\AVG
2014-04-25 00:07 - 2014-04-25 00:07 - 150392912 _____ (AVG Technologies) C:\Users\Jürgen\Downloads\avg_free_x86_all_2014_4569a7320.exe
2014-04-24 23:32 - 2013-10-18 08:42 - 01776918 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-04-24 23:31 - 2013-12-29 00:27 - 00018828 _____ () C:\WINDOWS\setupact.log
2014-04-24 23:14 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\Microsoft.NET
2014-04-24 21:53 - 2013-02-03 11:52 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\CrashDumps
2014-04-24 21:11 - 2014-04-24 21:08 - 00000000 ____D () C:\ProgramData\SystemExplorer
2014-04-24 21:08 - 2014-04-24 21:08 - 00001060 _____ () C:\Users\Public\Desktop\System Explorer.lnk
2014-04-24 21:08 - 2014-04-24 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Explorer
2014-04-24 21:08 - 2014-04-24 21:08 - 00000000 ____D () C:\Program Files\System Explorer
2014-04-24 21:03 - 2014-04-24 21:03 - 00000000 ____D () C:\Users\Jürgen\Downloads\TcpView-3.05
2014-04-24 21:02 - 2014-04-24 21:02 - 02291136 _____ (Mister Group ) C:\Users\Jürgen\Downloads\SystemExplorerSetup_550.exe
2014-04-24 20:59 - 2014-04-24 20:59 - 00291606 _____ () C:\Users\Jürgen\Downloads\TcpView-3.05.zip
2014-04-24 20:57 - 2014-04-24 20:57 - 00000116 _____ () C:\WINDOWS\ntbtlog.txt.bak
2014-04-24 20:25 - 2014-04-24 20:25 - 00000000 ____D () C:\ProgramData\SMR410
2014-04-24 20:21 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-04-24 20:09 - 2013-12-25 12:31 - 00475520 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-04-24 20:06 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-04-24 20:05 - 2013-09-30 05:49 - 00000000 ____D () C:\WINDOWS\system32\Drivers\de-DE
2014-04-24 20:05 - 2013-09-30 05:49 - 00000000 ____D () C:\WINDOWS\de-DE
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\System Tools
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\WinStore
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\zh-TW
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\zh-HK
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\zh-CN
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\uk-UA
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\tr-TR
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\th-TH
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sv-SE
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-RS
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sr-Latn-CS
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sl-SI
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\sk-SK
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\ru-RU
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\ro-RO
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\pt-PT
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\pt-BR
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\pl-PL
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\nl-NL
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\nb-NO
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\lv-LV
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\lt-LT
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\ko-KR
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\ja-JP
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\it-IT
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\hu-HU
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\hr-HR
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\he-IL
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\fr-FR
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\fi-FI
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\et-EE
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\el-GR
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\de-DE
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\bg-BG
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\ar-SA
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\Program Files\Windows Portable Devices
2014-04-24 20:05 - 2013-08-22 10:17 - 00000000 ____D () C:\Program Files\Windows Multimedia Platform
2014-04-24 20:04 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\FileManager
2014-04-24 20:04 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\Camera
2014-04-24 20:02 - 2013-10-18 08:26 - 00000000 ____D () C:\Users\JKadmin
2014-04-24 20:02 - 2013-10-18 08:26 - 00000000 ____D () C:\Users\amumb_000
2014-04-23 22:16 - 2013-12-25 12:31 - 00739620 _____ () C:\WINDOWS\PFRO.log
2014-04-23 22:16 - 2012-07-26 08:53 - 00000000 ____D () C:\WINDOWS\LiveKernelReports
2014-04-23 21:44 - 2014-04-23 21:44 - 00107736 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-04-23 21:43 - 2014-04-23 21:43 - 00001076 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-04-23 21:43 - 2014-04-23 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-04-23 21:43 - 2014-04-23 21:43 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-04-23 21:43 - 2014-04-23 21:43 - 00000000 ____D () C:\Program Files\ Malwarebytes Anti-Malware 
2014-04-23 18:52 - 2013-11-24 11:01 - 00000000 ____D () C:\Users\amumb_000\AppData\Roaming\ClassicShell
2014-04-23 17:49 - 2013-10-21 17:30 - 00000000 __RDO () C:\Users\amumb_000\SkyDrive
2014-04-23 17:48 - 2014-04-23 17:48 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-04-23 07:54 - 2014-04-23 07:54 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-04-23 07:54 - 2014-04-23 07:54 - 00108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-04-23 07:54 - 2014-04-23 07:54 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-04-23 07:54 - 2014-04-23 07:54 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-04-23 07:54 - 2014-04-23 07:54 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-04-23 07:53 - 2014-04-23 07:53 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-04-22 22:10 - 2014-04-22 22:10 - 00000000 ____D () C:\Users\dub_cm_auto
2014-04-22 18:02 - 2014-01-15 20:42 - 00000000 ____D () C:\Users\JKadmin\AppData\Roaming\ClassicShell
2014-04-22 18:02 - 2013-10-17 21:11 - 00000000 ____D () C:\ProgramData\Oracle
2014-04-22 18:01 - 2014-04-22 18:01 - 00004310 _____ () C:\WINDOWS\system32\jupdate-1.7.0_55-b14.log
2014-04-22 18:01 - 2014-04-22 18:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-04-22 18:01 - 2013-04-20 18:02 - 00000000 ____D () C:\Program Files\Java
2014-04-22 15:52 - 2014-01-07 15:14 - 00000000 ____D () C:\Users\Colin\AppData\Roaming\ClassicShell
2014-04-18 15:02 - 2014-04-18 15:02 - 00199960 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsdriverx.sys
2014-04-14 20:13 - 2014-04-22 18:01 - 00094632 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge.dll
2014-04-14 20:05 - 2014-04-22 18:02 - 00264616 _____ (Oracle Corporation) C:\WINDOWS\system32\javaws.exe
2014-04-14 20:05 - 2014-04-22 18:01 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\system32\javaw.exe
2014-04-14 20:04 - 2014-04-22 18:01 - 00175016 _____ (Oracle Corporation) C:\WINDOWS\system32\java.exe
2014-04-13 13:55 - 2014-04-13 13:55 - 00000000 ____D () C:\Users\Jürgen\eTeks
2014-04-13 13:46 - 2014-04-13 13:45 - 00000004 _____ () C:\end
2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eTeks Sweet Home 3D
2014-04-13 13:45 - 2014-04-13 13:45 - 00000000 ____D () C:\Program Files\Sweet Home 3D
2014-04-13 13:45 - 2013-02-02 17:34 - 00000000 ____D () C:\Users\Jürgen\AppData\Local\VirtualStore
2014-04-10 21:53 - 2013-08-22 10:17 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-04-09 19:51 - 2013-02-02 20:14 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-04-09 19:49 - 2013-08-14 15:05 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-09 19:47 - 2013-02-02 17:53 - 88028728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-09 18:07 - 2014-04-09 18:07 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-04-09 12:54 - 2014-04-23 23:09 - 00049544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-04-09 05:21 - 2014-04-23 23:09 - 00307200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-04-09 05:21 - 2014-04-23 23:09 - 00159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-04-09 05:07 - 2014-04-23 23:09 - 01634304 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-04-09 05:05 - 2014-04-23 23:09 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-04-06 20:19 - 2013-10-23 07:18 - 00043008 ___SH () C:\Users\Jürgen\Desktop\Thumbs.db
2014-04-03 09:51 - 2014-04-23 21:43 - 00073432 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-04-03 09:51 - 2014-04-23 21:43 - 00051416 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-04-03 09:50 - 2014-04-23 21:43 - 00023256 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-04-03 07:51 - 2013-12-25 12:43 - 00002261 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-04-03 07:51 - 2013-12-25 12:43 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-04-03 07:51 - 2013-12-25 12:43 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360
2014-03-31 23:23 - 2013-08-22 10:18 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2014-03-31 23:23 - 2013-08-22 10:18 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2014-03-31 16:20 - 2014-03-31 16:20 - 00214296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgwfpx.sys
2014-03-31 16:11 - 2014-03-31 16:11 - 00108312 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgmfx86.sys
2014-03-27 22:15 - 2014-03-27 22:15 - 00193304 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgldx86.sys
2014-03-27 22:14 - 2014-03-27 22:14 - 00123160 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgdiskx.sys
2014-03-27 22:04 - 2014-03-27 22:04 - 00238872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avglogx.sys
2014-03-27 22:04 - 2014-03-27 22:04 - 00150296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidshx.sys
2014-03-27 22:03 - 2014-03-27 22:03 - 00028440 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgrkx86.sys
2014-03-27 22:03 - 2014-03-27 22:03 - 00022296 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgidsshimw8x.sys

Some content of TEMP:
====================
C:\Users\JKadmin\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

C:\WINDOWS\explorer.exe
[2014-04-23 23:10] - [2014-03-04 13:16] - 2088160 ____A (Microsoft Corporation) 119E091B5386379BC5AA598BE9440C75

C:\WINDOWS\system32\winlogon.exe
[2014-04-23 22:52] - [2014-02-22 11:21] - 0459264 ____A (Microsoft Corporation) 70C57DC69D4A7D92D2CAC90C3AD16E6F

C:\WINDOWS\system32\wininit.exe => MD5 is legit
C:\WINDOWS\system32\svchost.exe => MD5 is legit
C:\WINDOWS\system32\services.exe => MD5 is legit
C:\WINDOWS\system32\User32.dll
[2014-04-23 22:52] - [2014-02-22 16:42] - 1370696 ____A (Microsoft Corporation) 43B0EB86B10506AD564E2005A6156D30

C:\WINDOWS\system32\userinit.exe => MD5 is legit
C:\WINDOWS\system32\rpcss.dll
[2014-04-23 22:52] - [2014-02-22 11:16] - 0593408 ____A (Microsoft Corporation) 05C0337538BEECC04FC695808EFF201C

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\WINDOWS\system32\Drivers\volsnap.sys
[2014-04-23 22:53] - [2014-02-22 16:08] - 0265048 ____A (Microsoft Corporation) 085918BF459BCB835CFC535BE7138539


==================== End Of Log ============================
         
--- --- ---
__________________

Alt 25.04.2014, 08:08   #4
free-eagle
 
AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-04-2014
Ran by Jürgen at 2014-04-25 09:04:11
Running from C:\Users\Jürgen\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 Premier Edition (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 Premier Edition (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
FW: Norton 360 Premier Edition (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

1-abc.net File Divider (Remove only) (HKLM\...\1-abc.net File Divider) (Version:  - )
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
AAVUpdateManager (HKLM\...\{AFA42FE1-A5C3-485F-9180-BFCF5BF1F1C3}) (Version: 18.00.0000 - Wolters Kluwer Deutschland GmbH)
ACSI Campsite Guide Europe 2014 (HKLM\...\InstallShield_{DE936E12-CF55-45E6-84B6-A9116E02A71E}) (Version: 1.00.0000 - Ihr Firmenname)
ACSI Campsite Guide Europe 2014 (Version: 1.00.0000 - Ihr Firmenname) Hidden
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.182 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.06) - Deutsch (HKLM\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.5.100.21116 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.937.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{E43B4909-141E-DFF3-8C58-62B5E4D66BBA}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71116.1554 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Ashampoo Home Designer Pro v.1.0.1 (HKLM\...\{4D1A0101-17A2-4fca-9119-4734EDBDA12D}_is1) (Version: 1.0.1 - Creative Amadeo GmbH)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
AVG 2014 (Version: 14.0.3920 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
BUFFALO NAS Navigator2 (HKLM\...\UN060501) (Version:  - )
Canon Easy-PhotoPrint EX (HKLM\...\Easy-PhotoPrint EX) (Version:  - )
Canon Easy-WebPrint EX (HKLM\...\Easy-WebPrint EX) (Version:  - )
Canon IJ Network Scan Utility (HKLM\...\Canon_IJ_Network_Scan_UTILITY) (Version:  - )
Canon IJ Network Scanner Selector EX (HKLM\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
Canon IJ Network Tool (HKLM\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG5300 series Benutzerregistrierung (HKLM\...\Canon MG5300 series Benutzerregistrierung) (Version:  - )
Canon MG5300 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG5300_series) (Version:  - Canon Inc.)
Canon MG5300 series On-screen Manual (HKLM\...\Canon MG5300 series On-screen Manual) (Version:  - )
Canon MP Navigator EX 5.0 (HKLM\...\MP Navigator EX 5.0) (Version:  - )
Canon MP620 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP620_series) (Version:  - )
Canon My Printer (HKLM\...\CanonMyPrinter) (Version:  - )
Canon Solution Menu EX (HKLM\...\CanonSolutionMenuEX) (Version:  - )
Catalyst Control Center InstallProxy (Version: 2012.1116.1515.27190 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.2.4291 - CDBurnerXP)
Classic Shell (HKLM\...\{ED436519-8A0E-4CD0-987C-174D134513C2}) (Version: 4.0.2 - IvoSoft)
CleverPrint (HKLM\...\CleverPrint_is1) (Version: 3.00 - Abelssoft GmbH)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 3.3.2.0 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.2.101.104 - Alps Electric)
DEUTSCHLAND SPIELT GAME CENTER (HKLM\...\DSGPlayer) (Version:  - )
DHTML Editing Component (HKLM\...\{2EA870FA-585F-4187-903D-CB9FFD21E2E0}) (Version: 6.02.0001 - Microsoft Corporation)
Diamantenfee Special (HKLM\...\Diamantenfee Special) (Version:  - )
DirectX for Managed Code Update (Summer 2004) (Version: 9.02.2904 - Microsoft) Hidden
Evernote v. 5 (HKLM\...\{5A8A0DD8-14AF-11E3-9910-984BE15F174E}) (Version: 5.0.0.1137 - Evernote Corp.)
Google Chrome (HKLM\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
HTC Driver Installer (HKLM\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.10.0.001 - HTC Corporation)
iCloud (HKLM\...\{00A61104-74B5-4056-AD00-4397EF4FB141}) (Version: 3.1.0.40 - Apple Inc.)
inSSIDer 3 (HKLM\...\{CDF246AE-C6E3-438F-AA76-21700DCC15F6}) (Version: 3.0.6.42 - MetaGeek, LLC)
IPTInstaller (HKLM\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.8 - HTC)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 55 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
MAGIX Foto & Grafik Designer 7 SE (HKLM\...\MAGIX_{305A1AC7-0B5C-457D-9B6F-2A889766E3A0}) (Version: 7.1.2.26041 - MAGIX AG)
MAGIX Foto & Grafik Designer 7 SE (Version: 7.1.2.26041 - MAGIX AG) Hidden
Malwarebytes Anti-Malware Version 2.0.1.1004 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
Mass Watermark version 1.0.1 (HKLM\...\{25BB9D52-8471-4C26-BC79-D3B33BB1A4A7}_is1) (Version: 1.0.1 - masswatermark.com)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.8.141.11 - McAfee, Inc.)
Microsoft Office Access MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (German) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 27.0 (x86 de) (HKLM\...\Mozilla Firefox 27.0 (x86 de)) (Version: 27.0 - Mozilla)
Mozilla Firefox 28.0 (x86 de) (HKCU\...\Mozilla Firefox 28.0 (x86 de)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 27.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Norton 360 (HKLM\...\N360) (Version: 21.2.0.38 - Symantec Corporation)
PDF Architect (HKLM\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Split And Merge Basic (HKLM\...\{C91B24F6-1629-11E2-B696-21676188709B}) (Version: 2.2.2 - Andrea Vacondio)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
Peggle Deluxe (HKLM\...\Peggle Deluxe) (Version:  - )
Personal Backup 5.4 (HKLM\...\Personal Backup 5_is1) (Version: 5.3 - J. Rathlev)
ProtectDisc Driver, Version 11 (HKLM\...\ProtectDisc Driver 11) (Version: 11.0.0.14 - ProtectDisc Software GmbH)
QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RICOH Media Driver ver.2.07.01.04 (HKLM\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.07.01.04 - RICOH)
Samsung Kies (HKLM\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.)
Samsung Kies (Version: 2.5.3.13043_14 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.34.0 - SAMSUNG Electronics Co., Ltd.)
SDFormatter (HKLM\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (Version:  - Microsoft) Hidden
soft Xpansion Perfect Print 7 Express (HKLM\...\{98AD196C-B3B6-48df-AB53-A711C822497C}) (Version: 7.2.1.7 - soft Xpansion)
Spotify (HKCU\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Steuer-Spar-Erklärung 2013 (HKLM\...\{AEB61F7A-4BBA-4292-A096-7893E09034A4}) (Version: 18.09 - Wolters Kluwer Deutschland GmbH)
Sweet Home 3D version 4.3 (HKLM\...\Sweet Home 3D_is1) (Version:  - eTeks)
System Explorer 5.5.0 (HKLM\...\{40F485F7-6478-4896-B0D5-F94BE677EB78}_is1) (Version:  - Mister Group)
Turbo Lister 2 (HKLM\...\{8927E07C-97F7-4A54-88FB-D976F50DD46E}) (Version: 2.00.0000 - eBay Inc.)
Universal Extractor 1.6.1 (HKLM\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{C70D2038-A2C4-4A99-87DE-5272BB44F0CE}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{90140000-001A-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{A0657506-69DC-44AE-8DC1-58E7C6F5B1C9}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{90140000-0018-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{40EC8FB1-5202-469D-9232-C28FB1C6FC64}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WinRAR 4.11 (32-Bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
Wise Care 365 Version 2.92 (HKLM\...\{E864A1C8-EEE1-47D0-A7F8-00CC86D26D5E}_is1) (Version: 2.92 - WiseCleaner.com, Inc.)
Wondershare PDF to Word (Build 4.0.1) (HKLM\...\{90599D63-1879-4B90-BE4F-051CE70FA576}_is1) (Version: 4.0.1 - Wondershare Software)

==================== Restore Points  =========================

Could not list Restore Points. Check "winmgmt" service or repair WMI.


==================== Hosts content: ==========================

2013-08-22 08:13 - 2013-08-22 08:13 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => ?
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => ?
Task: C:\WINDOWS\Tasks\Wise Care 365.job => ?
Task: C:\WINDOWS\Tasks\Wise Turbo Checker.job => ?

==================== Loaded Modules (whitelisted) =============

2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-11-23 12:20 - 2012-02-17 21:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-06 01:52 - 2014-02-06 01:52 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-08 14:16 - 2012-09-08 14:16 - 00433664 _____ () C:\Users\Jürgen\AppData\Local\Apps\Evernote\Evernote\libxml2.dll
2012-09-08 14:16 - 2012-09-08 14:16 - 00315392 _____ () C:\Users\Jürgen\AppData\Local\Apps\Evernote\Evernote\libtidy.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\Users\Jürgen\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

==================== Disabled items from MSCONFIG ==============


==================== Faulty Device Manager Devices =============

Name: Fingerprint Sensor
Description: Fingerprint Sensor
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (04/25/2014 03:36:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4044375

Error: (04/25/2014 03:36:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4044375

Error: (04/25/2014 03:36:10 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/25/2014 03:36:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4042797

Error: (04/25/2014 03:36:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4042797

Error: (04/25/2014 03:36:08 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/25/2014 03:36:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4041219

Error: (04/25/2014 03:36:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4041219

Error: (04/25/2014 03:36:07 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/25/2014 03:36:05 AM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3016


System errors:
=============
Error: (04/25/2014 07:44:23 AM) (Source: Service Control Manager) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/25/2014 01:26:09 AM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (04/24/2014 10:13:17 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/24/2014 08:27:15 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/24/2014 08:12:40 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: {752073A1-23F2-4396-85F0-8FDB879ED0ED}

Error: (04/24/2014 08:11:39 PM) (Source: Microsoft-Windows-Eventlog) (User: NT-AUTORITÄT)
Description: Der Ereignisprotokollierungsdienst hat beim Aktivieren des Herausgebers "{0BF2FB94-7B60-4B4D-9766-E82F658DF540}" für den Kanal "Microsoft-Windows-Kernel-ShimEngine/Operational" einen Fehler (5) erkannt. Dieser Fehler hat keinen Einfluss auf den Betrieb des Kanals, beeinträchtigt jedoch die Fähigkeit des Herausgebers, Ereignisse für den Kanal auszulösen. Dieser Fehler ist oft darauf zurückzuführen, dass der Anbieter die ETW-Anbietersicherheit verwendet und der Ereignisprotokoll-Dienstidentität keine Berechtigungen zum Aktivieren gewährt hat.

Error: (04/24/2014 08:10:28 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2

Error: (04/24/2014 06:43:16 PM) (Source: volsnap) (User: )
Description: Die Schattenkopien von Volume "C:" wurden abgebrochen, weil der Schattenkopiespeicher nicht auf ein benutzerdefiniertes Limit vergrößert werden konnte.

Error: (04/24/2014 06:24:31 PM) (Source: DCOM) (User: NT-AUTORITÄT)
Description: ComputerstandardLokalAktivierung{C2F03A33-21F5-47FA-B4BB-156362A2F239}{316CDED5-E4AE-4B15-9113-7055D84DCC97}NT-AUTORITÄTLokaler DienstS-1-5-19LocalHost (unter Verwendung von LRPC)Nicht verfügbarNicht verfügbar

Error: (04/23/2014 10:16:55 PM) (Source: Service Control Manager) (User: )
Description: Der Dienst "楗敳䈠潯⁴獁楳瑳湡tƎ" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%2


Microsoft Office Sessions:
=========================
Error: (04/25/2014 03:36:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4044375

Error: (04/25/2014 03:36:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4044375

Error: (04/25/2014 03:36:10 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/25/2014 03:36:08 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4042797

Error: (04/25/2014 03:36:08 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4042797

Error: (04/25/2014 03:36:08 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/25/2014 03:36:07 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 4041219

Error: (04/25/2014 03:36:07 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 4041219

Error: (04/25/2014 03:36:07 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (04/25/2014 03:36:05 AM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3016


CodeIntegrity Errors:
===================================
  Date: 2013-12-25 11:32:30.600
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Definition Updates\{B6A85DA0-D724-417A-83C6-24FA0B2EAE2D}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-12-25 11:29:18.639
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Definition Updates\{89F37BAB-058F-4F22-8075-5413AF5B4D53}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.

  Date: 2013-12-25 11:29:15.678
  Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\ProgramData\Microsoft\Windows Defender\Definition Updates\{4AE8E33E-5792-43E3-8ED9-1B916497B1D9}\mpengine.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info =========================== 

Percentage of memory in use: 41%
Total physical RAM: 3069.98 MB
Available physical RAM: 1786.61 MB
Total Pagefile: 3581.98 MB
Available Pagefile: 2163.89 MB
Total Virtual: 2047.88 MB
Available Virtual: 1863.52 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:48.49 GB) (Free:8.54 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (Swap) (Fixed) (Total:12.7 GB) (Free:12.09 GB) NTFS
Drive e: (Programme) (Fixed) (Total:97.66 GB) (Free:91.06 GB) NTFS
Drive f: (Daten) (Fixed) (Total:73.56 GB) (Free:52.19 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================
         

Alt 25.04.2014, 19:08   #5
schrauber
/// the machine
/// TB-Ausbilder
 

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



Unsere Tools brauchen immer Adminrechte.

Downloade dir bitte Malwarebytes Anti-Rootkit Malwarebytes Anti-Rootkit und speichere es auf deinem Desktop.
  • Starte bitte die mbar.exe.
  • Folge den Anweisungen auf deinem Bildschirm gemäß Anleitung zu Malwarebytes Anti-Rootkit
  • Aktualisiere unbedingt die Datenbank und erlaube dem Tool, dein System zu scannen.
  • Klicke auf den CleanUp Button und erlaube den Neustart.
  • Während dem Neustart wird MBAR die gefundenen Objekte entfernen, also bleib geduldig.
  • Nach dem Neustart starte die mbar.exe erneut.
  • Sollte nochmal was gefunden werden, wiederhole den CleanUp Prozess.
Das Tool wird im erstellten Ordner eine Logfile ( mbar-log-<Jahr-Monat-Tag>.txt ) erzeugen. Bitte poste diese hier.

Starte keine andere Datei in diesem Ordner ohne Anweisung eines Helfers

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 25.04.2014, 21:59   #6
free-eagle
 
AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



Code:
ATTFilter
22:55:54.0479 0x0368  TDSS rootkit removing tool 3.0.0.33 Apr 24 2014 14:02:50
22:56:03.0842 0x0368  ============================================================
22:56:03.0842 0x0368  Current date / time: 2014/04/25 22:56:03.0842
22:56:03.0842 0x0368  SystemInfo:
22:56:03.0842 0x0368  
22:56:03.0843 0x0368  OS Version: 6.3.9600 ServicePack: 0.0
22:56:03.0843 0x0368  Product type: Workstation
22:56:03.0843 0x0368  ComputerName: JK-LAPTOP
22:56:03.0843 0x0368  UserName: JKadmin
22:56:03.0843 0x0368  Windows directory: C:\WINDOWS
22:56:03.0843 0x0368  System windows directory: C:\WINDOWS
22:56:03.0843 0x0368  Processor architecture: Intel x86
22:56:03.0843 0x0368  Number of processors: 2
22:56:03.0843 0x0368  Page size: 0x1000
22:56:03.0843 0x0368  Boot type: Normal boot
22:56:03.0843 0x0368  ============================================================
22:56:04.0973 0x0368  KLMD registered as C:\WINDOWS\system32\drivers\33087164.sys
22:56:06.0733 0x0368  System UUID: {A169C454-1FD7-6F40-6EB3-6DADD2638CA9}
22:56:09.0297 0x0368  Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 (232.89 Gb), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
22:56:09.0298 0x0368  ============================================================
22:56:09.0298 0x0368  \Device\Harddisk0\DR0:
22:56:09.0298 0x0368  MBR partitions:
22:56:09.0298 0x0368  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0xF6000, BlocksNum 0x60F9000
22:56:09.0313 0x0368  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x61EF800, BlocksNum 0x1964000
22:56:09.0328 0x0368  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x7B54000, BlocksNum 0xC350000
22:56:09.0347 0x0368  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x13EA4800, BlocksNum 0x9320800
22:56:09.0347 0x0368  ============================================================
22:56:09.0391 0x0368  C: <-> \Device\Harddisk0\DR0\Partition1
22:56:09.0436 0x0368  D: <-> \Device\Harddisk0\DR0\Partition2
22:56:09.0518 0x0368  E: <-> \Device\Harddisk0\DR0\Partition3
22:56:09.0655 0x0368  F: <-> \Device\Harddisk0\DR0\Partition4
22:56:09.0655 0x0368  ============================================================
22:56:09.0656 0x0368  Initialize success
22:56:09.0656 0x0368  ============================================================
22:56:45.0486 0x0f34  ============================================================
22:56:45.0486 0x0f34  Scan started
22:56:45.0486 0x0f34  Mode: Manual; SigCheck; TDLFS; 
22:56:45.0486 0x0f34  ============================================================
22:56:45.0486 0x0f34  KSN ping started
22:56:48.0333 0x0f34  KSN ping finished: true
22:56:50.0131 0x0f34  ================ Scan system memory ========================
22:56:50.0131 0x0f34  System memory - ok
22:56:50.0132 0x0f34  ================ Scan services =============================
22:56:50.0423 0x0f34  [ F7B9F821CF1C31B266F60A5733F8119A, F6CD1745CCE5F3023AA71BEBDD90ABF53AAB7BAC30FE6D28EB0CE73A46346875 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
22:56:50.0562 0x0f34  1394ohci - ok
22:56:50.0593 0x0f34  [ 57F7923ACC5009218F6591B3C0F62E07, 2C55C3C05063A87AA3B8B4E229F473104DE3643B1905214F75643332F60AD77F ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
22:56:50.0614 0x0f34  3ware - ok
22:56:50.0652 0x0f34  [ E6F53D6C0DEA3D375362265E175CA638, 6C0C25DF28DB250BE3CD3A672AED26C3383F16E91D6FD3D964D15CD80208A8B6 ] acedrv11        C:\WINDOWS\system32\drivers\acedrv11.sys
22:56:50.0679 0x0f34  acedrv11 - ok
22:56:50.0735 0x0f34  [ 97E855ABBF94A5B979BB3070833AE71C, 1BE118C8E9DE6C37D4B64980824B01552B18F468E710C5313CBBBAC4458F3CED ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
22:56:50.0776 0x0f34  ACPI - ok
22:56:50.0796 0x0f34  [ DCA3C5F55150B3AEB8B75A5E8D1156DC, 5BECBA14872511E9195B66F5BA290C80978C0DFFB08FABB8C5502D6F4B2927B9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
22:56:50.0815 0x0f34  acpiex - ok
22:56:50.0831 0x0f34  [ EE103776F838AE570EDBB2C1FB1356AF, 893FE536EEC3E9FBF08FBF3491DD96939DD92879E321A24E1AB4C6F7C5C84961 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
22:56:50.0875 0x0f34  acpipagr - ok
22:56:50.0912 0x0f34  [ AC1BAD06E47D090C553FDEEAD1A7C463, FF4A46E0811B6857DDF1C8FB35E1D99CF2C13D7139FEC574B797F09CA0DC95CA ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
22:56:50.0983 0x0f34  AcpiPmi - ok
22:56:51.0007 0x0f34  [ 519FA16CFE54F107861501D852322AEF, AC81AEAABF7C97F90769A8EE789449DB413815C2634999AE0C5825BF40656505 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
22:56:51.0072 0x0f34  acpitime - ok
22:56:51.0170 0x0f34  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
22:56:51.0186 0x0f34  AdobeARMservice - ok
22:56:51.0257 0x0f34  [ C2CE3311D2477B1B24CFB67020AD49B6, 5F800CDD69BA4E8813876BE82FC9FED3F2584DB8C8ADED345F7B5C2A32F809AE ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
22:56:51.0277 0x0f34  AdobeFlashPlayerUpdateSvc - ok
22:56:51.0342 0x0f34  [ D614199DF507F1047D2C9ADB89BDD49E, F858794161F40660CDFEDA895A3B924364F74F8D6165947A7605A3C695D9EE7D ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
22:56:51.0402 0x0f34  ADP80XX - ok
22:56:51.0459 0x0f34  [ 38ED16BD714BD8AB7A1D78568E2C5B22, D03E82A895DC9F47488D4DDF4C47D241364F2FAFCA9C76576C934403BEFC046B ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
22:56:51.0513 0x0f34  AeLookupSvc - ok
22:56:51.0550 0x0f34  [ 2AF7DA157FFF947A507FCB4AB8BB4C7C, 8AFED5AE592656507D307F00504FCCB4A450290544A171EE8BC8A4E99510D051 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
22:56:51.0623 0x0f34  AFD - ok
22:56:51.0653 0x0f34  [ 7A706DCF874214097A30694D3B686866, C565B0A0F59A79259D0D3958FF3FAAE252FCC2BF3964C426B37F8C3830A0C216 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
22:56:51.0673 0x0f34  agp440 - ok
22:56:51.0713 0x0f34  [ 25815816E0032A26D2FE5FDA7F9A2BB7, F10F59CE1EB099BA7D6923BA7C8712E1D2E03C31A194F47A6B4CC824B479104B ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
22:56:51.0766 0x0f34  ahcache - ok
22:56:51.0815 0x0f34  [ F0393267267B7E0EFD1E987781783B9F, 90BC0B0FA5DE930650104C9D3ED76A90EDB99DCAD097FAF964B1705BD2BE6825 ] ALG             C:\WINDOWS\System32\alg.exe
22:56:51.0880 0x0f34  ALG - ok
22:56:51.0916 0x0f34  [ E7E154969EEDB8E8FC2C80DF690A175A, 3015D83058BF9B018473823B596F4F9F1A348E3ED2724C51CB9776E76082C479 ] amdagp          C:\WINDOWS\system32\drivers\amdagp.sys
22:56:51.0934 0x0f34  amdagp - ok
22:56:51.0962 0x0f34  [ D9707ECC59834964EBA0D9D6C87305F6, EEC61004B16B4E1582D55D00C7A6DF497E72EC2B81A301B383584F5D6DFADCF0 ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
22:56:52.0008 0x0f34  AmdK8 - ok
22:56:52.0474 0x0f34  [ 67CE039EE34FB4798365E4322E50192E, DF41E1CD58F1B4A58699A04AB246A8AC2DA8E369558BD2BE7275BAF13EDA5A90 ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
22:56:53.0113 0x0f34  amdkmdag - ok
22:56:53.0180 0x0f34  [ 77C11737D6F136F33F30FC4827A27F81, 68D3D4FC4C084C8C7D15676785ED653F2425CD400D44E30D03F26BDB1F72263C ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
22:56:53.0230 0x0f34  amdkmdap - ok
22:56:53.0266 0x0f34  [ 7E4E0841365A02F77BD8497CCE347179, 915506A214730851CD789A4E0D1AC6501706D56929CD8AFB30BF77E4618AE574 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
22:56:53.0297 0x0f34  AmdPPM - ok
22:56:53.0321 0x0f34  [ 5558A0EB3082EAC88C0578ABCE0C707D, 46DDFFE4E3DC5E98B06CA6DCF508C8B7BBCD1C9BED8DFA74B48AA08498E76EF2 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
22:56:53.0339 0x0f34  amdsata - ok
22:56:53.0371 0x0f34  [ FB1A73A850C812F63BA9D174AB97BFB6, D15ECB48ECC459E564386101178E4E698B84B7763ABBC022F6D617CC5623F755 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
22:56:53.0395 0x0f34  amdsbs - ok
22:56:53.0413 0x0f34  [ 43352B9C7917984404F893AD10468F63, 26270C5FBECF1D2E91ABB589196F3B57C46D5C941594D12EEA1A6BAD60B2E28A ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
22:56:53.0430 0x0f34  amdxata - ok
22:56:53.0463 0x0f34  [ 1DE27858A431A5749E0F3DF54BA935B9, C6BB100BBEB1454A60F81E9DA9FA07FBA72156B65E1178E112CE690EF101FDF5 ] ApfiltrService  C:\WINDOWS\system32\DRIVERS\Apfiltr.sys
22:56:53.0480 0x0f34  ApfiltrService - ok
22:56:53.0530 0x0f34  [ 744F52D39EE8B38B85A047B6AFFE8696, 67594BD57863C48559B690D0C6FB2376B9ACBF7645232EE259464D54B786C5A8 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
22:56:53.0582 0x0f34  AppID - ok
22:56:53.0619 0x0f34  [ 74A94E7CE70DAABD1929F605392F3632, 4434B89229E220B35E071E63A478C67F9607AF5F17A4C2C0FEB8DA5E8E77C11E ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
22:56:53.0652 0x0f34  AppIDSvc - ok
22:56:53.0684 0x0f34  [ 63F348EC88ACA15279C68A034040AF73, 8DB4AEB894AF959E73E4392C24F9F5B0CCF82FC08FD854D424F1C2A44B2E5023 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
22:56:53.0732 0x0f34  Appinfo - ok
22:56:53.0817 0x0f34  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
22:56:53.0839 0x0f34  Apple Mobile Device - ok
22:56:53.0865 0x0f34  [ D45B9E7A13866AEEF0AAD9E60A24C604, 87911A658343575579F63A50CF93A8A69EEB64AC9E1EF692787CB1509E89CAF4 ] AppMgmt         C:\WINDOWS\System32\appmgmts.dll
22:56:53.0924 0x0f34  AppMgmt - ok
22:56:53.0983 0x0f34  [ 0016BF6CCFCBEE39188861476B700D8B, 8E90B8BA4C94E7CF4E970C2ACE34FD510E2A1643AC041F4C51D8CF1EE1A0DA4E ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
22:56:54.0079 0x0f34  AppReadiness - ok
22:56:54.0160 0x0f34  [ D07789299DA4D79B123336534E960F62, E98CD0B2B80A71D8B7BCD152196B4D8B2B56EE39C798C35CB33C6D82C5C314A5 ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
22:56:54.0233 0x0f34  AppXSvc - ok
22:56:54.0274 0x0f34  [ 0554DE27A3B4527C000073CEA0E84D1B, 526AA2C3B88AB21331C6DAA40F0443AE3437D673DECC330E7433F9FDC7ADDB54 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
22:56:54.0294 0x0f34  arcsas - ok
22:56:54.0312 0x0f34  [ 72FCAE2CE6DFEAB2AB072435017F3417, 1081DAD1DEC8956D7A0D2CE9AF5DCDC56620436B161A7D749EDE769AAE73F2D6 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
22:56:54.0329 0x0f34  atapi - ok
22:56:54.0374 0x0f34  [ 44F4D3CA9A4FD8449FDB89B4ECC690FD, E89C3EE0C00327CC664E78B1C0E1CDF847FA9143E6D69D0785A9645ABF2885B6 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
22:56:54.0431 0x0f34  AudioEndpointBuilder - ok
22:56:54.0475 0x0f34  [ 382B358E83A71E4F0B385FF73A932516, 502B524CFA88A508E14F35D30624E9BAE08672AEC3FBF1B9D2849901E49A109E ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
22:56:54.0537 0x0f34  Audiosrv - ok
22:56:54.0626 0x0f34  [ F4D6665EAABA19E9DCCD134613A21952, A61F1977010FDE6A6C6837BD0A23C81A2412EAFA15AE1A8B0F63ABD29D1E2469 ] Avgbootx        C:\WINDOWS\system32\DRIVERS\avgbootx.sys
22:56:54.0645 0x0f34  Avgbootx - ok
22:56:54.0691 0x0f34  [ 4F5490453284A641F159FF7AE6E0D736, E19F26462273D6E98F1C154695E2670DCF963BACAFD90B7EF0EF1DBB38264A7B ] Avgdiskx        C:\WINDOWS\system32\DRIVERS\avgdiskx.sys
22:56:54.0711 0x0f34  Avgdiskx - ok
22:56:54.0972 0x0f34  [ 7645B56EE79C68DFE19298BD531A66A3, 4FB045E7B947A4C9D7FA0EADE0BBC2C14F55BF1B660D8BA7D479935D74A9F5E7 ] AVGIDSAgent     C:\Program Files\AVG\AVG2014\avgidsagent.exe
22:56:55.0093 0x0f34  AVGIDSAgent - ok
22:56:55.0153 0x0f34  [ FCA016A74EDAA915F903F2E802CCDDF7, 6CEBCE860CCE79D16B1D0FA227AE6487AEE3211E0327597CB76735C08A9960D7 ] AVGIDSDriver    C:\WINDOWS\system32\DRIVERS\avgidsdriverx.sys
22:56:55.0173 0x0f34  AVGIDSDriver - ok
22:56:55.0207 0x0f34  [ FF4297EC210BC9A6BCFEF929694EA88D, 965F7ABD89B4157E9FD47A727C217C8B3170631F974E10684E0B96E8F4660559 ] AVGIDSHX        C:\WINDOWS\system32\DRIVERS\avgidshx.sys
22:56:55.0227 0x0f34  AVGIDSHX - ok
22:56:55.0290 0x0f34  [ 116DC7003DD7DB09A01AA0E3DFC57C88, 7479433B0F6770B68CB92F404E2A23C72E2600C55FA97BCC0E964FD026EEE69B ] AVGIDSShim      C:\WINDOWS\system32\DRIVERS\avgidsshimw8x.sys
22:56:55.0303 0x0f34  AVGIDSShim - ok
22:56:55.0354 0x0f34  [ D0F06211AE2BDD5F2F82279550EED31B, 431C24145B71ADDBBF6C4A44EC6F763F3C53D20614C379254657D04888FE4784 ] Avgldx86        C:\WINDOWS\system32\DRIVERS\avgldx86.sys
22:56:55.0375 0x0f34  Avgldx86 - ok
22:56:55.0417 0x0f34  [ 9D663E6EBFAF4E74A61B492A79AAB5A1, F411C248F4A22A6E6C4336CB2FF8386D866A84C5029D276F361B178636603F5B ] Avglogx         C:\WINDOWS\system32\DRIVERS\avglogx.sys
22:56:55.0437 0x0f34  Avglogx - ok
22:56:55.0459 0x0f34  [ 5E26854C4FF7368A79C48F01D4388E28, 39DA13AA3D3794378053AC012F88FEC076CFD7A0FACF985C70E8AA861F81554E ] Avgmfx86        C:\WINDOWS\system32\DRIVERS\avgmfx86.sys
22:56:55.0474 0x0f34  Avgmfx86 - ok
22:56:55.0503 0x0f34  [ DAC682B3F40824E1E1011A899ED2AF36, 315890594177028C2BB03457C7C2E8A573698F1E7BC4D5A4ACDD195C32D8321E ] Avgrkx86        C:\WINDOWS\system32\DRIVERS\avgrkx86.sys
22:56:55.0516 0x0f34  Avgrkx86 - ok
22:56:55.0551 0x0f34  [ DBAEB3D23C653018629A76E53260E122, DF402D83206EDA77818D3B59456240E66C69D307FCC7419354BF363413BC7963 ] avgwd           C:\Program Files\AVG\AVG2014\avgwdsvc.exe
22:56:55.0571 0x0f34  avgwd - ok
22:56:55.0586 0x0f34  [ 2F454422BAF26797471661690933F44E, A496B73DECA00DF2297A5EB134D42F0A8E5C81D76F84227BD83968E8A2D17808 ] Avgwfpx         C:\WINDOWS\system32\DRIVERS\avgwfpx.sys
22:56:55.0606 0x0f34  Avgwfpx - ok
22:56:55.0644 0x0f34  [ E8EB0D954F852612B5558A2FA48141EF, 9EAFADF021D18BF7EBB9A0F3D7896EE4C4D144FE471447BECE1555FB3FF4148E ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
22:56:55.0667 0x0f34  AxInstSV - ok
22:56:55.0713 0x0f34  [ 235EAE5E6E5F3F0DD49DA9204F86976E, 6F29B9E36C54717E94DBF346FEF5145A2CAEBA4C1BB336E4023C5A7FE09B5290 ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
22:56:55.0752 0x0f34  BasicDisplay - ok
22:56:55.0805 0x0f34  [ 363392A3AF1630C9D3A7B9A31267B5B3, C1F084BFCC05EE56585860DF4729198C72475AC75A2A38FD4D1551D8CA3A9EA3 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
22:56:55.0833 0x0f34  BasicRender - ok
22:56:56.0078 0x0f34  [ DC7001507CD70FAD9D2D288C8F14E162, E0DB839B2ED13AAE879258D36011DCA4667596EDB2C50CAE4C96A0EC3FA187F2 ] BCM43XX         C:\WINDOWS\system32\DRIVERS\bcmwl63l.sys
22:56:56.0355 0x0f34  BCM43XX - ok
22:56:56.0389 0x0f34  [ 596DB7E4D0DB6AC32DF142C861001979, D7E2C2334F286778A485391C0E0BA19DE2A7D2C3B94A74563C57D55EB0A8E858 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
22:56:56.0401 0x0f34  bcmfn2 - ok
22:56:56.0443 0x0f34  [ BB66D3F11B9D1A71C14AA9175BA308E1, C110DA0892A6C4507D22537CD83DC8D923935624507F8C04B89D41367DD61ADC ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
22:56:56.0525 0x0f34  BDESVC - ok
22:56:56.0559 0x0f34  [ 38058AF65F15D0E9E1A5A9B8E75B0757, C7855B39DEAF8AE6E87FBF44FADD3344D69AC71AAC8737EA6FF21435685189F7 ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
22:56:56.0611 0x0f34  Beep - ok
22:56:56.0652 0x0f34  [ F871C1523C46C935FDC7B11CC737625B, 98BA6030AF7BD49FAA14B2BBC2311052CF4968864B417442118044F04B7A7920 ] BFE             C:\WINDOWS\System32\bfe.dll
22:56:56.0737 0x0f34  BFE - ok
22:56:56.0932 0x0f34  [ 0305AF513F52CCCD0716002EC06AC2AA, 4D371F6077C8F8041E17D4ACA75CDD9FE4867E959205E822842B73333DE579F6 ] BHDrvx86        C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140409.001\BHDrvx86.sys
22:56:57.0007 0x0f34  BHDrvx86 - ok
22:56:57.0100 0x0f34  [ CF61A9210872D1C98FA82593A5A3EFA1, E4732961BB3D9220E692646D1B16984B375D8BD65B1881B25F9BD35FB1B0AFD2 ] BITS            C:\WINDOWS\System32\qmgr.dll
22:56:57.0219 0x0f34  BITS - ok
22:56:57.0298 0x0f34  [ DB5BEA73EDAF19AC68B2C0FAD0F92B1A, 10F21999FF6B1D410EBF280F7F27DEACA5289739CF12F4293B614B8FC6C88DCC ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
22:56:57.0319 0x0f34  Bonjour Service - ok
22:56:57.0338 0x0f34  [ BC1FC15A5B1FAE717CE441537590FDD3, B16A29C37AAFD8BB63E96211A7B01A206E3370904F942DE0D85AAFE8EF49A8E9 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
22:56:57.0391 0x0f34  bowser - ok
22:56:57.0441 0x0f34  [ EE34AA2092B0FE415064B726EEB7EC24, C404E2A3BC02C33B8AC9329985D2C1029C3A7CCB651240A790A11544E2B397BC ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
22:56:57.0497 0x0f34  BrokerInfrastructure - ok
22:56:57.0532 0x0f34  [ B64CCCB190CB29C3D376932DE1F1281B, 994C36CA6F6CD61F3607D3B226E8A5F362A5C254C936EABF234A6EEF516A7ED8 ] Browser         C:\WINDOWS\System32\browser.dll
22:56:57.0570 0x0f34  Browser - ok
22:56:57.0609 0x0f34  [ 48590B2DBCE55AC0DF0F7A3F23204CBF, CA57095FD6979A937FC26E9E4D804C8FA7248B36D84159D746F9FC8BADF08365 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
22:56:57.0652 0x0f34  BthAvrcpTg - ok
22:56:57.0672 0x0f34  [ 84CF99F7190D54D4C72E0F5D008BF88C, 585A87EC0A57057727D58A8D9B9ACDE90861AFB4BF4FBEF07C451A7EDF5DB96F ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
22:56:57.0695 0x0f34  BthHFEnum - ok
22:56:57.0720 0x0f34  [ 1C0791BC4DC2AE0B41F8E84CD3154929, FEA1FF46493C6638E08FC2FBBFB66B9922680BB649B99695ADACF05713962A78 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
22:56:57.0756 0x0f34  bthhfhid - ok
22:56:57.0774 0x0f34  [ 34915F2B5A85B46E5B9033634C937CCA, 3A6B32C55712581CEAC5E7159A302D8CC36AB69E6702A77F1B4F20D5DFF13574 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
22:56:57.0808 0x0f34  BTHMODEM - ok
22:56:57.0833 0x0f34  [ D0AD9879CC58ABB122EC0BF0F7B3925C, 09B3ECE40AA008B4E11955CE15453AC9F9262895E0568CEE2A169A0FE9526080 ] bthserv         C:\WINDOWS\system32\bthserv.dll
22:56:57.0873 0x0f34  bthserv - ok
22:56:57.0966 0x0f34  [ 56C2811FD0D7B727808A69407B5BFAE0, 5F84A29A9E6D8F566F95399F3B41A82DD128EA69678BBBCF75AD914DE70D9A74 ] ccSet_N360      C:\WINDOWS\system32\drivers\N360\1502000.026\ccSetx86.sys
22:56:57.0997 0x0f34  ccSet_N360 - ok
22:56:58.0039 0x0f34  [ CE232BB0965C0C0B786C3F976CCBFB7D, B3EF33018585A1B0B560E774C6127354E45805F01779C5931C345853F9EFD48C ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
22:56:58.0079 0x0f34  cdfs - ok
22:56:58.0105 0x0f34  [ E2FC132D48EA4E8B04432C33EFB77801, 732BCDFA8975FB54DD0EAF0D208CBD361CA2E9C68B82212481C843E2ED1C5237 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
22:56:58.0142 0x0f34  cdrom - ok
22:56:58.0175 0x0f34  [ 8EA77992FACEB94182B9610FA4A06A68, 18AC5B03A3B7FA783596B8BD63DC01F9C36520AEA5264AFD99CD9207F538C931 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
22:56:58.0225 0x0f34  CertPropSvc - ok
22:56:58.0267 0x0f34  [ 98294CE233DE8687CEEC29BD632107D0, 91DCAD303EB49A0321E3991A7B77E77672A87B32B55656A6D9471F10F1C2EE27 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
22:56:58.0298 0x0f34  circlass - ok
22:56:58.0340 0x0f34  [ 7559018F0024F00AC00198F18C6A0426, 29280C458A1C0F43D410E8582811D61A2ED5D7D8104FA5B17BB15E02DB080964 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
22:56:58.0368 0x0f34  CLFS - ok
22:56:58.0403 0x0f34  [ 6D46D1CCDA47E9B76F2D7FF4417D31AD, 8AA40C74C284EBF78FB60D64614BC87BD8C1592AD0EFB03D0DEE7F0265050019 ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
22:56:58.0457 0x0f34  CmBatt - ok
22:56:58.0512 0x0f34  [ C40F5940DDDCCFFEB8C3E55CDE1A3E0C, FE31772059442437306C5C2621E3FA2AF82BD8782B35F0EFB48A1A53046488BF ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
22:56:58.0566 0x0f34  CNG - ok
22:56:58.0583 0x0f34  [ EC086CEEC479CEDAD294D64D819CAABE, 07202C26C0691CE1C83112439FFDD9F4151B3FB16AE63A3B8F35D235C59D005B ] cnghwassist     C:\WINDOWS\system32\DRIVERS\cnghwassist.sys
22:56:58.0600 0x0f34  cnghwassist - ok
22:56:58.0619 0x0f34  [ F89853991E6A03526E17E4AE5239FD98, E10FBF25FCFA42D7D495B013B327E090517797E654FFAEA0A4D4F212A6A5D5CC ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
22:56:58.0668 0x0f34  CompositeBus - ok
22:56:58.0677 0x0f34  COMSysApp - ok
22:56:58.0696 0x0f34  [ C8A7949EBAC42923D59B2C2630D2AD84, F5828C42AC40B873A09879F80B8C5F51ED36F9633A11A2A34846BBB890A416B9 ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
22:56:58.0730 0x0f34  condrv - ok
22:56:58.0774 0x0f34  [ 1D0EF66A01276C2562A84E4C23C19F61, 791DC91B3348A24728165DC8E571FB02D068AF3E80D77DC32194DE083087BB48 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
22:56:58.0831 0x0f34  CryptSvc - ok
22:56:58.0873 0x0f34  [ 0B74231D179C53D34158554C65821D3B, 38157084D67FA80AAE526E5ABF1241FA3FA83185068B39C31670F12DD7E4B247 ] CSC             C:\WINDOWS\system32\drivers\csc.sys
22:56:58.0957 0x0f34  CSC - ok
22:56:59.0023 0x0f34  [ 4192B0B338B00B6E36A942287D68CF1E, 7075263FCE163F0AC2D2F6EA4C3F12D324CDC835EC9C677BEB72A4208916E45B ] CscService      C:\WINDOWS\System32\cscsvc.dll
22:56:59.0100 0x0f34  CscService - ok
22:56:59.0125 0x0f34  [ 2ECC9D6E0104409B441EA7095233F323, 82F9340A98DEF7CA4DDDBF27EAF23C9E829F87863C11E81445A776B366A00CA8 ] dam             C:\WINDOWS\system32\drivers\dam.sys
22:56:59.0142 0x0f34  dam - ok
22:56:59.0225 0x0f34  [ 05C0337538BEECC04FC695808EFF201C, DC32234686D38A7DD35DFE6AC9CB55F0DDAD8B463EE6B20857CC45884F00C093 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
22:56:59.0297 0x0f34  DcomLaunch - ok
22:56:59.0342 0x0f34  [ 2A3BCEDF55E49FCCF7A11A5FE05DFEDB, F4CB15D1279DF158F9BC6E73314091EFFE50FCF56CFD4F24C42F843BFB7464C6 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
22:56:59.0396 0x0f34  defragsvc - ok
22:56:59.0455 0x0f34  [ CB7581E95D45B89503D6290277B3AEBA, E6645951628600EA62CE52CBF1CC2BFA46AFD429072B8CAB52530D93306CFCC0 ] DeviceAssociationService C:\WINDOWS\system32\das.dll
22:56:59.0516 0x0f34  DeviceAssociationService - ok
22:56:59.0563 0x0f34  [ 7F4B79568DD6BEC3ECC80C2AE93DC749, E21DFE1B4D3B2BF3B4C65AB5D2A875453EED66AD9958CB3FD4840EA057756474 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
22:56:59.0599 0x0f34  DeviceInstall - ok
22:56:59.0634 0x0f34  [ 55758EBBC45E1628161121D7CFEAD4A1, 566B90D1600B5B0F71B85B7B5F775D3E77C3B8C73CE13A848784A9EC74478C80 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
22:56:59.0682 0x0f34  Dfsc - ok
22:56:59.0738 0x0f34  [ 9732BF17608F83AEFB792F0A6F024797, 3178F162CD1FDF8F9821A26279542080D7A21B36A92799DCAFD1DF009FFA5EED ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
22:56:59.0793 0x0f34  Dhcp - ok
22:56:59.0837 0x0f34  [ 832BDA661E26792B5512FC641A177F26, 10D4E4D2AE0974A48D6B5E8A294B4B53250B0BC6CA00EBBFE1F6119DD67509F8 ] disk            C:\WINDOWS\system32\drivers\disk.sys
22:56:59.0867 0x0f34  disk - ok
22:56:59.0903 0x0f34  [ 0357F5F7C542249D8EAA4E6FCC69EE91, E23B6657E1126603D195145BED77AA239625057A28378AF535E5A3A7A4D1F36D ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
22:56:59.0955 0x0f34  dmvsc - ok
22:56:59.0984 0x0f34  [ A47341D3C4D2FB3984BDCAF00AE4A6C7, E612CE37EF1C1F1090A95452349BA47CA9580A3928C7B3E1C5784117018F3E76 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
22:57:00.0041 0x0f34  Dnscache - ok
22:57:00.0090 0x0f34  [ EB46660185B04E24A66344699B5A3866, ADBF72CE72982D4C4F7D7DAC4DF0511FED3D7C936B9A1152E91C83ED6ADBEC51 ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
22:57:00.0139 0x0f34  dot3svc - ok
22:57:00.0174 0x0f34  [ F57ECB784590B2C7A974EE22EA16BE5F, 5A252316036C9A0DAAF27008D2C139A225E21736464E32C85709C39FC63DC2B1 ] DPS             C:\WINDOWS\system32\dps.dll
22:57:00.0221 0x0f34  DPS - ok
22:57:00.0276 0x0f34  [ 115B0BCB58F274B46A9C6A5615C4B925, 2F66228A3BC128FDA2356CE5BE7386E91AB9CA155F4E4B45B8BC7D4D02361589 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
22:57:00.0297 0x0f34  drmkaud - ok
22:57:00.0337 0x0f34  [ 57B0E7924571AFC1F4617749D17C7BFF, 7A1E4E7B5AC1849D020B2DA67B07CAC86CD5D378727AC340376558FDCE1A1C7F ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
22:57:00.0384 0x0f34  DsmSvc - ok
22:57:00.0498 0x0f34  [ 38EC892387B603803C12C87D95C67AAB, F8F2E1AC36174ADFF1D45445C93DAA399B163A18753400101B237F15EC24CDD9 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
22:57:00.0595 0x0f34  DXGKrnl - ok
22:57:00.0636 0x0f34  [ BC17CF644AD174F7558D1DCB7D1D488E, 66DC5F0E4619F95674E553A09DA5558F1545B98F042D3D0298288D071F998B00 ] EapHost         C:\WINDOWS\System32\eapsvc.dll
22:57:00.0689 0x0f34  EapHost - ok
22:57:00.0766 0x0f34  [ 08EE8892FD19A6A951F40254E97F6EF3, 76F19B49DDC7B1CD7839BF0DF6A417F2DD756C924931F39291BC1D25A3C6077D ] eeCtrl          C:\Program Files\Common Files\Symantec Shared\EENGINE\eeCtrl.sys
22:57:00.0809 0x0f34  eeCtrl - ok
22:57:00.0845 0x0f34  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] EFS             C:\WINDOWS\System32\lsass.exe
22:57:00.0863 0x0f34  EFS - ok
22:57:00.0954 0x0f34  [ CC45B3BDE20129D940688B161532C844, D0DF3ED05E934C82F2F22B2BA5547D48DF2F12EC8F51BFAF4895E73BAF55C833 ] ehRecvr         C:\WINDOWS\ehome\ehRecvr.exe
22:57:01.0044 0x0f34  ehRecvr - ok
22:57:01.0071 0x0f34  [ CA5B783BC3152588D5441671FBA50F52, BAFCCDDA8581DD6AF461085A13322FB178E1BEB8931F1BDAE714F4F15C0D4BEB ] ehSched         C:\WINDOWS\ehome\ehsched.exe
22:57:01.0126 0x0f34  ehSched - ok
22:57:01.0166 0x0f34  [ AECFDE05D120822452BA8F606841B3FE, DC89D894C9C25E164DD409C31937D6E85824F504D3F834BE8B9DAC61819BC844 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
22:57:01.0185 0x0f34  EhStorClass - ok
22:57:01.0212 0x0f34  [ BFDF5BA2B770B358CA607109240A739D, 20007ED67456BF90F080B4FC4BBA699CB0F2F10216B63350C0B6F9F4D7C5D1CB ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
22:57:01.0235 0x0f34  EhStorTcgDrv - ok
22:57:01.0275 0x0f34  [ 050D136C61DBCF36C257206ADBBEC009, 0FD13A4B43534ABF84B637F0749AED30CAF8EB2A50C0ABE70B76608AEE925A30 ] EraserUtilRebootDrv C:\Program Files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
22:57:01.0292 0x0f34  EraserUtilRebootDrv - ok
22:57:01.0312 0x0f34  [ 6E7FD164E20C50F5A2D49AD0218FF4AE, 0625C6875E703AC0059B5DE55AE6BF725D337C168C499F79D2E772EBAC107EA6 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
22:57:01.0350 0x0f34  ErrDev - ok
22:57:01.0424 0x0f34  [ BC4E13AFEE0B35D87CE8F49EF5DF5634, EA6E7C135EE660070AD823F3D2BB940124FF7EDA599DAF7B7B86CCC58DC0BE5A ] EventSystem     C:\WINDOWS\system32\es.dll
22:57:01.0468 0x0f34  EventSystem - ok
22:57:01.0500 0x0f34  [ 630E4FAFAE692F2D2D3835A4F37A583C, 282C2051F4BDA060958529E4A1F799DB91CA0855B804FF2F6E19EFF913533FE1 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
22:57:01.0552 0x0f34  exfat - ok
22:57:01.0584 0x0f34  [ 2B731E0CF73B392B1923078F464D96DB, 741AE561704A0EF464EB6184C3353188AD6150A5B10130DF0E96D31CE821AD0C ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
22:57:01.0609 0x0f34  fastfat - ok
22:57:01.0665 0x0f34  [ 1FE12BBB957D8D74DDACF51F40B1358F, E8E565E332EADEDB543AE451CD446BE6CDC1079798A9598B868943A434416E84 ] Fax             C:\WINDOWS\system32\fxssvc.exe
22:57:01.0751 0x0f34  Fax - ok
22:57:01.0775 0x0f34  [ F2D60D87B15FF8ABBDA27371EBBEFE0B, EC2B48A3E259449E7C388C31BEF8ECF8B3CA9CB851CBE90E97673CE093CB4863 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
22:57:01.0814 0x0f34  fdc - ok
22:57:01.0833 0x0f34  [ D6AEDD0E959AC11665BEABA0EC470A2B, 731295F996D1AD143FF788E3041B0D8E21C5F6C3ACDAE6662A1598E86545C84B ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
22:57:01.0871 0x0f34  fdPHost - ok
22:57:01.0894 0x0f34  [ A04078C96EDF2D475B76B23D35967344, BB37D73D2899EF60080B5CBCA6FFB14E82933C717F9316025757EB17A0A64E00 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
22:57:01.0935 0x0f34  FDResPub - ok
22:57:01.0960 0x0f34  [ 472A9FFB696FD557828DEBD606FBD819, 5F8C8C5E5DF762A5E9CD4D82933F5BD881C6768194125A53FFBF81F8E8E5AC29 ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
22:57:01.0985 0x0f34  fhsvc - ok
22:57:02.0022 0x0f34  [ 878BE2CD1B68000D4BEEE293267B19CB, 136480B18E145E681C756792B57163349D49521A6DDEA78745E896F1EAB24B17 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
22:57:02.0041 0x0f34  FileInfo - ok
22:57:02.0063 0x0f34  [ 5C427FD4AFAEAC08882A70EDA5013AF8, 74FDB9218D18154D6C541A835A54F17A88C6BE4EFA0A0C94BD642A752A500B0A ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
22:57:02.0098 0x0f34  Filetrace - ok
22:57:02.0118 0x0f34  [ BB2091E613F6F06F24FF9507E0FAA20B, EFACAE4F4E586120C30C48EA503EC679E37D3BDE9052FE7392D6C81E8AE5010C ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
22:57:02.0152 0x0f34  flpydisk - ok
22:57:02.0194 0x0f34  [ 2DEEDF529EECC1D8A43E7C09E517FB37, C1911BBECD24E3F261B760AFB40EA2426D583AE3AEBAC6939F01B9C22B932822 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
22:57:02.0221 0x0f34  FltMgr - ok
22:57:02.0283 0x0f34  [ 98F4B2D16421264E8F6D061E825336A1, 2170C4C074BED3A1BE0E495249583BCDA633FE9520954F7B268ACE35C8731243 ] FontCache       C:\WINDOWS\system32\FntCache.dll
22:57:02.0448 0x0f34  FontCache - ok
22:57:02.0568 0x0f34  [ 7B47332931E0B083D09F1E7FBDD3F147, D7812D0109291BCB5268913498E66F817009E8262050F546AD16B5FAC47F8CCA ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
22:57:02.0595 0x0f34  FontCache3.0.0.0 - ok
22:57:02.0632 0x0f34  [ 73F944AA04157781172CAD535AB6E172, 6C2FB6C0D4A10924A845A1CF18A98206EEAAB8243A0B36AEEC78B047BFFCDDAF ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
22:57:02.0649 0x0f34  FsDepends - ok
22:57:02.0663 0x0f34  [ 6496F5E84CBC8C6D697939D6518D9B7A, 1E518FC7B478356E997E86FDD06A01A6833407C25F67A85CC91A49EC6F2EAEB1 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
22:57:02.0680 0x0f34  Fs_Rec - ok
22:57:02.0758 0x0f34  [ CBE4DFCCA2051EC308FD59BED99586A3, 00D4865CA95E29D48199F0F9646C7E0C880CDFA9A83BCD1CB8FF8DC116EE1015 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
22:57:02.0822 0x0f34  fvevol - ok
22:57:02.0878 0x0f34  [ B3CDDF19F6201210B8785FFD642A1632, 35A664BD1C51F9F448CADA2B82276F378BA65188D175C00515EBBD06E91641AC ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
22:57:02.0927 0x0f34  FxPPM - ok
22:57:02.0953 0x0f34  [ 2DC88A077B783AFD416CDEE7BDE63868, C016325071D88371753C4049749C26C8D58FE8D787533B3289DB1D523E6F076B ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
22:57:02.0972 0x0f34  gagp30kx - ok
22:57:03.0010 0x0f34  [ 185ADA973B5020655CEE342059A86CBB, D3E352DFAF30761505480A4C557D980083F65EC5BD46E2656B2114D47B272A89 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
22:57:03.0033 0x0f34  GEARAspiWDM - ok
22:57:03.0073 0x0f34  [ 2156802A56276A97FB6892412A0B899D, F97F253D7EE992A427D2A4F12601893FCEA93975547A7CE5D8C2DF25ABD23A97 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
22:57:03.0106 0x0f34  gencounter - ok
22:57:03.0134 0x0f34  [ 73EFE8A2747BB87F66B5646AA2262AE4, 368AAFA38F214D474206B914A4258B3679CB0B1C9080D32DFB3BF890BD5611A8 ] GPIO            C:\WINDOWS\System32\drivers\iaiogpio.sys
22:57:03.0172 0x0f34  GPIO - ok
22:57:03.0220 0x0f34  [ 5DDB379D541C2EE4C8D3734A0284A2DC, D18CA69EF148A267CFAF2F36B668416A79042CF9EE34C802B457DAB9AD91A431 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
22:57:03.0240 0x0f34  GPIOClx0101 - ok
22:57:03.0327 0x0f34  [ B7F4799C6CAB7CACF937E1BBDB7440BD, CECECA7D70172D2FDBC45D71DAEC1610BC7DB02324E779772C422B72240BA025 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
22:57:03.0419 0x0f34  gpsvc - ok
22:57:03.0488 0x0f34  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files\Google\Update\GoogleUpdate.exe
22:57:03.0516 0x0f34  gupdate - ok
22:57:03.0526 0x0f34  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files\Google\Update\GoogleUpdate.exe
22:57:03.0543 0x0f34  gupdatem - ok
22:57:03.0595 0x0f34  [ 449688B15D29787C8A440D6ECA9925B5, 7E1C88106F3F39394843B8B2B5921A8F5B215AC1538F46F151B9F4FAAC7AE1DE ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
22:57:03.0655 0x0f34  HdAudAddService - ok
22:57:03.0688 0x0f34  [ A31901DE6A22EA67AB83AAF7036F98CC, 0232E48473D5D071298009DDC83D753A3DDDF8D5272155CA3612502DE5F764F8 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
22:57:03.0728 0x0f34  HDAudBus - ok
22:57:03.0769 0x0f34  [ 5C5BF3E47BB6B07FAD8EA4565159659E, E8C52CC743408093B118D3E1E8C0E7E1E7EED7234422341C8B666C03A9FA0CC4 ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
22:57:03.0807 0x0f34  HidBatt - ok
22:57:03.0829 0x0f34  [ 4A59C5DAF29CC28DA966C57DB863655E, 6A164BEB000AF2A8FBCBF8A15C8BF9D999CDCF90EAFDD748D4F7FAA27E67CD12 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
22:57:03.0871 0x0f34  HidBth - ok
22:57:03.0891 0x0f34  [ 4AC33C5E591F9845E34DA8681E558A58, 4FC04C7EF2736D63CF77756566C5710764671EC54085FC035B4752377CABDDE7 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
22:57:03.0913 0x0f34  hidi2c - ok
22:57:03.0933 0x0f34  [ 2E6CA4DE2AEDF7ABDFEA906F11EDC8B1, 69FD8513F4E0C1E8C78D01D007D90DC33D3C4DEAED05FEECD634A15334202D62 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
22:57:03.0971 0x0f34  HidIr - ok
22:57:04.0002 0x0f34  [ 06692FEB8EBC5AD53AC6C610BC72F1C6, 4C2754E0F3FBCF147D7D7F9D1F433C85B6AB59922F9DA754B31CB57A90CDC175 ] hidserv         C:\WINDOWS\system32\hidserv.dll
22:57:04.0041 0x0f34  hidserv - ok
22:57:04.0077 0x0f34  [ 71E4AD300E86C0754D6070FB92475CF7, 110AF2389CFC8AB481B6A8706F436BB600D10063669C2A6ABB5A63FB9E3A3495 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
22:57:04.0109 0x0f34  HidUsb - ok
22:57:04.0148 0x0f34  [ 622B08BD041DE4B0B8F34D4F0F5A018C, 4EA4DB15CE5DD44FF30B5AE0D7EBEDAF3DDE8761D7633FED52CE7D022E0980E6 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
22:57:04.0188 0x0f34  hkmsvc - ok
22:57:04.0221 0x0f34  [ D331E843F66501F57978F85FE695CEEE, CB2B23E3191DDE105A47D7C7361880DE968D79D55A16B371DA16456F047B7FE2 ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
22:57:04.0294 0x0f34  HomeGroupListener - ok
22:57:04.0339 0x0f34  [ 4FC945E08AF63491AFCC902C99046735, 3F62C132B8C8A35C09D1ED7C602658EC901ED6284550B0A8E9E6FE0AACB7A511 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
22:57:04.0412 0x0f34  HomeGroupProvider - ok
22:57:04.0455 0x0f34  [ BA073FD7F6C94FF18F97DF8F0297ED62, 132611011C0AEB1E529453A4FA983587D7F1CE286C04AC0B952F4D964B72BEC1 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
22:57:04.0485 0x0f34  HpSAMD - ok
22:57:04.0523 0x0f34  [ 950CC1E6AE3A6CD23E0945CDE089B02C, C242AE9F21FE7FBC269BD11BDD3346936626DA15596561B527EF20CFAEF77055 ] HTCAND32        C:\WINDOWS\System32\Drivers\ANDROIDUSB.sys
22:57:04.0575 0x0f34  HTCAND32 - ok
22:57:04.0614 0x0f34  [ 339ADEFAD60353F960E3CA67CE468C24, AF0953ACBE2CA6466595A31349DBF96452DEF2633FD279E8F2B59A3767B89AFC ] htcnprot        C:\WINDOWS\system32\DRIVERS\htcnprot.sys
22:57:04.0658 0x0f34  htcnprot - ok
22:57:04.0716 0x0f34  [ 4196BBF0725EF4E4F220D5E1539EF553, EE78E340C8DE4256567A5D0589CE5B3C182EE80A7D6F663CB971651391BA3F92 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
22:57:04.0775 0x0f34  HTTP - ok
22:57:04.0812 0x0f34  [ FAEB94F3ACCDFDA16E5FA585369FDEC4, 12A41592EEC9CEB5C8C10AAF2C09E7262E2AC28B615D181F9BCCA0DEC12648F3 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
22:57:04.0829 0x0f34  hwpolicy - ok
22:57:04.0855 0x0f34  [ 2DDC60AD29D845A745C9ECAAE35FC477, 1A4670D10744B36FFCDC5068C824315200F9D9BD24E5F2A111B2019C13CD59BE ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
22:57:04.0874 0x0f34  hyperkbd - ok
22:57:04.0899 0x0f34  [ D360FFBA289307976BE1BBE7BE792F58, 6A787C493D226D6AB5A933B3EAF9D6EE4B18BDB2D07D1CAE59CE1EFA729B1B2D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
22:57:04.0933 0x0f34  HyperVideo - ok
22:57:04.0955 0x0f34  [ 5043E69532392A43549E5D41E22638AA, DC5186117FC60036A70CD6065810F090BD3EFFA24B59C760ECB6B7FB9C43F174 ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
22:57:04.0998 0x0f34  i8042prt - ok
22:57:05.0030 0x0f34  [ 646D3B416BC970C3CD2F53844FD156A5, 045CBA642382B33DB1E222302B14DD46838895A73CE50426FD180B4CA918253A ] iaioi2c         C:\WINDOWS\System32\drivers\iaioi2c.sys
22:57:05.0048 0x0f34  iaioi2c - ok
22:57:05.0094 0x0f34  [ 387637FC01BA30E95A2330DA3FFD0919, 836A100F766044B431D2263A57CB3BB3B43AA0C3E58220F31A2EF89E1BB8CB55 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
22:57:05.0145 0x0f34  iaStorAV - ok
22:57:05.0177 0x0f34  [ D2E7F3611BB8F1C2661B8F7858D33A35, EFA7B2E8433AB6DE739EB12792154B64DF29B61C8BB2F467C95C393A40D84E1A ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
22:57:05.0216 0x0f34  iaStorV - ok
22:57:05.0320 0x0f34  [ 373C0F67CC49772028D311FD147F4E85, D88613EB4DCB6F0A77D947D3DAB853689FFD71331484723C7CDCBADC7F01CB34 ] IDSVix86        C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140424.001\IDSvix86.sys
22:57:05.0446 0x0f34  IDSVix86 - ok
22:57:05.0456 0x0f34  IEEtwCollectorService - ok
22:57:05.0514 0x0f34  [ 92557399ED26FBABC5D8446B3C21CF0F, 71304B7614B1552FBA227683A3A9FC84B445BF6686341F6A91A37EDAEF4AE828 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
22:57:05.0591 0x0f34  IKEEXT - ok
22:57:05.0632 0x0f34  [ B0F92A795C7E48E2C5F908265C655458, 6F6606C3F36FD3E603CF9FCFDD1213A108E4B1CF9936E4FE851E6FD5FEA5FEEC ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
22:57:05.0657 0x0f34  intelide - ok
22:57:05.0706 0x0f34  [ 1B96BF4186366306D917FBD187218F29, 8B1E85412D52B0EE7593D7BA08153DABF0852448A4E8DC01F2B24EE3289912AA ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
22:57:05.0724 0x0f34  intelpep - ok
22:57:05.0757 0x0f34  [ 6DD61D8AFB56C9F853210C49FD4D8C16, DFE299AB383A81BDE531B93645F59076BC2D7E37038DA20649CA08230C043C55 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
22:57:05.0807 0x0f34  intelppm - ok
22:57:05.0833 0x0f34  [ 23B5C10891B64FB4261F9FCADF24FE28, DCE73864B0BE98DE96C0EC6C88BA62E1BC2878837D6442BCC2220A956E350D0E ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
22:57:05.0877 0x0f34  IpFilterDriver - ok
22:57:06.0009 0x0f34  [ DD457C613576ED1E134297DF8D4C5922, FC99459FEA8D85D75236F34BB4F12E8CF67AF421B6593B592C9133DB101D7709 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
22:57:06.0191 0x0f34  iphlpsvc - ok
22:57:06.0235 0x0f34  [ D395D5C2900596DFA30478E79110D003, BBED3586F653F9167430DF8FF42669FC7962F5EEA3E789289224DD91BAD3F18C ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
22:57:06.0319 0x0f34  IPMIDRV - ok
22:57:06.0358 0x0f34  [ FA6C94C754A566EA8A61D658932F32DE, AEA11A21F850228B23714CBF981C0D038FF5CC22566594E6995BA0994343A256 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
22:57:06.0406 0x0f34  IPNAT - ok
22:57:06.0483 0x0f34  [ 463790AEF94D8EAB674631257F53252E, A02972457F45AD6816CB5F60DE4CD15D68256695FA0F3E4EAD6F9E36CBE54576 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
22:57:06.0516 0x0f34  iPod Service - ok
22:57:06.0556 0x0f34  [ ADF675CF9EB57229E9D13BC2F5D4719D, 1CAE1C71951795D1E650C81D5271EF9DF3482E531AAF0E6E08BE9789DE8C1E5B ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
22:57:06.0590 0x0f34  IRENUM - ok
22:57:06.0621 0x0f34  [ 2A0D17D431F13E87ADCB28DEEC84F252, 87C82734B58896BB71EE0707B70C4618D0E4895BE1409E9B55668F11E1715F30 ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
22:57:06.0639 0x0f34  isapnp - ok
22:57:06.0666 0x0f34  [ B664CD9178C4BB43CB5113EC3CD03C84, 4741F757C95D65C7D6BF3374BCF32E0162F955901EBA17EA865EA2CF82C29FE8 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
22:57:06.0695 0x0f34  iScsiPrt - ok
22:57:06.0743 0x0f34  [ 37A0B80B513E18322CF768D4AAA6B302, 062CD99E69FE47A4631457AA8309A7E2792A195E5DC821AA66CC320E2F39971F ] k57nd60x        C:\WINDOWS\system32\DRIVERS\k57nd60x.sys
22:57:06.0805 0x0f34  k57nd60x - ok
22:57:06.0826 0x0f34  [ 4504C8B75A6B2E5BE800DE03B26891D3, 4DC5DA3A2CBBB43B0E9CACE094D7EADE458347D134012F9693CAC2014EFE4145 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
22:57:06.0855 0x0f34  kbdclass - ok
22:57:06.0871 0x0f34  [ 8BAF1904393EACA7178A5EF962256D3F, 7CC026151E96D239C68758A016C206278ED262594C87EB7BFCD73A73631DBBC8 ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
22:57:06.0908 0x0f34  kbdhid - ok
22:57:06.0934 0x0f34  [ 3FF50BD6E481C6690A16D0542A2D818F, C7A87459C770380DFC5CF275382B8AC9F81C65A58131A4FDB7D2C251481BA963 ] kbldfltr        C:\WINDOWS\system32\drivers\kbldfltr.sys
22:57:06.0953 0x0f34  kbldfltr - ok
22:57:06.0966 0x0f34  [ 7F896C99637CB0E48262F307FC0F3557, 51B1A2038443F581EAE8057FF487398CBAA4753E7AA854B191E47502F9D7D69B ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
22:57:07.0016 0x0f34  kdnic - ok
22:57:07.0042 0x0f34  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] KeyIso          C:\WINDOWS\system32\lsass.exe
22:57:07.0061 0x0f34  KeyIso - ok
22:57:07.0099 0x0f34  [ 21719E6D6B4EDEB062F0A9D8F7720FEF, 6BEF2890270D4127EAEA6C627B663495A7576A781EDB4E4623E9C68D2DE3EE22 ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
22:57:07.0119 0x0f34  KSecDD - ok
22:57:07.0151 0x0f34  [ 09C2C25E6199901B93716FE4A82E682C, DC242E688EC66F9667320A1FA6CD73CF6FFE635E3459E1C851DAE1B2D8B07E9A ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
22:57:07.0173 0x0f34  KSecPkg - ok
22:57:07.0216 0x0f34  [ EC89E8C1334D257C27197A52099FA960, 5243DD460A78CBCCF6296C13944ADC0F7FA7BD152BCE9633EB8CA911B055C3F0 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
22:57:07.0275 0x0f34  KtmRm - ok
22:57:07.0317 0x0f34  [ 3EDE75D96CF18AA2A94E01F1EBC30DC5, 775A888CC04D7AA4B1C09DCBC130CA19617EFA64A2756047BFD0D0BE29476A9F ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
22:57:07.0358 0x0f34  LanmanServer - ok
22:57:07.0409 0x0f34  [ B230EE02279BBD757637B3CAE1CF660B, D74B85548818E0C9DAE10076AB00198AAD3838BB3A8C0212762716E5EBC3A3C8 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
22:57:07.0449 0x0f34  LanmanWorkstation - ok
22:57:07.0501 0x0f34  [ 4CE8FBDB422165F1D336C1E4251F233A, 7FA894864637E3F504A68A5E2037D55BAC300B827ECC48E8E002387EED147F46 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
22:57:07.0567 0x0f34  lfsvc - ok
22:57:07.0607 0x0f34  [ 369ED2626209D245BA1CEBB626F9A376, C28A0B4998DF1027AB3C234742AD51E140889CC065CF2F073665297B61A31F6F ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
22:57:07.0646 0x0f34  lltdio - ok
22:57:07.0678 0x0f34  [ E7857CCA67A54E265533EF68C7B90A0C, 3CC312DAFD7C539467D5833002D448D62C8B3A2F2894523CBA18C49D2129F609 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
22:57:07.0716 0x0f34  lltdsvc - ok
22:57:07.0748 0x0f34  [ A44270027BA1C8983CCC414183AD5726, 26F0881DF03F7C521A7CA9FE91432B40313B1ED5A9F2779F4CAA3CF6625219B7 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
22:57:07.0803 0x0f34  lmhosts - ok
22:57:07.0840 0x0f34  [ 876BA8550E9F1F4EF8A7D056E66678F6, 55937F75D1332923FD348B9931BC28E379DEBC13841E0EE4D1330D3D4E7707DF ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
22:57:07.0859 0x0f34  LSI_SAS - ok
22:57:07.0882 0x0f34  [ 6FB4E344E66F7243D23F0F52A9610790, 7AAEE5EB222539AD767B0B01FD1F821EE35263699BC4D123E95906C4AE62D3F6 ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
22:57:07.0902 0x0f34  LSI_SAS2 - ok
22:57:07.0922 0x0f34  [ 2E61D97CA19BBECCCF7CDE9C0C7392B5, 237A5739DE9A643CBEE7432522E43DAAB289EAA322FB2E67A66E24D2A0E859E1 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
22:57:07.0940 0x0f34  LSI_SAS3 - ok
22:57:07.0961 0x0f34  [ 3986C8FAA6E397725024E7189BAC69CE, FD934C8D5E51153D9E69764B628E1A983D96CF223115B4E549FA67BA819A27E8 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
22:57:07.0979 0x0f34  LSI_SSS - ok
22:57:08.0031 0x0f34  [ 1D5999E703FAA551DFF0E4E7F6AA2150, D73332190244FE2943CE93C298EDBB09290AFDD1B12F286F94E4B67323F1A1F9 ] LSM             C:\WINDOWS\System32\lsm.dll
22:57:08.0098 0x0f34  LSM - ok
22:57:08.0138 0x0f34  [ A1E31C77F407F629F430A070B8747A44, 80E50D95CBDB85DBA2462BF133140AFEAB2D047F70168E87CE95E8D90A83C99E ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
22:57:08.0162 0x0f34  luafv - ok
22:57:08.0210 0x0f34  [ 8566E3E7E14517C3142F9EBAF68C3CF4, 1E7A279B8EF1FA8C4D7DB0B72E031DDC39D82FC694A22808BD6C76EF98BB7BF1 ] McComponentHostService C:\Program Files\McAfee Security Scan\3.8.141\McCHSvc.exe
22:57:08.0243 0x0f34  McComponentHostService - ok
22:57:08.0284 0x0f34  [ E00D0D70EE37CBAAF01668EE6102C3D5, 55935BAC853C07D3EA937E4CE33BDA630B34C5EC38B509B3D37554CB978D43F1 ] Mcx2Svc         C:\WINDOWS\system32\Mcx2Svc.dll
22:57:08.0312 0x0f34  Mcx2Svc - ok
22:57:08.0329 0x0f34  [ EE038F0B57FD34B872AE2ADD7679C1E2, FC6C352A4EFE659961513B131B68871AFFAD8174672C3D5BF955D83BA1F9CEA0 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
22:57:08.0347 0x0f34  megasas - ok
22:57:08.0387 0x0f34  [ 2E3BE5DA8078B170DA14CE3181C5D3AC, F4E8251C554A47682F00FCE7A0F3B0D0FD0F3D74970BA501F63860A7C824407E ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
22:57:08.0430 0x0f34  megasr - ok
22:57:08.0492 0x0f34  Microsoft SharePoint Workspace Audit Service - ok
22:57:08.0538 0x0f34  [ 01946468EA6196F9C54A245354C1240A, 96BE9EF1D791417BFBD9AC9F24D38F128DEE409C95F25138B8CDAE3F86E17D4A ] MMCSS           C:\WINDOWS\system32\mmcss.dll
22:57:08.0607 0x0f34  MMCSS - ok
22:57:08.0648 0x0f34  [ FFE175CCDA4BC0278E88149F183B6C5E, B84F9E1E20B0C0BF64BC8DABC238776A307286ECC5AEFEDD74F6C187F5FD0671 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
22:57:08.0681 0x0f34  Modem - ok
22:57:08.0704 0x0f34  [ 523C526BBB796FC2087C0C8AC2B669BD, 79FAC4B32BD35E140B7FAFC5A58FA039B1FB16EF68A4DCEB25B2B153B1B0FE0D ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
22:57:08.0746 0x0f34  monitor - ok
22:57:08.0788 0x0f34  [ 1B621475FA22B947B60EE004A8EE11F5, EC4BBD6C586686BD3E05F861FF7D9E82E7C787DDBC9BC3CDEEE613BFCAFC34D3 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
22:57:08.0810 0x0f34  mouclass - ok
22:57:08.0833 0x0f34  [ 64DAA33D69C4442AD4CC52D478895355, 686CD366539D41331ACC41A66B165EF7B659CD8FC0048596E6F38D1FBF3120C8 ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
22:57:08.0861 0x0f34  mouhid - ok
22:57:08.0884 0x0f34  [ 8CF63AB55709A9E415190219C226A855, E061AE50F74F46D9D58E406254515B104B32D7B7DE64C1045E9901942A953FCF ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
22:57:08.0904 0x0f34  mountmgr - ok
22:57:08.0957 0x0f34  [ A7A117CB1104D0829466F48E17BE0A71, 040F18FC1AF72BE2B7123170C2F5F131A9518B8AA57C20F23203625D213C792B ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
22:57:08.0985 0x0f34  MozillaMaintenance - ok
22:57:09.0005 0x0f34  [ 4B300E2D06B03410064CF443E1CE6B25, 9B75E288392DBB24C84C573823AB0C94F2CFA6AA8AF3F6D8E3ED93DA57F5ABB8 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
22:57:09.0043 0x0f34  mpsdrv - ok
22:57:09.0117 0x0f34  [ C67F755D89AE52C7F2249ACE98416265, EA115A4165E3657452CDF69E0C5704BB685A8E0FD451F37EA1FC3D5A8BCE5A9E ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
22:57:09.0224 0x0f34  MpsSvc - ok
22:57:09.0354 0x0f34  [ 53E370C8ED69C68DFD26BAE4588095F3, C72A759D0C31CF2E6C153D8D008DE03575C5D6A74067C381E580B09850890EBB ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
22:57:09.0407 0x0f34  MRxDAV - ok
22:57:09.0441 0x0f34  [ 3225D40D8CBA74A79D3B10879A14755E, 030818F38C2A94FAA69189B16C158DA50339CD44402E26A854AFB81DFE914D82 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
22:57:09.0486 0x0f34  mrxsmb - ok
22:57:09.0514 0x0f34  [ F37F40422662235AB5768C303E829602, B1350AE9827FCF48FDC7BCA83CE5A7E1C54550449F6F56AC39E1E1ECB9EA56DD ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
22:57:09.0558 0x0f34  mrxsmb10 - ok
22:57:09.0594 0x0f34  [ 8A652A1B9BF586E973EA08404549BF7A, F890074E49C3F7E624BB5FBDCD1E5FA5C737F79DDAB99F55A081F455264ABFD9 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
22:57:09.0636 0x0f34  mrxsmb20 - ok
22:57:09.0654 0x0f34  [ 41CAFD1FAE3272E9B5DD67400ED59475, 689C8899F36D73652ADCAD6CEB2F3AC6024DDCB4619D908DA8575536978E85A6 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
22:57:09.0691 0x0f34  MsBridge - ok
22:57:09.0731 0x0f34  [ 18919845004A5A05D69CF5EAE19D0E68, 809FC3AF3CCA004712CE3B841E08BD0D47E2A1C0B938AD68337B642D5D43B0C3 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
22:57:09.0757 0x0f34  MSDTC - ok
22:57:09.0781 0x0f34  [ D99C98D630C34A448A93DE552DC7DD68, B3A216B119737476182B3CD080B3466506D673ED2889C9F8C36F0E92A4657029 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
22:57:09.0820 0x0f34  Msfs - ok
22:57:09.0845 0x0f34  [ 22FFBD5F9BCE2E970C617B95103079DC, BD431517B572EC80127881124C697434B31F016BF897382F6D2C5D0FF904C1C6 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
22:57:09.0862 0x0f34  msgpiowin32 - ok
22:57:09.0882 0x0f34  [ 30DA16E72C4CB4D5F06D35D0DFA16E2C, F8C4073C3AA001FD22087BEBD0CEBDFA8F0BD1965B8F3346BBAEC0E3208F927B ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
22:57:09.0902 0x0f34  mshidkmdf - ok
22:57:09.0913 0x0f34  [ 26B1961255650B59107FC4990B2CEF34, 273E5E0DD5708BE9E188934CF1A19E63946179280F9AC149376053AD863A8239 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
22:57:09.0932 0x0f34  mshidumdf - ok
22:57:09.0963 0x0f34  [ BF7ABD4461576528028FB86633A7EA24, 3AF39AEA9FEAAE7D79A3691714AD700288411DC594F38A07756F149D6D7463BE ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
22:57:09.0980 0x0f34  msisadrv - ok
22:57:10.0010 0x0f34  [ A876A975BAF66A8D209240F43AC07A07, 11B26C8004B8F191F9AF7A25C90500DAE344392561DDA9C5516FC0EAB6DDEE26 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
22:57:10.0036 0x0f34  MSiSCSI - ok
22:57:10.0045 0x0f34  msiserver - ok
22:57:10.0074 0x0f34  [ 02238D563EDB7DFE17BF8AE12D9F3D30, 77BB0671B7B9150E15F7744B8F3D83375948694C1612198CB24D93842FE1A32B ] MsKeyboardFilter C:\WINDOWS\System32\KeyboardFilterSvc.dll
22:57:10.0095 0x0f34  MsKeyboardFilter - ok
22:57:10.0113 0x0f34  [ 0B2A5AB2591D7F6E8E64A0516325F2AD, 083775925CA8B4677029B5FDF4F60F08E325CF05486FAE63D311B40C7EF3786F ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
22:57:10.0148 0x0f34  MSKSSRV - ok
22:57:10.0168 0x0f34  [ 2B1E1DA9C5FA25DB8DAC2F34BCF10196, AE346D5711E4EA9C6365D55411E907683147064B34192B88EEAA9E871DECE2B0 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
22:57:10.0201 0x0f34  MsLldp - ok
22:57:10.0229 0x0f34  [ 86729EC40EB28DBBAB6A672B138B4DC5, 13F097572A8BE21EC9FA44C950F143BF0AFEEF09131DCD115B951AB5EF13BA13 ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
22:57:10.0257 0x0f34  MSPCLOCK - ok
22:57:10.0284 0x0f34  [ 4E5FB5BD76165A81EE181A82EB665C8A, 16C50027D92F059C07CCB28FDE339C3E35DE9BF1752B0F16577845C38B77B776 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
22:57:10.0318 0x0f34  MSPQM - ok
22:57:10.0349 0x0f34  [ C90BB8C3DC3F50FBA1A668B844C84315, 4ABA28B0047B2038E881583DB0F1A6A78FAB8ACF3759ECCB7A835D7F8944CC83 ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
22:57:10.0372 0x0f34  MsRPC - ok
22:57:10.0391 0x0f34  [ CF61A813430B7F12452BCED287135676, D5400E8C47D6441830EA48E153BDB2CC70672176B69E90D89EC3DD6D17BCFAFA ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
22:57:10.0407 0x0f34  mssmbios - ok
22:57:10.0415 0x0f34  [ C323F63D61AD8CEC79B3CF4B8463B208, FE1E91267B1050EDF05E89B33AFBEE2F6A5912251024A2130D756DE53C93BD81 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
22:57:10.0435 0x0f34  MSTEE - ok
22:57:10.0460 0x0f34  [ 06442D8CA4425EFF66F47D8F82493450, 82D3698938B2CA169C0564F90941423FC4F87261CCD1A214517DA95605671A32 ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
22:57:10.0494 0x0f34  MTConfig - ok
22:57:10.0517 0x0f34  [ 6CD6189DFA649EEBFCBE81CB30030355, 7F50DD0ACDFC2AFFF1FA8BA5065B7B232C491D7AE7E67AE833BB02105AB7AF77 ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
22:57:10.0536 0x0f34  Mup - ok
22:57:10.0556 0x0f34  [ 8122A46E9A5EBD2E001FF5FB34A12A47, 8CC747B11E77AB0F15A7F08D48160FB66AD26C81021D25A10335ECE967A847F4 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
22:57:10.0575 0x0f34  mvumis - ok
22:57:10.0769 0x0f34  [ 1B9C5DD538C53B26096CE534A4869533, 1666B074866FB44C76DD58D2D646A6A39BF34E1AF904BA4EF1775FC664A4D4DC ] N360            C:\Program Files\Norton 360\Engine\21.2.0.38\N360.exe
22:57:10.0800 0x0f34  N360 - ok
22:57:10.0862 0x0f34  [ E5B61DB218E01A850C7A92616E97F5EB, 26EA66D8EB058EB9CE8D2913D5A1397D26653E26AB0261119B802D8DFC11AE87 ] napagent        C:\WINDOWS\system32\qagentRT.dll
22:57:11.0012 0x0f34  napagent - ok
22:57:11.0047 0x0f34  NasPmService - ok
22:57:11.0092 0x0f34  [ 5D4472322913D013C82A7048886188E1, 4032A2060C8F09032C2046652632F44BE893383BCC67D3A7001B95CD708CF43B ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
22:57:11.0193 0x0f34  NativeWifiP - ok
22:57:11.0274 0x0f34  [ 81E928EE3751FAF725C87CC17726C05D, 8AB84270DCB35F239B00FA4B9AC90E9520967B8188085D897F28E994CBF911FB ] NAVENG          C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140425.001\NAVENG.SYS
22:57:11.0297 0x0f34  NAVENG - ok
22:57:11.0424 0x0f34  [ E0C39FA6C76AE8ED53ABF043F35ECDFF, CD2F87D3CB64F3362508D1855B24F40F1C44CF4132E3626971CCF4E7C49E61D6 ] NAVEX15         C:\Program Files\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140425.001\NAVEX15.SYS
22:57:11.0543 0x0f34  NAVEX15 - ok
22:57:11.0592 0x0f34  [ 54C905054922B43A91521D075E34024B, 4B2DF68DF11B26D2A224930CE2B8FAF40B19D960BCFDF5D523B52A82125B487A ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
22:57:11.0636 0x0f34  NcaSvc - ok
22:57:11.0661 0x0f34  [ F81A77CF6B0C9513AC20A24DD2997E26, 756818D6DEB6B7D036C2BF6B442EC8C435F9FB3E384E109FCCD9740F7651B3AB ] NcbService      C:\WINDOWS\System32\ncbservice.dll
22:57:11.0735 0x0f34  NcbService - ok
22:57:11.0756 0x0f34  [ 10A61CCF540D1E2260D3AE76377810F5, DFF0F1EAF03518220500C70BCC52286CA599EA2E00D3AB97D88D9BF15F1E26AD ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
22:57:11.0863 0x0f34  NcdAutoSetup - ok
22:57:11.0939 0x0f34  [ 14F983A265A9A84B13C8F03F1BE639B0, CA2C7BE7C998F14B7EF5EE20C170E1144DDD0098E9EEDAFDBD9E3B592EB586A0 ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
22:57:12.0014 0x0f34  NDIS - ok
22:57:12.0055 0x0f34  [ 9FA562E35A0263FBD01D44559224D46B, 9C8CBDDFA09EA86B025BD7F04F63C5517296FF7EDAC9E87C096766054C448F1E ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
22:57:12.0079 0x0f34  NdisCap - ok
22:57:12.0096 0x0f34  [ E0E3F52E028D5AEB0AAEA4DEBFE5F696, 7CDA2500C3440B8A5EF0C4D64DB27E91A08A1D143CA6FA6568E5C7FBBD277B02 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
22:57:12.0136 0x0f34  NdisImPlatform - ok
22:57:12.0158 0x0f34  [ BD856EB36898EFA1B11346996ECA764C, 52CF7CC4DEB3CC0F3B09E8A4D83E20538765C44DD04FE0746BD17B09C67AC78C ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
22:57:12.0180 0x0f34  NdisTapi - ok
22:57:12.0205 0x0f34  [ 1D34650E97E74DF51BD86E0A102DB241, B4B6A2C073348C3829E5CD0565A0B44CA6A0AD05E3744767FA8D89134ED8002E ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
22:57:12.0243 0x0f34  Ndisuio - ok
22:57:12.0278 0x0f34  [ 53D21FFC20728406A20BCCF145DC2AD4, 116B06A3827C6EB584C8DC13FE2554EFC1CE5A96BA298C4C7766B700E56C282F ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
22:57:12.0324 0x0f34  NdisVirtualBus - ok
22:57:12.0353 0x0f34  [ 11312D35028616E585DCF02AFAFA56DC, E7B0503FAA2B93F6751FD792D2F424B40E2F9A20D9E827253563B916A1CFAC06 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:57:12.0402 0x0f34  NdisWan - ok
22:57:12.0442 0x0f34  [ 11312D35028616E585DCF02AFAFA56DC, E7B0503FAA2B93F6751FD792D2F424B40E2F9A20D9E827253563B916A1CFAC06 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
22:57:12.0468 0x0f34  NdisWanLegacy - ok
22:57:12.0487 0x0f34  [ 9F76B41778F62A7E582ADA902E8D149E, 140A62ACA0B198A23A4236AE28CD4E32D5378F4D21CBE55FD05684EEE91C1B4E ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
22:57:12.0511 0x0f34  NDProxy - ok
22:57:12.0538 0x0f34  [ C6003C8BB723B4D7FCDFB4C419D676A1, 9D2639A104D962C899CC9EBB40BF8AA6FB9E440AD5DB6861C9723BDB4B9361FE ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
22:57:12.0579 0x0f34  Ndu - ok
22:57:12.0597 0x0f34  [ F0F2377D72E48EBCA9B9BE5F3DE3F355, 89C05AB573C0F97FD3F0C43024212A0A55BFA3698598DABFD33FC481D5D58E3C ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
22:57:12.0621 0x0f34  NetBIOS - ok
22:57:12.0648 0x0f34  [ BC242922B0D08F61CF7C87FD08FAFA8B, D9E96D9C01FD9FFF80C60E76950B31E5D010EDE1A6CF0E4B5A85BD5E7A5DB715 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
22:57:12.0675 0x0f34  NetBT - ok
22:57:12.0694 0x0f34  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] Netlogon        C:\WINDOWS\system32\lsass.exe
22:57:12.0713 0x0f34  Netlogon - ok
22:57:12.0757 0x0f34  [ B587D8BBD8FB55FEA7C6CCE86D98DDA7, AC0EFCECF14B680A260D32BA13AA29E94663171E6EE2B9E1F3BD6BFD7997FE3D ] Netman          C:\WINDOWS\System32\netman.dll
22:57:12.0802 0x0f34  Netman - ok
22:57:12.0855 0x0f34  [ 9C005769C00F380DBEB33C0164BBB7F8, C67498DBB6EB1B71CCA11E29D5CFDE77748201A3B3AB68770E43B82F221FCEC6 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
22:57:12.0902 0x0f34  netprofm - ok
22:57:13.0009 0x0f34  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
22:57:13.0032 0x0f34  NetTcpPortSharing - ok
22:57:13.0053 0x0f34  [ 6A90783186DA0F93D21C805F6FAFD9CE, EABCD828F1BB745E80AA6B8FDCD32BD644F63FDD724809D8B94CBB90EE16F48E ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
22:57:13.0087 0x0f34  netvsc - ok
22:57:13.0121 0x0f34  [ 6DF13740F8E98AD840B13D056CA86511, 08C2491C82E1733C4317E565298BD8C19508F415A9B544044D57CC1C3E596590 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
22:57:13.0164 0x0f34  NlaSvc - ok
22:57:13.0182 0x0f34  [ 6CB2336E1C247A8164ADFF8A0D2FBCA4, 2EEE5E0754E01615D56EA9FC3A76195B3A9B7E32536F67C9394B452FC64697CD ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
22:57:13.0204 0x0f34  Npfs - ok
22:57:13.0242 0x0f34  [ 1B134DECC25E59D0C8AD95B64D475297, 7656D18FF1BBC83900109039F78DBC156A8E651638DBE3C6A6189408A0DF4511 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
22:57:13.0273 0x0f34  npsvctrig - ok
22:57:13.0289 0x0f34  [ 4763A0EC9B205B32E1194024E50F0C32, 10DCC2099B971661045F9D9224316E7D72D96E0DB642DC65FA8FA546CEE98FC8 ] nsi             C:\WINDOWS\system32\nsisvc.dll
22:57:13.0331 0x0f34  nsi - ok
22:57:13.0352 0x0f34  [ 3D383D0C64FFC3D3DDE2ED4EF828CFAB, 3F24F3E1874C5B1A1426C85D531580A30073CFCFA180DAFAD655BC6BC58428A5 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
22:57:13.0388 0x0f34  nsiproxy - ok
22:57:13.0525 0x0f34  [ BAFDB3519A9D1A6A0665A70696BA98D5, FA7F861139C4805F6D59D397D7AEBC69DEA96AFBACA4466336343EC5873A7B6B ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
22:57:13.0661 0x0f34  Ntfs - ok
22:57:13.0681 0x0f34  [ C68CBBB69A8C611EFA668FA36DE542D9, 2026BA1505619F62DBD06B293DD061A53B824FFD962D18B89297353F48D88017 ] Null            C:\WINDOWS\system32\drivers\Null.sys
22:57:13.0728 0x0f34  Null - ok
22:57:13.0760 0x0f34  [ CE9BC6B9B2D5A9782B20B8EF1D48FC6E, D91145F57A4E2A6F03523C215B211BB5B431D29D3B8E0D15685967A01EC33D95 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
22:57:13.0780 0x0f34  nvraid - ok
22:57:13.0809 0x0f34  [ 8BC42FC48C9DB301025D7A5C6B20ECD9, 97A79CB628F1F806E7874CEAA3B9232DC56C2171AD1A50C07FE8246E3799C013 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
22:57:13.0836 0x0f34  nvstor - ok
22:57:13.0861 0x0f34  [ 5FC39F8B065128F2A59F92EE9AE3F286, 0BDA69197BAD4151DF895E3869E310D1E1C513332C0BADDF99D4C40E02232F46 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
22:57:13.0881 0x0f34  nv_agp - ok
22:57:13.0930 0x0f34  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
22:57:13.0947 0x0f34  ose - ok
22:57:14.0226 0x0f34  [ 358A9CCA612C68EB2F07DDAD4CE1D8D7, F342100E2E9001F11FDF93F856B50FA43F9B85D2C6B5706EC0433E77206498DA ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
22:57:14.0485 0x0f34  osppsvc - ok
22:57:14.0572 0x0f34  [ 51B0BA395EE58B2088F03162B3D3208C, 1F6676D168D18727061B756C333C2BA0F0489F5CCA3942984885E70FEE209599 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
22:57:14.0647 0x0f34  p2pimsvc - ok
22:57:14.0694 0x0f34  [ 2F3FD70DBD4CA80C20E0354E1B71FCF2, 66B31A2FC594C9B61806A550E5D28AD9EEAE220D6FBB684A64AAEF9468BBE403 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
22:57:14.0764 0x0f34  p2psvc - ok
22:57:14.0806 0x0f34  [ 4F30970F15ADCC382544B31D5D7E368E, F8A66D12796887A60015466A6EC1932EE9F63C5C7F83E1F0E65D338D23F89602 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
22:57:14.0843 0x0f34  Parport - ok
22:57:14.0869 0x0f34  [ C503DA12698E7F775F8252F7A6FEA47F, F85664D23549B6485A6CDEFDC9362A13A688EBB8998F7A1A4AEE6E95C0EB3229 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
22:57:14.0888 0x0f34  partmgr - ok
22:57:14.0904 0x0f34  [ 60450D9CA16603770DFCA15E68D8EAD3, 37DAC10DC550D0A1A2F44A95E9C4E0EDE69E29F6162C4C17BD356E6FAF10D9F6 ] Parvdm          C:\WINDOWS\System32\drivers\parvdm.sys
22:57:14.0925 0x0f34  Parvdm - ok
22:57:14.0994 0x0f34  [ 3CAE2BBC86FCF7F94C9696994AF30386, 4DA063A60523567272CFB35DF5D7CA142B100EF9123B1F23A6F11AB89DB83486 ] PassThru Service C:\Program Files\HTC\Internet Pass-Through\PassThruSvr.exe
22:57:15.0034 0x0f34  PassThru Service - detected UnsignedFile.Multi.Generic ( 1 )
22:57:16.0056 0x0f34  Detect skipped due to KSN trusted
22:57:16.0057 0x0f34  PassThru Service - ok
22:57:16.0137 0x0f34  [ 81F10577DBE53F1F6990280D1926DAC9, 9FC674CADAC6DCD40F8AD9891199B8ADF7873667377BA12F67EB9EF2156A5561 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
22:57:16.0196 0x0f34  PcaSvc - ok
22:57:16.0250 0x0f34  [ 8F8DB22F78C74514A42A51211DAE24E9, BA32DAC0784D2634065303F3703A383F3B0A2FA0CE2C2B32A6D29336ED4AE13F ] pci             C:\WINDOWS\system32\drivers\pci.sys
22:57:16.0289 0x0f34  pci - ok
22:57:16.0322 0x0f34  [ 05C7426981598F0E45824BC912D5177B, 46559C2A0EF523E89AAAB0670700263A2D5580D8A35BBA5404BB4E2BFBA29B4F ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
22:57:16.0339 0x0f34  pciide - ok
22:57:16.0361 0x0f34  [ F404AA7E499C83117C7442C2C2801C03, 4E30D0B41550FECECD7957822398E0E1897B5DB12A6799B7E1119CC7626E6959 ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
22:57:16.0382 0x0f34  pcmcia - ok
22:57:16.0406 0x0f34  [ E0F759702BBA5095CB0AE570333B194B, BC8882F24038A83487C88569EFDD1407A55FA45778E4AF630167F4B2EB927DB5 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
22:57:16.0425 0x0f34  pcw - ok
22:57:16.0467 0x0f34  [ ACDB8C7FDD48AA326B6D1D681275237F, FD1116B0AB07D4959FD241432BABC2DE068EA061F46D1646AB50DEC0677C0126 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
22:57:16.0493 0x0f34  pdc - ok
22:57:16.0616 0x0f34  [ 20372BE109FEE1C37E2D5216680DB9EB, 2C3737FB3C6BCF81D0A7293667412DDEA649A8AEA40B7ADCFCB9893E8B3C4AF3 ] PDF Architect Helper Service C:\Program Files\PDF Architect\HelperService.exe
22:57:16.0673 0x0f34  PDF Architect Helper Service - ok
22:57:16.0741 0x0f34  [ B90A279073A815A4AA2C45A09EE004FA, 9EA27630C47F5FF99CBBE513C113F3ED01FABA0D59B9D9637764027BCC6EA24A ] PDF Architect Service C:\Program Files\PDF Architect\ConversionService.exe
22:57:16.0776 0x0f34  PDF Architect Service - ok
22:57:16.0849 0x0f34  [ 1A9DFE5854BD66E28178431E9C96E77D, 8731CAB4C426FC641864A868AADC33EAED00E08A2E2F9B9F31484EE3852C1D6D ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
22:57:16.0938 0x0f34  PEAUTH - ok
22:57:17.0054 0x0f34  [ DCB79C8D79D46BF6E9B46ED7CE388D93, 52BFECDA9CB1043FB3E7E6565E3B675340D7B4F70EE2F40593947334C74581FC ] PeerDistSvc     C:\WINDOWS\system32\peerdistsvc.dll
22:57:17.0204 0x0f34  PeerDistSvc - ok
22:57:17.0306 0x0f34  [ 685A51594574DA70A4305C7ADE6F9649, FA3C9F383DC4A89473F7EA09C3FE71C13739291883D1EF5C9746808F903503FE ] pla             C:\WINDOWS\system32\pla.dll
22:57:17.0425 0x0f34  pla - ok
22:57:17.0455 0x0f34  [ 7F4B79568DD6BEC3ECC80C2AE93DC749, E21DFE1B4D3B2BF3B4C65AB5D2A875453EED66AD9958CB3FD4840EA057756474 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
22:57:17.0484 0x0f34  PlugPlay - ok
22:57:17.0510 0x0f34  [ 7A232CD15E6DF06044C8782FC6532B58, C46D1C5ACE232592380E87E0D5D5735082A4E977AD92A06EF927BA553713D3C0 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
22:57:17.0546 0x0f34  PNRPAutoReg - ok
22:57:17.0582 0x0f34  [ 51B0BA395EE58B2088F03162B3D3208C, 1F6676D168D18727061B756C333C2BA0F0489F5CCA3942984885E70FEE209599 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
22:57:17.0612 0x0f34  PNRPsvc - ok
22:57:17.0658 0x0f34  [ CABCC1083EC2BD8503385080F02C1901, 6A602FD80D10EC1E68ECA1194B1A46E0CC073ACBFA8CF8C0D4BD6D539930A702 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
22:57:17.0733 0x0f34  PolicyAgent - ok
22:57:17.0787 0x0f34  [ A35DF6D1C00783CEFA0ADC975B09BE7E, 1C137583E2669081FDA43186DFB7896BCAB3AC92B7185EE717FD5FBE28173671 ] Power           C:\WINDOWS\system32\umpo.dll
22:57:17.0830 0x0f34  Power - ok
22:57:17.0864 0x0f34  [ 0F72D9FB662C37F818209D4554B200C3, 1B1099064CD812E7BDC4071872891C472482C7ACF1CDFDFDE065DA6B9413FDBA ] Printer Control C:\WINDOWS\system32\PrintCtrl.exe
22:57:17.0878 0x0f34  Printer Control - detected UnsignedFile.Multi.Generic ( 1 )
22:57:18.0882 0x0f34  Detect skipped due to KSN trusted
22:57:18.0883 0x0f34  Printer Control - ok
22:57:19.0110 0x0f34  [ 801FDB9F5F565B56C917CFEF555F2B91, 24559B1D976460D88AD727CEEBA38A8F5EB037BE0479051F76CA31A92470DA80 ] PrintNotify     C:\Windows\system32\spool\drivers\W32X86\3\PrintConfig.dll
22:57:19.0410 0x0f34  PrintNotify - ok
22:57:19.0463 0x0f34  [ 0BE3706EE01AA76D1583E82AE2E680D6, 05B86010B88BA13ADE4A9A3ECDEC376D833C7FB6BAC61ACD9E3B406CF007E46E ] Processor       C:\WINDOWS\System32\drivers\processr.sys
22:57:19.0485 0x0f34  Processor - ok
22:57:19.0534 0x0f34  [ 7298FC235A76EDC1D03272B24FD1B33E, FB56223F92671EA308588E81E97CBEE72CEB9B9BBCD497C523AA1D11FAB556CA ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
22:57:19.0598 0x0f34  ProfSvc - ok
22:57:19.0652 0x0f34  [ 9F6173E6F8E4034C008FCE29BFD4FBB2, E91251433567035F0EDA5971A8D154E9FC911222365C3BAD16DC10A5CDC38860 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
22:57:19.0685 0x0f34  Psched - ok
22:57:19.0712 0x0f34  [ BC63CB1761AEC25186C4E707C4A23ED4, D12F55F1445AF325A247B02B016A4F321CDDB8616D9A5432479085F3B10FE365 ] QWAVE           C:\WINDOWS\system32\qwave.dll
22:57:19.0774 0x0f34  QWAVE - ok
22:57:19.0792 0x0f34  [ C619F26983C63B2BB1F6FDD6B52490E0, D35D7AF400133D6E6CE75C963285E13DABCD1F7EE46E96629EED9466DC999048 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
22:57:19.0843 0x0f34  QWAVEdrv - ok
22:57:19.0867 0x0f34  [ 91D50E991F182B40E10E06A9D21D8779, 00F584B07BD3366D4DB6AD80A9AE6BC61572B163C74888A399DF85940D2F9A50 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
22:57:19.0894 0x0f34  RasAcd - ok
22:57:19.0939 0x0f34  [ 13867EC172CDA1E4278EF98F3822B5E1, BD5BF2E622F1B075758D29EEBFA779807244545E3BEFFD7A4E4AD36FD9DF4EE9 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
22:57:19.0984 0x0f34  RasAuto - ok
22:57:20.0030 0x0f34  [ 80812558CF8E87F248B9BA0C4825945B, 4DA89447C31A5EC8B5C21941D47EECB767673201859B72B33E3145E6D3B6DA26 ] RasMan          C:\WINDOWS\System32\rasmans.dll
22:57:20.0113 0x0f34  RasMan - ok
22:57:20.0141 0x0f34  [ 1B6351227867FBD8917769479F7D84A3, E38EF2291CE47956DC1A3F0C7D98E5FF97CA1EB515267A451ED99AA22370DC8E ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
22:57:20.0180 0x0f34  RasPppoe - ok
22:57:20.0224 0x0f34  [ 8810FA3D36B8922B7BD1935378CD1667, 483DBA29212149D14E6EF873CF71B32A89C36E018E6F424C67699735B233858A ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
22:57:20.0287 0x0f34  rdbss - ok
22:57:20.0310 0x0f34  [ 4E3C895DB9831A925CAFAF9F04FE89CC, 9F518A1A046082FFDC6E171385B36EEBBE8A7C6D0234660D00A69CB327B2D869 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
22:57:20.0357 0x0f34  rdpbus - ok
22:57:20.0369 0x0f34  [ 67E91843B0344411820A012063E876B2, BFD92EEB961BDE9AE4324F8FDB01597B5D334FAAD6990324E2839687DC3A4E0E ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
22:57:20.0408 0x0f34  RDPDR - ok
22:57:20.0440 0x0f34  [ EA6B3264660145F588643C5B65C7C9EB, AE9B9A8D92F9CC3CCD53AA2A46521E6FF8DCF28EBD22073A4C9F427E3EF4D5B7 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
22:57:20.0460 0x0f34  RdpVideoMiniport - ok
22:57:20.0508 0x0f34  [ ED5DA057B5C00042CDF0E705C59B3CB1, 195F37E7C6D748C4190C3E55594B4E48BD87F0BE6C3F4D0F2E316F6C7696027F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
22:57:20.0540 0x0f34  rdyboost - ok
22:57:20.0586 0x0f34  [ FE591904131230C3FB98E9F97AAABE4A, C7C108E384F2F27A9AA58DDC0CCDC63D32629E11AEC7E2FC2F1A3F609BC94390 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
22:57:20.0647 0x0f34  RemoteAccess - ok
22:57:20.0687 0x0f34  [ 148CA6950C5F9385B67F18C0584376B3, 1EC021529C15420E5E1646520FC78119236FD01FA1065FBA16672D07D53BD7CB ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
22:57:20.0732 0x0f34  RemoteRegistry - ok
22:57:20.0764 0x0f34  [ DF672613FBBCD58C38BB0BC2694BCFB0, 9B574773C7E796B7E30481F7A22D996078D5D3D295270B5BA5931A2D2F03EB4B ] rimmptsk        C:\WINDOWS\System32\drivers\rimmptsk.sys
22:57:20.0796 0x0f34  rimmptsk - ok
22:57:20.0820 0x0f34  [ 9BFB54D3559F2FF7301271D29D383564, DA7F9D7432D2DD4B8FCEEB5D995E4E0A2BF6226C3A244BE4EE6BF08EF29C8687 ] rimsptsk        C:\WINDOWS\System32\drivers\rimsptsk.sys
22:57:20.0851 0x0f34  rimsptsk - ok
22:57:20.0884 0x0f34  [ DCB87DA83CC1010CBC9FC4DC9E395BBC, 2123B7CAD746141C69F7DFCB4C351905C32E5B433F806EDA50074B088DC886DC ] rismxdp         C:\WINDOWS\System32\drivers\rixdptsk.sys
22:57:20.0925 0x0f34  rismxdp - ok
22:57:20.0965 0x0f34  [ 67138062CED5A0E30DC42EBC087EA76C, F43FBCA3475A63145DB487C8852CB0AB7C5EB844303C7565E5F4FE238AC5E2DC ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
22:57:20.0990 0x0f34  RpcEptMapper - ok
22:57:21.0029 0x0f34  [ 56C6CFC3375CAA49E0DAE65472FD028F, CE19E793E7ACDBCC5C8486361E14BFC86458BCC55C8E56BE31CDA442BB76FEBE ] RpcLocator      C:\WINDOWS\system32\locator.exe
22:57:21.0069 0x0f34  RpcLocator - ok
22:57:21.0132 0x0f34  [ 05C0337538BEECC04FC695808EFF201C, DC32234686D38A7DD35DFE6AC9CB55F0DDAD8B463EE6B20857CC45884F00C093 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
22:57:21.0174 0x0f34  RpcSs - ok
22:57:21.0210 0x0f34  [ A7B0D780D365635525B8A2B10CE493C4, D27F12DAB4B6BD7BE2E72650ED5BD48790E706B290A838882C6A34123B67D70E ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
22:57:21.0253 0x0f34  rspndr - ok
22:57:21.0275 0x0f34  [ 14FC57F255EB705ECA023FB85D70BF7B, C05CEF9583C5EC04E291F65293E843FAEFE8BA1FC6B4EC0C26789ACB39BBD5C6 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
22:57:21.0304 0x0f34  s3cap - ok
22:57:21.0329 0x0f34  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] SamSs           C:\WINDOWS\system32\lsass.exe
22:57:21.0358 0x0f34  SamSs - ok
22:57:21.0410 0x0f34  [ 98A297A744DDF9B2E14B05E511439ABC, E1399BC222E02F5EBCB00F6A6C4FD52BFAD10F70F42063C7C8BAB55ED33D1F3A ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
22:57:21.0432 0x0f34  sbp2port - ok
22:57:21.0472 0x0f34  [ 54F017E5C8B7B5DDEA1878F4A0CF3B9C, 91B676F4371BE1FECE630BA97C341D2B15F56939E806F26842A9997A38B700C9 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
22:57:21.0518 0x0f34  SCardSvr - ok
22:57:21.0539 0x0f34  [ BC673C31F2665788938F85073BEBEDEA, 90F96D1FFA9D269CA198DD79576C468204D263257F68FF0FB4DB2541AE4EA234 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
22:57:21.0569 0x0f34  ScDeviceEnum - ok
22:57:21.0592 0x0f34  [ 631F9D546CD6D206F2D1273EFDA8B048, 2C7BBF8EA6D45D0B5456102E83B54BD126D443D7BEB8BAC8F4E4FFA5D9DCF1B0 ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
22:57:21.0629 0x0f34  scfilter - ok
22:57:21.0711 0x0f34  [ 4318B9E84A0B869FC381F8565501D1F2, C62EC4169349378CDA56DA396F4C956BA3A297F4CAF5284F63A190DA622BE470 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
22:57:21.0830 0x0f34  Schedule - ok
22:57:21.0874 0x0f34  [ 8EA77992FACEB94182B9610FA4A06A68, 18AC5B03A3B7FA783596B8BD63DC01F9C36520AEA5264AFD99CD9207F538C931 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
22:57:21.0900 0x0f34  SCPolicySvc - ok
22:57:21.0951 0x0f34  [ 83811B6DFB3154338DB07C1452F13C36, C5EA94BA28F3E10DA987B70A2BBFB5BE7708500CADC399C9CC8A4B51A125B102 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
22:57:21.0991 0x0f34  sdbus - ok
22:57:22.0029 0x0f34  [ 6A90C0C56CABEAA19779434BA6A9875B, 42EA31F112D555F47D02D85922DE4C8415882FC2FB6CFF408D3DD390E6A1EB08 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
22:57:22.0062 0x0f34  sdstor - ok
22:57:22.0079 0x0f34  [ A8CC993CED4DF9710ADAABC9DA66B660, 76D64D0D762DCF05AE494749514D91D3F0FF4EC2D0A1FFEA8A5F8708832DF17C ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
22:57:22.0102 0x0f34  secdrv - ok
22:57:22.0141 0x0f34  [ 8B3C0BDAF6CAE7DC52B38054BC2D3ADD, 15EE0827485E30442A920BAC20DFED50B2659BC14B6A56EFD6317072764DB0E1 ] seclogon        C:\WINDOWS\system32\seclogon.dll
22:57:22.0182 0x0f34  seclogon - ok
22:57:22.0202 0x0f34  [ 68E8C6017442C4D2FB20032239878B4C, 24568AEF503DB6D214767E13A4C106818556E97A55932CCBF0DB332553544F0B ] SENS            C:\WINDOWS\System32\sens.dll
22:57:22.0232 0x0f34  SENS - ok
22:57:22.0260 0x0f34  [ F9A0314ED1FB0318C417299841D8A235, 2E4B129101DF70B07F310CE18B482622BC0100523AA0E6AF0974AE12927AFFA5 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
22:57:22.0318 0x0f34  SensrSvc - ok
22:57:22.0365 0x0f34  [ B9B7306D989D3B205EE9637ABB937978, 1CDEDB934381C64052AD2BF71F092D2A2CCFEC99CA1907F0B96897D0BCC12F9A ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
22:57:22.0389 0x0f34  SerCx - ok
22:57:22.0426 0x0f34  [ 617029159ED22EF9CB3F83FE5AF968CB, 4D89F71CCBF521EA9C83EE1ADF74AC4BFB9CB03ACAE5A4812771B0E0661097B7 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
22:57:22.0450 0x0f34  SerCx2 - ok
22:57:22.0473 0x0f34  [ DE87128CFA9AED45BC26B7422B06CE06, B6C7AB6BE6260047176FEB14838B859A3601326F2FD34E3594A7F1901DFD7E56 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
22:57:22.0498 0x0f34  Serenum - ok
22:57:22.0527 0x0f34  [ 8C86C60A471B4E6DF644B07FD30957C4, CC15109CE20ACEB0A5E10A96051CAAEE796F1DB640C6622B81D6CB76B8C9959D ] Serial          C:\WINDOWS\System32\drivers\serial.sys
22:57:22.0572 0x0f34  Serial - ok
22:57:22.0602 0x0f34  [ 83F70AC05D00530EFAE71C913AEB5F3B, BA50F3F120D5514FE17E2FFF4BDEA07CA7B46EE8EA8AB0BC890B862AA0626B84 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
22:57:22.0634 0x0f34  sermouse - ok
22:57:22.0688 0x0f34  [ ADC071E4F65BAC3AEF4807B23438472A, D45DEAE2AA7CD1D2627C80252D0024CDD932E760FD6346C74EA60CFE0538FC24 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
22:57:22.0764 0x0f34  SessionEnv - ok
22:57:22.0782 0x0f34  [ 4FC275DBBE9F48EB07418E066843058D, AF550B24A7B4EE55259D45DDECFDAB61AE0D2E4E1874E6693A62EC66AEE6096E ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
22:57:22.0804 0x0f34  sfloppy - ok
22:57:22.0854 0x0f34  [ F17175CD44231011EC33F3F62F8A9314, EE172A54BA33340D8C0B6C8C08D67C44016F9734FD851AB7DBFB7AAB93EC8E36 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
22:57:22.0915 0x0f34  SharedAccess - ok
22:57:22.0989 0x0f34  [ EBE31F23BF3EF06EE08CE4AC4F26DC80, 64C58B6AA318C4DF2EF8E2E8EB0D13B518775AE89C5F3BC60003C1510A5A70FE ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
22:57:23.0051 0x0f34  ShellHWDetection - ok
22:57:23.0086 0x0f34  [ 0EFBAF5C195B78D7897701EA3084AFA8, 82E539F7697AA9A57B74EFFDA1D9D9865890EAB9EBAEE3843D3DC9C7AD2621FC ] sisagp          C:\WINDOWS\system32\drivers\sisagp.sys
22:57:23.0109 0x0f34  sisagp - ok
22:57:23.0133 0x0f34  [ 447DAF85E9F4D53710636468AD9911EA, B1A3840E2A671FEE9D0F17BFFEBEE1EED04EB736A6150389A09E5B6156DF99E3 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
22:57:23.0151 0x0f34  SiSRaid2 - ok
22:57:23.0169 0x0f34  [ 5C08041AA0DB4FE983D496D820AFACB7, 2E513D9B6FA0B27D9A2A4CD1C57AD98C1A8C50D4DAD75AC384793F3A697E671F ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
22:57:23.0188 0x0f34  SiSRaid4 - ok
22:57:23.0230 0x0f34  [ 980D0CBAE757EEB1C9B21DEB4FA3B5F8, 5357033FAA1624549E84F6B5AB40345CD2C82353173F0FCE317EEEF0F59663F2 ] smphost         C:\WINDOWS\System32\smphost.dll
22:57:23.0288 0x0f34  smphost - ok
22:57:23.0333 0x0f34  [ 4A0B28346252F1165FD6FB38B2177F18, A9D754F11DBED4DB886CAB6DEDBD4B3FB01FF5F0FA2DE226A6D8F970D9C15A3E ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
22:57:23.0376 0x0f34  SNMPTRAP - ok
22:57:23.0427 0x0f34  [ B8175C3532D80D6747E828CDDE633D5B, D8B13E4F3725DCC33BF41FF1068870EFAF64F8F08336BB4AEE73BDF60A483516 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
22:57:23.0457 0x0f34  spaceport - ok
22:57:23.0478 0x0f34  [ E0A6F5DA31A1B0F3C8D8A4802F97667D, 65770A9C2442522BD122AA2036E1EDAFBCDA2D7F9661412D90DCA01A5D676D01 ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
22:57:23.0498 0x0f34  SpbCx - ok
22:57:23.0554 0x0f34  [ B9EA3BE9957037FC5EA972621FB7EE36, 30CA80EBE2A7CC8CE5E700A53F1931DC6479A94E2ED5D4B23A312C977A344E5F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
22:57:23.0640 0x0f34  Spooler - ok
22:57:23.0918 0x0f34  [ B269FCFAE6A576139BBDA4E805AAEDC4, 1CD8EC94B35EBDA7161FBB6C73EECE5330F458E59B17C7D1FCD52D353ACCC8F9 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
22:57:24.0322 0x0f34  sppsvc - ok
22:57:24.0632 0x0f34  [ 91C966DE2058116525748050A22C8170, EE64D29ED2C5EDE035E6BE56AE28403B42C10815A89AC08A5395DE72375AF550 ] SRTSP           C:\WINDOWS\System32\Drivers\N360\1502000.026\SRTSP.SYS
22:57:24.0670 0x0f34  SRTSP - ok
22:57:24.0721 0x0f34  [ 1B6D68043F488F70E889276E1585B7AA, 574925053F0EB2DED6DA03D0720A8E1588590948DFF1E2C6DE84EA5B6856E3DB ] SRTSPX          C:\WINDOWS\system32\drivers\N360\1502000.026\SRTSPX.SYS
22:57:24.0733 0x0f34  SRTSPX - ok
22:57:24.0782 0x0f34  [ 4B6B140C66BC2B095E4B1CC0AB2C1A6E, A89B2E55CF6F2CE54268E494EAB4070CC07B1935714584DC0DE2E32A9CFC4F52 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
22:57:24.0845 0x0f34  srv - ok
22:57:24.0896 0x0f34  [ 942446A34B7DA366D7E498C51D41BDFE, 304B4B11AA5E36E3B61B130214936C8321AAC75B7FC60FA7590F2A95585A9807 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
22:57:24.0945 0x0f34  srv2 - ok
22:57:24.0977 0x0f34  [ FA325535014E8513CA81A66F1A649B91, 360550AB003B3BF576A22D63A2DAD5FB07EDF31EF0637DBECABEF735D6E99F2F ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
22:57:25.0019 0x0f34  srvnet - ok
22:57:25.0073 0x0f34  [ BB6EDB0257860083193CC1581AC7D485, DE2A6AA57C48D4FACF155C2FD876D5F3238A9107F8313FB3D0BF7CE34B0ED559 ] ssadbus         C:\WINDOWS\System32\drivers\ssadbus.sys
22:57:25.0097 0x0f34  ssadbus - ok
22:57:25.0126 0x0f34  [ 5BCB68F7B62159C07789D3F405750623, 5363AC26FDD7114BB23F09F79541A691FF6E140C4B802F5AE284BCE5F623D5E0 ] ssadmdfl        C:\WINDOWS\system32\DRIVERS\ssadmdfl.sys
22:57:25.0138 0x0f34  ssadmdfl - ok
22:57:25.0170 0x0f34  [ 1588A89F9CD9E68DE9FCC9F60FDB5C08, E2E547A0AC10DAA55029500052D89A7FB124FFBE7742F16AD41B857890AED50F ] ssadmdm         C:\WINDOWS\system32\DRIVERS\ssadmdm.sys
22:57:25.0187 0x0f34  ssadmdm - ok
22:57:25.0238 0x0f34  [ E6CE6348A4F6E06925548F62527F0F99, AD39D46311F79EDFC4F7DA2922EB95CE0F27C3A1B1642371C4E7E48F6515CB7B ] sscdbus         C:\WINDOWS\System32\drivers\sscdbus.sys
22:57:25.0265 0x0f34  sscdbus - ok
22:57:25.0298 0x0f34  [ 68820F9A67F0D170A6842094EBDCD924, C1A8B53BF6804D17B30FA5CDEC0ADD0B0252D773F1AECCB687B53BB8BF7FB240 ] sscdmdfl        C:\WINDOWS\system32\DRIVERS\sscdmdfl.sys
22:57:25.0311 0x0f34  sscdmdfl - ok
22:57:25.0333 0x0f34  [ 0A3B7562002C50F208FCCDEB7380B57B, D2E34E622D37B6820F185B7072F7895410F92C3C064E1419AD7FDC7E594326BB ] sscdmdm         C:\WINDOWS\system32\DRIVERS\sscdmdm.sys
22:57:25.0350 0x0f34  sscdmdm - ok
22:57:25.0407 0x0f34  [ 6CBF9EBA48E820CC19742919B2FAF67B, 87658A7D24BAFA653373C0599AC3756F1D44B77F2189B2CCA813ED4A06A9D564 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
22:57:25.0444 0x0f34  SSDPSRV - ok
22:57:25.0509 0x0f34  [ 60F21B841226BF06EA420A5322A4279E, FDC563B5AFCCFB1DDC5FB39187BCAACB2B91528426E8A198A527379CC3EB5C89 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
22:57:25.0575 0x0f34  SstpSvc - ok
22:57:25.0623 0x0f34  [ B4489EA5810BF73778CD8BDC305109CE, E42EC87D2B8622AA25E9DAA64F98EA4129FC231BEDAD5D2ECF6DD7F19C710E07 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
22:57:25.0640 0x0f34  stexstor - ok
22:57:25.0686 0x0f34  [ 8F96D826AFDDCDBA871BF0423F44890B, 35FBBDD5FDCB2A824D0E54D52EC8BCCAAF7B23B68FBC6067738FFDB318F41C3E ] StillCam        C:\WINDOWS\system32\DRIVERS\serscan.sys
22:57:25.0720 0x0f34  StillCam - ok
22:57:25.0768 0x0f34  [ AE30DD60D851221BC26A4D6848AD78CC, 593CD0E77942472112E359A2FB156E5CD04E5003DB67B0B989DDF0C7A00089E1 ] StiSvc          C:\WINDOWS\System32\wiaservc.dll
22:57:25.0879 0x0f34  StiSvc - ok
22:57:25.0901 0x0f34  [ BA47EC0DC91660274059C437DC53D82B, 49BC1483F92457F5EDA40B598CCC64F0379C49EEA1E21CA1E182F670AA6959ED ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
22:57:25.0928 0x0f34  storahci - ok
22:57:25.0956 0x0f34  [ FA5A48CAB745A7A8CB83ECFE26BD2A11, DBF39A5D4663DE7F8809B2E21EDD5DE4EC291F023CFFBBDEC33AD569245F8B52 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
22:57:25.0976 0x0f34  storflt - ok
22:57:26.0019 0x0f34  [ 54614BE0F68CD3E9C6DEB8E8FBD12397, 2C3CDAF70BF5165965B03A83B7161862A4D5590EEFF34B4A71281DC8DA7EA2CD ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
22:57:26.0039 0x0f34  stornvme - ok
22:57:26.0078 0x0f34  [ 01DC138AF03B0DF86044D29BA6FA20C8, 608A1220154256AA5C1FDA43B32F852E1C277D445C1CA24E72CCE946C0A60291 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
22:57:26.0136 0x0f34  StorSvc - ok
22:57:26.0172 0x0f34  [ 19AC4D3BB088AA4561036B220FEB99DE, ECD0071B7229BEB1CEC80A1F302A9864E35958AB7EF659780695E80A14B9E647 ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
22:57:26.0210 0x0f34  storvsc - ok
22:57:26.0295 0x0f34  [ 77BBD7D3F9229A4FA1F4B61D12A06762, 2500C903E1EC45D31F54CE4B4ED4F2052C55396AC4DA29D2DDBBCC347FF9F535 ] svsvc           C:\WINDOWS\system32\svsvc.dll
22:57:26.0335 0x0f34  svsvc - ok
22:57:26.0343 0x0f34  [ BDD8121BEB8227A65D83C87FD4BE5AFE, 3B2C207180349752E39128316EEFA95B080333FC057E48A0F260D3224ED67B48 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
22:57:26.0360 0x0f34  swenum - ok
22:57:26.0478 0x0f34  [ 2D8869F3A3DF73B201B08892E82E8EE9, 63EDCF9D646BBB294B2EC90F3367DDD05A0C68882C74DDEBE102AE6CD19511CD ] swprv           C:\WINDOWS\System32\swprv.dll
22:57:26.0525 0x0f34  swprv - ok
22:57:26.0593 0x0f34  [ B54FD2CFB84FAC78D136434530461BA4, 5FEDAD9CD96B73ABA43223CAA66CFF981C09CFE188BFBEA2BE9018663A9444F0 ] SXDS10          C:\Program Files\Common Files\soft Xpansion\sxds10.exe
22:57:26.0629 0x0f34  SXDS10 - ok
22:57:26.0709 0x0f34  [ 4C3DEF736D3857570166DE5C858600F5, 45613D3F1935AFDDB1DFE3A427222A0B38430ABF15F9110A35E7C55CDADF1D43 ] SymDS           C:\WINDOWS\system32\drivers\N360\1502000.026\SYMDS.SYS
22:57:26.0739 0x0f34  SymDS - ok
22:57:26.0824 0x0f34  [ B70A98F20B4180F2751CFD7656116342, F4BB1904DC4818CE012AA264A7714AA9977F06255CF857FDB3E55B0DBA3D8A9C ] SymEFA          C:\WINDOWS\system32\drivers\N360\1502000.026\SYMEFA.SYS
22:57:26.0885 0x0f34  SymEFA - ok
22:57:26.0921 0x0f34  [ 02F3073C3933190DFD24BC35800172B4, 365C945ECB485455E113A4CD6B429311C29AC2D94393CEB78940C401F93D54F8 ] SymELAM         C:\WINDOWS\system32\drivers\N360\1502000.026\SYMELAM.SYS
22:57:26.0938 0x0f34  SymELAM - ok
22:57:26.0979 0x0f34  [ E987A9CB539147527F56943BB34B7375, 4627C3E237549587B53CBD0D89AC2CEFF03C04F7624E2868936BCE5D70496AFD ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT.SYS
22:57:26.0998 0x0f34  SymEvent - ok
22:57:27.0053 0x0f34  [ E3A3CA230C7547364BB3D9DA0C301A36, 8F173DE08BAF81A7BE7F2D306DC595D60E6537D95AFE32A39E521E43C35AB629 ] SymIRON         C:\WINDOWS\system32\drivers\N360\1502000.026\Ironx86.SYS
22:57:27.0073 0x0f34  SymIRON - ok
22:57:27.0152 0x0f34  [ CCD9B61DD6AB649B69143523C0D6391B, 3366F31D7683159126F197C2BDE8248462BB80098327258CE62B1034039E8FE5 ] SymNetS         C:\WINDOWS\System32\Drivers\N360\1502000.026\SYMNETS.SYS
22:57:27.0201 0x0f34  SymNetS - ok
22:57:27.0644 0x0f34  [ A08AEDA37F3BC5A7E72C2D7732C26FC0, B9521CC77BB8001142C64A7D1B8480F52A4ADC0AE0A94D04578EDAE67F2BEF65 ] SysMain         C:\WINDOWS\system32\sysmain.dll
22:57:27.0813 0x0f34  SysMain - ok
22:57:27.0945 0x0f34  [ F4273A2ED357007B2A98F90946174762, EBEBA946A538CCEBAAAB49F8E80169459C6B214EFFDD31CBEEE88199D2A5C51A ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
22:57:28.0029 0x0f34  SystemEventsBroker - ok
22:57:28.0203 0x0f34  [ 7EAEF49D206899909EB63014FC8DC19A, 4A806C91C14FA7348D4DD99CFC9DA56308823F8F8F112190A425E07F57E517E2 ] SystemExplorerHelpService C:\Program Files\System Explorer\service\SystemExplorerService.exe
22:57:28.0235 0x0f34  SystemExplorerHelpService - ok
22:57:28.0307 0x0f34  [ 89BAFF8F0D332009A95EA5F217C57DE1, 6BB67736A8F15A218924060FC927EBDB524305550EAAFA5EFD228228353CE1F3 ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
22:57:28.0343 0x0f34  TabletInputService - ok
22:57:28.0382 0x0f34  [ 4FCDFA214133956B0DA8358D366F536B, E243B05AA9C0D2FB7FBD6774ADE2251C9A9ED6B3460956321E4388E2C0FDAE4E ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
22:57:28.0442 0x0f34  TapiSrv - ok
22:57:28.0559 0x0f34  [ 37A337C45D90B2E15D3C68C95A83FF13, 238776651F170DA4808F087514282547348F00269DAD62AD3C9F7479E572A1FF ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
22:57:28.0756 0x0f34  Tcpip - ok
22:57:29.0081 0x0f34  [ 37A337C45D90B2E15D3C68C95A83FF13, 238776651F170DA4808F087514282547348F00269DAD62AD3C9F7479E572A1FF ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
22:57:29.0168 0x0f34  TCPIP6 - ok
22:57:29.0268 0x0f34  [ 31D0E1BF76AA85F5A72F4FD488C3B508, AADDDAB1B41356EDDE6BE7091BAC24345C4D0BEC4DABD2B4F50D753320A6E1AE ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
22:57:29.0337 0x0f34  tcpipreg - ok
22:57:29.0400 0x0f34  [ DB0C184142CF9FA1746F598A16EE92B2, 27341EDDB764FE978AB0B4E6E89A9BA41E064578CCEA5AC56AA83CD99828DB93 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
22:57:29.0460 0x0f34  tdx - ok
22:57:29.0500 0x0f34  [ 87F4612CBEF6CD97043911BA43ABB53B, FFC4B03D5450782EAFA4E91B1F4F64B37E5ECEA3762A15768D068D80FB5F5941 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
22:57:29.0562 0x0f34  terminpt - ok
22:57:29.0640 0x0f34  [ 7A8E1158291CF4C8D8474A2091B9BF6D, D6A8C3A92AFC26AA0F710EF51E28943EC658AD7738A5C7EE65F1D9CC3288132E ] TermService     C:\WINDOWS\System32\termsrv.dll
22:57:29.0787 0x0f34  TermService - ok
22:57:29.0827 0x0f34  [ 97DDFC419054D0B0D6C5AE698F840307, 5131563E607BA121BA491434CB02E82B63AD8DFCFF30C899C971507445053D43 ] Themes          C:\WINDOWS\system32\themeservice.dll
22:57:29.0906 0x0f34  Themes - ok
22:57:29.0955 0x0f34  [ 01946468EA6196F9C54A245354C1240A, 96BE9EF1D791417BFBD9AC9F24D38F128DEE409C95F25138B8CDAE3F86E17D4A ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
22:57:29.0987 0x0f34  THREADORDER - ok
22:57:30.0028 0x0f34  [ 63B6FF7650AD844484624541772CCEBA, ADE044BDB9FE02EBEF17F3F0542B2FBBDBFFD0570A0FF53CB754BA8FC248E4AF ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
22:57:30.0099 0x0f34  TimeBroker - ok
22:57:30.0148 0x0f34  [ 7441A1E10500AC6229DDCE369A953929, E0C5863A7B89F86A09DBCC602907A3EF3D4511B593A9878FEF559737075FA280 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
22:57:30.0169 0x0f34  TPM - ok
22:57:30.0209 0x0f34  [ AEB123A17BE77809C23DA9422505A356, F80D8A3BEB72C719DBE216061B45E00AA97D36175F4A84082A5AF12BDB5D31E0 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
22:57:30.0236 0x0f34  TrkWks - ok
22:57:30.0301 0x0f34  [ 37EA57301CE18BEAB54417989450D9E1, 0DAD10998F66149189E79343D880330C33856464582FC81C4F4810F4BF3C7625 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
22:57:30.0338 0x0f34  TrustedInstaller - ok
22:57:30.0362 0x0f34  [ 3E87B8167BA1CA5274DFACC4856B3FD9, ED06CD0BC2E525BC7F4467EECEF361CE4DBC456156AD1D4440FDA144B8310983 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
22:57:30.0431 0x0f34  TsUsbFlt - ok
22:57:30.0462 0x0f34  [ 3F6FA4385342780468C0FEE5D09BB431, DB820F8A0B8443871F0EF1817D9516FDA8A3A6C71112951B52641C318176FCD5 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
22:57:30.0483 0x0f34  TsUsbGD - ok
22:57:30.0514 0x0f34  [ C9AF1C4C24DA2FF092B1A4548EEC5ACB, CD638FECB87AA8A6861CE248EBBD18AB42F2A71FB06446E28A7E9496968100DE ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
22:57:30.0541 0x0f34  tunnel - ok
22:57:30.0558 0x0f34  [ 61FC1405334298EFE7D49970C5346551, 5068C5D1A8F08140A5FC2FA1122D86E146C7F10AEAF41C314EB85383E5C72560 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
22:57:30.0578 0x0f34  uagp35 - ok
22:57:30.0598 0x0f34  [ 0E919230A74FA541CC5C2D3F917340B7, 0C960B511C1AB67C8556604EAAE994B9366F5ED90B0C4C6C44D6F88E244C4C79 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
22:57:30.0619 0x0f34  UASPStor - ok
22:57:30.0664 0x0f34  [ BC87FFF7ACB60F25CEE11C03856D2BFD, 440854D481E170A1D0D9DB915823E87C35A2D0D2B274CA4ED56AE08646E34D31 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
22:57:30.0688 0x0f34  UCX01000 - ok
22:57:30.0720 0x0f34  [ 070CDA00BE4D9E4E92F5471B8D24CBD8, B8407DCBF5E878FA440EA229E2FED457C27BD53CA47EC5326F7A8917CD6AC529 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
22:57:30.0759 0x0f34  udfs - ok
22:57:30.0780 0x0f34  [ 31C53FFBFD9977D3F2061627A69274D2, 6B95519B26C0B588E2D8973B838E03DF658C95BBF2D5940116E4256462518E63 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
22:57:30.0798 0x0f34  UEFI - ok
22:57:30.0851 0x0f34  [ 0424574BB406E7B793D122D0F1A198CE, 7A3084E6EE1F4FFDD7B61F4D4E1AFC9B7439BC6C3C9F358C9CFD1C1232A8E302 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
22:57:30.0884 0x0f34  UI0Detect - ok
22:57:30.0908 0x0f34  [ 202F1C6EBA7D84F59C03E708F45A28C3, 009D0E5D342929B0489D10AA4CBE704D11C1E81CB8FE8E55B50DCF5D246A469B ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
22:57:30.0926 0x0f34  uliagpkx - ok
22:57:30.0953 0x0f34  [ 8CB5D86BDB3890CFC4D94593935C2F4B, A1C26146D1FA78E66C878287D27BAC1E474EB7A3BC82A5FF2EF19223AAF5498A ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
22:57:30.0993 0x0f34  umbus - ok
22:57:31.0018 0x0f34  [ C4115675F53E9E853294C15131D5EBBC, 1E9EFBAAFDDA6BCCABAD2CA0F0D48019AFA7299A5E4D5E56ED5364F7398DFC26 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
22:57:31.0056 0x0f34  UmPass - ok
22:57:31.0104 0x0f34  [ 6843992F07DE867B29277B422F08A72B, 60588DFFDE7A20D0685BFF5FB0E94D8729CDCBC878968181BE4467EECF7FF576 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
22:57:31.0158 0x0f34  UmRdpService - ok
22:57:31.0189 0x0f34  [ B9DDAEA3770B3752B6AA7191B5AA16AA, 27D8ED0F417E57E242E6758639A2FFC7E5CF43B6AB8D4A9074273CF046355FC6 ] upnphost        C:\WINDOWS\System32\upnphost.dll
22:57:31.0235 0x0f34  upnphost - ok
22:57:31.0266 0x0f34  [ 8651DACA9D5A52378E6E53282E5F3F84, 8581D32DD13E2BFD7CB53F3A3BBE3B8966032641838494E13603A62F65DCE9F6 ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
22:57:31.0290 0x0f34  usbccgp - ok
22:57:31.0332 0x0f34  [ 9D941A00FD49FBC8670EFE0B48F41994, 947643E72D70E62C42DB39762D0668FF2151ED9B12CFB5B7B62203E8C2E48332 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
22:57:31.0374 0x0f34  usbcir - ok
22:57:31.0409 0x0f34  [ 7DCCCE20A4A92BC246E1AB04A4BB4103, 7C978E2A0AB0A19A919D7EF58FEE5CEE4BC0D74A7D866D44B2F8523A2B280937 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
22:57:31.0430 0x0f34  usbehci - ok
22:57:31.0466 0x0f34  [ 719A4B2BA45363AC0B158F6CB4BCD295, 7A8FCA890C9992D6AB8F9448F3140C7DC92A52D35C993611F7455FF01AE8F57E ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
22:57:31.0507 0x0f34  usbhub - ok
22:57:31.0549 0x0f34  [ 3314871104ECDA48F467057F1EEE4976, 391339FE499CBE453FC721E400C087D8858B71616598C36060CC5F6B532A5F07 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
22:57:31.0592 0x0f34  USBHUB3 - ok
22:57:31.0611 0x0f34  [ B1E835C5F75F98B0439ED0A56B85C3E8, 427313F3847C056DBCF6CF58EE7CC5BF1F22CA73C711D1A63537F3B18FB04FBA ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
22:57:31.0636 0x0f34  usbohci - ok
22:57:31.0659 0x0f34  [ F4FA8FC5577F5F603FD79663BD8F3005, 3D91D7312EFEEFA002C805F9A679EE50A3D8C7BF45C06A514BE5177582B156C0 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
22:57:31.0696 0x0f34  usbprint - ok
22:57:31.0727 0x0f34  [ C76EEA7AE00350204BAA04CB2F3A9C52, 66EBBBC5E9BE5A9F934E537B0D4CDB55E9DC142F05263AAED6974AE44AE77AA6 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
22:57:31.0748 0x0f34  USBSTOR - ok
22:57:31.0769 0x0f34  [ CCCD22C19D5CC3FC410CDB0F21D08AB9, 1B25778C02CBAC2A8D31F73A5025E858BA60597E50190038F8BABA78324F0AC7 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
22:57:31.0789 0x0f34  usbuhci - ok
22:57:31.0814 0x0f34  [ DCEF75D41DD4FE665FA2F41F901E67AF, C946CFA766081BE2645DAA07557001EA2593686CD1E94998CA47312ABB840DB3 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
22:57:31.0841 0x0f34  usbvideo - ok
22:57:31.0889 0x0f34  [ 0CEA7C4EC8BAB5DEFC8F7198BEE03850, AB5933A4C89CF2C2975A24119DC30A122C17572D74565DE0F5C895CF29EEED06 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
22:57:31.0920 0x0f34  USBXHCI - ok
22:57:31.0943 0x0f34  [ F33BFCBBBAACE7208DB433B6CCA98930, 46E994BE4A2EA4D324C8B78CF9276F4805EA47046CBC7AD37401AA77E13C75FB ] VaultSvc        C:\WINDOWS\system32\lsass.exe
22:57:31.0962 0x0f34  VaultSvc - ok
22:57:31.0981 0x0f34  [ 3D06B8D4A1ED1B91C8566DF7AC510AF2, 1639DA43B066D5D615133178AAB3251EF1F80B2330994C02B11122D8F1EC5C64 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
22:57:31.0998 0x0f34  vdrvroot - ok
22:57:32.0068 0x0f34  [ 22DF64B9DA3F480FB78C886B329A1048, 0E2708A91818313501472BAF829703EE9EB6AA019C725DA36E0A13ED432063FF ] vds             C:\WINDOWS\System32\vds.exe
22:57:32.0157 0x0f34  vds - ok
22:57:32.0193 0x0f34  [ E0915FFD3BDFB98B723C46FEB8070B8A, 7D9B52E4D35E92823E3D8DE24DF8A405E23B34C84BF0E42DD04001C49C1F0EC0 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
22:57:32.0215 0x0f34  VerifierExt - ok
22:57:32.0262 0x0f34  [ 3AF00F5A0742B10CB10F54A4D6E17D8B, B6CABE42363AC8F797594879117EF1B352BAC5612F46F0930F966F4D6A2D5222 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
22:57:32.0302 0x0f34  vhdmp - ok
22:57:32.0327 0x0f34  [ 33CA244E0808BBD784EA6938605FED28, 381F320300D558261C79ED62EEB187D31E3606222B9B7B24EBDD00E782F03F87 ] viaagp          C:\WINDOWS\system32\drivers\viaagp.sys
22:57:32.0346 0x0f34  viaagp - ok
22:57:32.0370 0x0f34  [ EBBBCBC27D7F391188CDF4196ED80D63, 2493F56BE61DFA54138C2FFAEEB13ED40E168E345CE4B381EF7F34DEBC6152EC ] ViaC7           C:\WINDOWS\System32\drivers\viac7.sys
22:57:32.0393 0x0f34  ViaC7 - ok
22:57:32.0414 0x0f34  [ 75B08537DCF231A7B536ACE2ED8E8A35, 520D87B7AE1E351AF4C1798528D371188102F6552F2C576C40D6A2AB55B8A718 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
22:57:32.0432 0x0f34  viaide - ok
22:57:32.0459 0x0f34  [ 744DBD744910FAB62EACD05F25471D61, 99ED66D0E47976F1AA8C999032E0CF1649B91ED47AFCD4AEE880F4D926CD4D80 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
22:57:32.0478 0x0f34  vmbus - ok
22:57:32.0498 0x0f34  [ 1F02B273254268F975612210D8CB6859, BB5EAC399CD3D7ACC5A20DB0EA4BD6DBF5D2D475A4A206E3CD1F31FBAE3C88D2 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
22:57:32.0518 0x0f34  VMBusHID - ok
22:57:32.0566 0x0f34  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
22:57:32.0620 0x0f34  vmicguestinterface - ok
22:57:32.0640 0x0f34  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
22:57:32.0672 0x0f34  vmicheartbeat - ok
22:57:32.0691 0x0f34  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
22:57:32.0743 0x0f34  vmickvpexchange - ok
22:57:32.0763 0x0f34  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
22:57:32.0796 0x0f34  vmicrdv - ok
22:57:32.0819 0x0f34  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
22:57:32.0851 0x0f34  vmicshutdown - ok
22:57:32.0874 0x0f34  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
22:57:32.0909 0x0f34  vmictimesync - ok
22:57:32.0928 0x0f34  [ 0CA4644517EEC9BA9414A1B518DFED8F, CEF218418F65513DDC91215D82ECAE6624A259013F4C84EA0229465266EB07AF ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
22:57:32.0960 0x0f34  vmicvss - ok
22:57:32.0983 0x0f34  [ D78640FCD9043EEFE3DDE69855A72567, 0668F913E5F3D21BC921E5344AE9D354CCAC0FB1962A74D4BE95822F7F4BC228 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
22:57:33.0003 0x0f34  volmgr - ok
22:57:33.0040 0x0f34  [ 57566A1F8D39071BB56AA0B083A75544, 3B63E53B05A5417084A1BC4ECB118FAC3DE4C5FA1EE30834564F670CCD79352E ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
22:57:33.0077 0x0f34  volmgrx - ok
22:57:33.0122 0x0f34  [ 085918BF459BCB835CFC535BE7138539, 96042BB1E42FA266EECC1CDDD5F594C5A108A7C75D0BC348B89E96E1CB81C30A ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
22:57:33.0150 0x0f34  volsnap - ok
22:57:33.0174 0x0f34  [ 10B78A2D45B1330C162FDE8FEE78F315, F3D790D2352422F335432BA50198C192F397BAAC713BAB99B577ED7C33C0348B ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
22:57:33.0196 0x0f34  vsmraid - ok
22:57:33.0267 0x0f34  [ 62CE3778D54D324503A14EBE9DB776C6, 1DA47CD4C46EADED6439192125640BEA6EAE805591719B3EED6595A5D670C85F ] VSS             C:\WINDOWS\system32\vssvc.exe
22:57:33.0347 0x0f34  VSS - ok
22:57:33.0387 0x0f34  [ 761B3F51660CD3D9F815E5C916235D0B, 64DA061674047ECC3D0A034CFCB3D926712C14599807E06194688ED7E9F8ADCA ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
22:57:33.0415 0x0f34  VSTXRAID - ok
22:57:33.0452 0x0f34  [ 47BF83648E9FBD88A8CDB7C2A169D100, C00971C6DC1EA10FBB8D3291BF196DE45C66E234D143D08F3B9A97DDE08547FF ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
22:57:33.0482 0x0f34  vwifibus - ok
22:57:33.0505 0x0f34  [ EE26ACF159A7460894044A0CCDD11256, 8AB8F88C829C8A95EB168EB410C16865E55B91C332B2B80E045A4EB91B41449B ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
22:57:33.0530 0x0f34  vwififlt - ok
22:57:33.0542 0x0f34  [ 9A1A48766FFA9239A93B75C0DE2B2067, F8AFE8926727B199203BEE2A074824B2655AB19CC1C2573B986D64E36A4FCC7B ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
22:57:33.0566 0x0f34  vwifimp - ok
22:57:33.0614 0x0f34  [ 6300EDA4700C9BEEA42867D4F0A1F9E5, 8258ECE4E8B2A989F392B2E69AFE54BB3F444753ACE7E7990307EBCA143B6868 ] W32Time         C:\WINDOWS\system32\w32time.dll
22:57:33.0657 0x0f34  W32Time - ok
22:57:33.0676 0x0f34  [ 67B211F7AB2D49C6403E7FD970421806, B81E270723397450A9689F7EE9D014F2623FC90A5051D671484F141DC116D5CF ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
22:57:33.0700 0x0f34  WacomPen - ok
22:57:33.0778 0x0f34  [ A3A21FF9BE9C183F1AF9B538B9D37DD1, F959E22580425BF9C0FE9C72776EFF1934575021DFDBD1834E6BB881D3BA4A97 ] wbengine        C:\WINDOWS\system32\wbengine.exe
22:57:33.0900 0x0f34  wbengine - ok
22:57:33.0950 0x0f34  [ CE81100317C426F778651FD1D5C16492, 91CE2B6C43632D48859B9961F6CAF3F519D06C3A13FF23E906E1ED93DEB896B2 ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
22:57:33.0981 0x0f34  WbioSrvc - ok
22:57:34.0044 0x0f34  [ 30DBF746D895BC3A6EC4CF55B81A8A81, 3CED8ED3D260A2F95B956CE0B962C5F6D90BADAB489C8B9724016E4DBEBF7662 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
22:57:34.0092 0x0f34  Wcmsvc - ok
22:57:34.0184 0x0f34  [ 531A627D02CAEC304B30A1EBDE99DADE, 410B2FEB23333861E61107C64F628FAA0A3FC8C62C17D4F5854EC891D8D83516 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
22:57:34.0255 0x0f34  wcncsvc - ok
22:57:34.0275 0x0f34  [ 69059CD0ABD70C3884117652E3B70431, 8568210E62C827C43377C09F40974628FF25CFD35A45EA4D4E3FDD5884F91617 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
22:57:34.0318 0x0f34  WcsPlugInService - ok
22:57:34.0354 0x0f34  [ 33058AB3DFD2939E54F984A757983A71, E2D449B8B274A63C802D6E2702C5AA37EAD510D349E290BA9288C24743D236D6 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
22:57:34.0371 0x0f34  WdBoot - ok
22:57:34.0439 0x0f34  [ C49F1B047C2080FC5AA662A769887631, 55BC1C77250B0B2AF2B81120DDBE41C25B875FCD72040A529D1BA88D5BFD5E7F ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
22:57:34.0491 0x0f34  Wdf01000 - ok
22:57:34.0513 0x0f34  [ 594DD2B67D8B37A9F8A28C234D6D8804, 2CB861EE3DD34BCE2E5F1FF0DD67FF2AB411DC55C586E8306849673BF63FD8B1 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
22:57:34.0537 0x0f34  WdFilter - ok
22:57:34.0555 0x0f34  [ DACD90541CBF7DE095801B05ABB4F355, 2CB55E01DE3603DFA91CB151C7EE4E978EB3DD0F818BDC8277D3C9407751F7B5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
22:57:34.0598 0x0f34  WdiServiceHost - ok
22:57:34.0605 0x0f34  [ DACD90541CBF7DE095801B05ABB4F355, 2CB55E01DE3603DFA91CB151C7EE4E978EB3DD0F818BDC8277D3C9407751F7B5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
22:57:34.0639 0x0f34  WdiSystemHost - ok
22:57:34.0665 0x0f34  [ 08CDD386E83107B957FBB0AEEE082F83, BFDDA38663DC08B7C377214A1CFA58AB2094FEDB84B032F6831D05AC89116CBF ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
22:57:34.0685 0x0f34  WdNisDrv - ok
22:57:34.0758 0x0f34  [ 2F8EA381E46DCAF5B32E2669ED7DD2DC, 6583BC7AA7C375C0B30E7AD22F9EBD95FDECE09FC50E2FCB1154DA53E1C5D99A ] WdNisSvc        C:\Program Files\Windows Defender\NisSrv.exe
22:57:34.0798 0x0f34  WdNisSvc - ok
22:57:34.0824 0x0f34  [ 0C82E61095A8E801FA580B04C304A0EC, 12C0F7D6701A9A5D9184A5260E0474B05E91FF53F4B3B4E15922CE3DE85E3AB1 ] WebClient       C:\WINDOWS\System32\webclnt.dll
22:57:34.0875 0x0f34  WebClient - ok
22:57:34.0905 0x0f34  [ 03EA9E300DCDF78E8A92625F0BA1CCB2, B8C73C05D2955400800B5D36DC20E8973F75411E32CCD8B2CFA03B6283A50A44 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
22:57:34.0947 0x0f34  Wecsvc - ok
22:57:34.0968 0x0f34  [ E4016FA4757738263BD714190FB26BA6, C5B121ED9EFFC5C040CF5F658AF9CC63A6FFEDC4C62F7D28D6B474632DC0178B ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
22:57:34.0994 0x0f34  WEPHOSTSVC - ok
22:57:35.0036 0x0f34  [ B83AC02F1FF0137AB3CB2B5B1AC801DA, 6F871E9A8EAA979D3624FDD3088DD37C3411BFBB43A8FFF75B39DF07B1A95D05 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
22:57:35.0089 0x0f34  wercplsupport - ok
22:57:35.0132 0x0f34  [ 7EC47083E7470A4BC538FA1EBE60BF58, 4AF817DAB7192182D0A782EA058E3916D22A44C6AB9F89371E1327E8D27C379A ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
22:57:35.0173 0x0f34  WerSvc - ok
22:57:35.0207 0x0f34  [ CBF73734B883C712BC07796708FCB0CD, 8DA54162866A71E7CEE188A49400964100E58D194B21F86821B01407C4334CA6 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
22:57:35.0225 0x0f34  WFPLWFS - ok
22:57:35.0250 0x0f34  [ 5876A572A52FA14CEE2F11D7A71ABA2D, 159883D0F10FE6FA05DAB56B598C12000BC25B977329E81BD67DE329B80F79B4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
22:57:35.0292 0x0f34  WiaRpc - ok
22:57:35.0311 0x0f34  [ A4A63DD4E1B72B8C8189AD3F09914AF0, 9B9773C8FB84A224FA6A48D93D46ACE2761E3AC123544C86B50D3895C8A39B41 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
22:57:35.0329 0x0f34  WIMMount - ok
22:57:35.0360 0x0f34  [ 7A291131D7EEE12DDD8F478CA1454E5F, 7A45671708C7784389CBC64562C90AD4D48FEB2833302F2C42A79FC7DA7BE10E ] WinDefend       C:\Program Files\Windows Defender\MsMpEng.exe
22:57:35.0377 0x0f34  WinDefend - ok
22:57:35.0467 0x0f34  [ 984B3226C7A4CFC9FE91D7BACA133D8D, B8058FC049217DE89F13730425207C19B1967194F3BE3C8CAE2F8AA3BD932721 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
22:57:35.0519 0x0f34  WinHttpAutoProxySvc - ok
22:57:35.0593 0x0f34  [ D08485FAEA1C3505A22FB5C1EBEBC062, 7377B0FE90C60A67789A12FEBBA7FD38C2580BB09F406CED3DD2E1F5EEF123CC ] winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
22:57:35.0633 0x0f34  winmgmt - ok
22:57:35.0742 0x0f34  [ 5B8D7F29CA815E6DB156DF9853F0472D, 8E343EC8241C146F7ECB85361BF1AD78C718552B42115A6EE1577B7959901F3D ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
22:57:35.0881 0x0f34  WinRM - ok
22:57:35.0938 0x0f34  [ 7683DEBE4329EF289BC2B1FC709ED629, F4353FF4E52457058FAE64B9EBAE59563D1E60E8D4CC2C1EF04CC4C3E9C03C78 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
22:57:35.0981 0x0f34  WinUsb - ok
22:57:36.0068 0x0f34  [ A7C993F86BE5AF035DE06DF9160D7008, 9890293AD584C846C5F2444BEF8E6130C6EE450EFF0387FCECDE056CD7D0C02C ] WiseBootAssistant C:\Program Files\Wise\Wise Care 365\BootTime.exe
22:57:36.0114 0x0f34  WiseBootAssistant - ok
22:57:36.0190 0x0f34  [ 28E0A4DBB0C86BA72C4B4E68EAAE37B7, 19CF8D5B426D4AEED58F9D7D27873C956A265147C769878BB3B27551329E4F76 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
22:57:36.0278 0x0f34  WlanSvc - ok
22:57:36.0358 0x0f34  [ 8885B2E1A62EC9C6BA7C6CDEEBF0C6E4, AF543870A8DAEA095E8543B32E5628C4F0F47034EF8764F85D0FCF29ABE33782 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
22:57:36.0435 0x0f34  wlidsvc - ok
22:57:36.0467 0x0f34  [ AF01C55490366930DFAF1D3655C763BD, 59081AC6B83E0A4A376A62417458C520ABA7DB4FB1AEEEC4C45FC8C0AF61FC20 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
22:57:36.0499 0x0f34  WmiAcpi - ok
22:57:36.0551 0x0f34  [ 57D8CE143395C99E185EA7D753F5C04F, 5778CD5B6EF11071C728416192353C3143C7E875AA8555E1F2CDB26F5B0FA08A ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
22:57:36.0577 0x0f34  wmiApSrv - ok
22:57:36.0657 0x0f34  [ A511D963C744DD2C86FFF20ADEEE49F9, D3DB5ADF7C32706FC386C608E73F93D03DA4CFDB0B5F80B1C35B30348B76CC31 ] WMPNetworkSvc   C:\Program Files\Windows Media Player\wmpnetwk.exe
22:57:36.0722 0x0f34  WMPNetworkSvc - ok
22:57:36.0819 0x0f34  [ DB3F0877E5C225693A131AE82C262957, BEE887EC134F7A27120915F709670FBDC9223E70EA928A0FDC4284FBDFD65ADB ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
22:57:36.0855 0x0f34  Wof - ok
22:57:36.0962 0x0f34  [ 13CA3725B92CD7B98237E0F173A0F8C3, 6DC5EABE02018A9A4830578723D2FEB8E3D75526422B1C98BA8C1D01F8FC8EB6 ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
22:57:37.0144 0x0f34  workfolderssvc - ok
22:57:37.0193 0x0f34  [ 9002F15F0CD7CF6AFEFB0B7818AD1A42, 89F156792D9E9FB5C171D6C46F2E782DC36347DCE651FC972F0491D8EC6050B7 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
22:57:37.0211 0x0f34  wpcfltr - ok
22:57:37.0246 0x0f34  [ D7C14B416FC4F76A596A01A76FC5F873, 15D6D10186173F6CEFED503AC061F74F85A0C92B8C0D44684FF57B878AB96D5B ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
22:57:37.0289 0x0f34  WPCSvc - ok
22:57:37.0306 0x0f34  [ 942AA793A262EB8A6A94DB087D29E744, D52AE53AE985F527657CB22F202AE3007E319B22AA89BA2CDEBDC529A18CFB2D ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
22:57:37.0339 0x0f34  WPDBusEnum - ok
22:57:37.0373 0x0f34  [ 6D8FA63A8C9765A853264D3977EECC19, F8172DA54DC417E9DA812469A3CD677932F82CCA676DB09187E5A201660D1E83 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
22:57:37.0389 0x0f34  WpdUpFltr - ok
22:57:37.0431 0x0f34  [ 12BCBE7CA69586AF483C86255739793F, 25714CD7ED802C70AD3580E2C26150392EA452BA355EB3426170B94ABEDDC172 ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
22:57:37.0470 0x0f34  ws2ifsl - ok
22:57:37.0511 0x0f34  [ 4ACEA6CEDDC18DE41D9D59EFA5095A59, 6612FFF2E9BF04B05E1F0E3AEE9865359AB786E0AE48D834AA9DCF00CACA4102 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
22:57:37.0546 0x0f34  wscsvc - ok
22:57:37.0571 0x0f34  [ D6CC95C9AB741215C54B231043045D0A, 61112A6BF8C93C0240B87B0CDC615B924219C435C803F9CF5FB5BEBB3A62991C ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
22:57:37.0607 0x0f34  WSDPrintDevice - ok
22:57:37.0642 0x0f34  [ 66040C953845533DDACA721E2900C226, 03A60C5951A1FC0169E64C399000ACD2DD5CCCA0427726B798EF1A587844A329 ] WSDScan         C:\WINDOWS\System32\drivers\WSDScan.sys
22:57:37.0679 0x0f34  WSDScan - ok
22:57:37.0686 0x0f34  WSearch - ok
22:57:37.0857 0x0f34  [ 2535EE24CC1BB639A7639B4CA5BDE7C5, B855B693D413144CA26286CE49825F608870AE23DEAC641DAFD693F5F70D9ECB ] WSService       C:\WINDOWS\System32\WSService.dll
22:57:37.0998 0x0f34  WSService - ok
22:57:38.0179 0x0f34  [ 1D09DC9C73398BF32BD308DDFF9B507B, 9581B66143A9D782380865F623E44398F4EEEDA4A4E9C669FAF25AEA18D4C164 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
22:57:38.0336 0x0f34  wuauserv - ok
22:57:38.0386 0x0f34  [ 99EAF7E92720AF13D2CBBC7B0E2E4162, A78EA57231A9D4DAD99FBFE4E4A421C78629B90D35D98C21F088B77DCD60DA86 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
22:57:38.0424 0x0f34  WudfPf - ok
22:57:38.0455 0x0f34  [ AF04004069C5525E2E88A5476B385223, DC88F507CD786B02F87CB2A0140BCE4BAB75994132A8604E8B107586CE90D192 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
22:57:38.0495 0x0f34  WUDFRd - ok
22:57:38.0544 0x0f34  [ 47575E783D399C38E9200DD73A712443, BFA635FC6927BABA46F6E11C1A99A952CC5C0A9090FE1550A7847CA728AA570C ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
22:57:38.0569 0x0f34  wudfsvc - ok
22:57:38.0600 0x0f34  [ AF04004069C5525E2E88A5476B385223, DC88F507CD786B02F87CB2A0140BCE4BAB75994132A8604E8B107586CE90D192 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:57:38.0625 0x0f34  WUDFWpdFs - ok
22:57:38.0635 0x0f34  [ AF04004069C5525E2E88A5476B385223, DC88F507CD786B02F87CB2A0140BCE4BAB75994132A8604E8B107586CE90D192 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
22:57:38.0661 0x0f34  WUDFWpdMtp - ok
22:57:38.0700 0x0f34  [ 0D3C738EC8FF12C8B69925229949ED05, 5E7A28F35D83B29925CAA663E12DF970961C10AD5887997E543D1C0ADA11345B ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
22:57:38.0775 0x0f34  WwanSvc - ok
22:57:38.0802 0x0f34  楗敳潂瑯獁楳瑳湡t - ok
22:57:38.0999 0x0f34  ================ Scan global ===============================
22:57:39.0046 0x0f34  [ BEC87D938F9B07206DC39535D99F6771, F29468A3BE54CDA8EE7DBEFCC5CB2322D81C1E2B41D37EF91196CBA6DE442C2A ] C:\WINDOWS\system32\basesrv.dll
22:57:39.0083 0x0f34  [ DBD08C890F4148C2C26D2247FA36E947, 505182658C0E6DC39197BFB8D25885274B3948E548E3618796FF3AF64E626326 ] C:\WINDOWS\system32\winsrv.dll
22:57:39.0123 0x0f34  [ 9C56B7F2F68F73F735E367BBCF39D15B, D7370BE7D57A5A7EB1719241365946C35E321EF28EC640648103AA13FAA89CEA ] C:\WINDOWS\system32\sxssrv.dll
22:57:39.0164 0x0f34  [ 271DDD0B858CA6A6FF5D8CB04BE887C6, C09D2E8FCFA7C92F5C0459B6F7F519CA9F0E1942590DD576CCA6259A2E45C7E9 ] C:\WINDOWS\system32\services.exe
22:57:39.0175 0x0f34  [ Global ] - ok
22:57:39.0175 0x0f34  ================ Scan MBR ==================================
22:57:39.0188 0x0f34  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
22:57:39.0730 0x0f34  \Device\Harddisk0\DR0 - ok
22:57:39.0731 0x0f34  ================ Scan VBR ==================================
22:57:39.0737 0x0f34  [ 5FED2B15B84ECAF175405F3AE625AC12 ] \Device\Harddisk0\DR0\Partition1
22:57:39.0766 0x0f34  \Device\Harddisk0\DR0\Partition1 - ok
22:57:39.0792 0x0f34  [ 303D28C058713CE1676D74670EFB79BB ] \Device\Harddisk0\DR0\Partition2
22:57:39.0811 0x0f34  \Device\Harddisk0\DR0\Partition2 - ok
22:57:39.0828 0x0f34  [ 80AE5C25728E4F2C931C4903C58AB3CC ] \Device\Harddisk0\DR0\Partition3
22:57:39.0839 0x0f34  \Device\Harddisk0\DR0\Partition3 - ok
22:57:39.0865 0x0f34  [ 41CCA8098706FF5ED2629FD8C59AAE14 ] \Device\Harddisk0\DR0\Partition4
22:57:39.0885 0x0f34  \Device\Harddisk0\DR0\Partition4 - ok
22:57:39.0887 0x0f34  Waiting for KSN requests completion. In queue: 151
22:57:40.0888 0x0f34  Waiting for KSN requests completion. In queue: 151
22:57:41.0966 0x0f34  AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files\AVG\AVG2014\avgwsc.exe ( 14.0.0.4563 ), 0x41000 ( enabled : updated )
22:57:42.0003 0x0f34  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x60100 ( disabled : updated )
22:57:42.0005 0x0f34  AV detected via SS2: Norton 360 Premier Edition, C:\Program Files\Norton 360\Engine\21.2.0.38\WSCStub.exe ( 21.2.0.0 ), 0x51000 ( enabled : updated )
22:57:42.0009 0x0f34  FW detected via SS2: Norton 360 Premier Edition, C:\Program Files\Norton 360\Engine\21.2.0.38\WSCStub.exe ( 21.2.0.0 ), 0x51010 ( enabled )
22:57:43.0004 0x0f34  ============================================================
22:57:43.0004 0x0f34  Scan finished
22:57:43.0004 0x0f34  ============================================================
22:57:43.0027 0x1a78  Detected object count: 0
22:57:43.0027 0x1a78  Actual detected object count: 0
         

Code:
ATTFilter
Malwarebytes Anti-Rootkit BETA 1.07.0.1009
www.malwarebytes.org

Database version: v2014.04.25.10

Windows 8 x86 NTFS
Internet Explorer 11.0.9600.17031
JKadmin :: JK-LAPTOP [administrator]

25.04.2014 21:28:38
mbar-log-2014-04-25 (21-28-38).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled: 
Objects scanned: 346041
Time elapsed: 1 hour(s), 22 minute(s), 6 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)
         

Alt 26.04.2014, 15:54   #7
schrauber
/// the machine
/// TB-Ausbilder
 

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



Schick das Log mal bitte an den AVG Support, ich denke es ist ein Fehlalarm.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 29.04.2014, 21:21   #8
free-eagle
 
AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



Hi,

das hab ich getan - mir wurde vom deutschen AVG Support empfohlen die Dateien an AVG zu senden, um diese zu prüfen. Ein Fehlalarm sei möglich. Ist eine englisch sprachige seite.

Das Problem: wo kann ich denn diese Dateien finden?

edit: In einem anderen aktuellen Thread hier Betreff: "Abo Falle per E-Mail oder nicht, hab kein Plan" hat einer wohl diegleiche E-Mail wie ich erhalten und den Anhang geöffnet - es wäre interessant ob und wenn ja welcher Virus/Trojaner gefunden wurde? Das geht aus dem Thread auch nicht hervor....

schon komisch - vielleicht ist der so gut getarnt/neu, dass ihn noch kein Virenprogramm erkennt?

Übrigens habe ich soeben eine weitere dieser E-Mails erhalten, inkl. Anhang. Habe die Mail noch nicht mal angerührt, mich würde aber sehr die Analyse des Anhangs interessieren - gibt es denn eine Möglichkeit diese Datei irgendwo hinzusenden?
Es gibt ja schon einige Seiten die vor dieser Abo Mail warnen - aber keine berichtet, welche Art von Schadsoftware sich hier hinter dieser Rechnung verbigrt.

Gruß
free-eagle

Geändert von free-eagle (29.04.2014 um 21:58 Uhr)

Alt 01.05.2014, 00:07   #9
schrauber
/// the machine
/// TB-Ausbilder
 

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



Leite mir die mail mal weiter an schrauber(at)trojaner-board.de
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 01.05.2014, 20:03   #10
free-eagle
 
AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



edit: Mist, zu früh gefreut: Mail kam zurück mit Fehlermeldung:
this e-mail is considered spam. Therefore, the server rejects it

Konnte ich dir also leider nicht senden an o.g. E-Mail Adresse.

"ok - soeben versendet. Bin sehr gespannt, was sich dahinter verbirgt.
Danke."

Gruß
free-eagle

Alt 02.05.2014, 16:45   #11
schrauber
/// the machine
/// TB-Ausbilder
 

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



Nix bekommen. Kannste die Mail als Anhang weiterleiten?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 03.05.2014, 19:46   #12
free-eagle
 
AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



Hi,

habe versucht die Mail mit web.de zu speichern, aber er speichert lediglich eine HTML Mail und scheinbar nicht den Anhang.....wenn das überhaupt ne Zip ist - sind tausend "hieroglyphen" als Dateiname.

Also irgendwie ist die Zusendung so schwierig - ich könnte höchstens probieren, nur den ZIP Anhang zu speichern und dir zuzusenden. Hoffe ich fange mir dann aber nicht allein durch den Speichervorgang schon was ein ?

Gruß
free-eagle

Alt 04.05.2014, 07:52   #13
schrauber
/// the machine
/// TB-Ausbilder
 

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



Solange du das ZIP nicht öffnest passiert da nix.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 04.05.2014, 12:43   #14
free-eagle
 
AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



Hi,

also beim Versuch per Outlook die Datei zu speichern ist sie plötzlich verschwunden. Das neu installierte AVG hatte angeschlagen und wortlos die Mail in den Mülleimer und einen Trojaner in Quarantäne geschoben!

Dort habe ich sie gefunden mit dem Hinweis von AVG, dass der Trojaner Sheur4.BUOP sich in Quarantäne befindet.

Also ist das wohl der betreffende. Kann sich dieser damals nur beim öffnen der Mail (html mail) doch geöffnet haben als AVG noch nicht installiert war ?

Steht der Trojaner vielleicht in Zusammenhang mit dem Befall der Eingangs genannten Dateien?
Weil noch steht ja ein Fehlalarm im bereich des möglich. Eine Zip datei (wenn es denn überhaupt je eine war) habe jedenfalls niemals geöffnet.

Ist bekannt was der Trojaner anstellt? Sicherheitshalber doch Laptop platt machen?

Geändert von free-eagle (04.05.2014 um 12:50 Uhr)

Alt 04.05.2014, 20:07   #15
schrauber
/// the machine
/// TB-Ausbilder
 

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Standard

AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...



Eigentlich passiert beim reinen Öffnen der Mail erstmal nix. DU musst den Anhang schon laden und explizit öffnen/entpacken/ausführen.

Wenn es denn dieser Trojaner ist, und wenn er denn je auf dem Rechner aktiv war, ausser jetzt in dem Anhang der Mail, sollte man Passwörter und Co ändern. Deine Logs sind aber alle sauber.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Antwort

Themen zu AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...
aufsetzen, avg, center, email, ergebnis, erwischt, fehlalarm, frage, infektion, infizierte, laptop, löschen, malwarebytes, neu, nicht löschen, norton, norton 360, parallel, plötzlich, rootkit, scanner, seltsam, systemdateien, verschwunden, virenscanner



Ähnliche Themen: AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection...


  1. Verständnis Frage; Malwarebytes Anti-Malware vs. Malwarebytes Anti-Rootkit
    Antiviren-, Firewall- und andere Schutzprogramme - 21.12.2014 (3)
  2. - Rootkit entdeckt ! Win7 - Anti-Rootkit o. Neuinstallation ?
    Plagegeister aller Art und deren Bekämpfung - 15.02.2014 (13)
  3. Rootkit Infektion, danach Windows-Neuinstallation, GMER zeigt erneut Rootkit Aktivitäten an (Avast! false positive?)
    Log-Analyse und Auswertung - 05.03.2013 (2)
  4. Rootkit-Infektion
    Log-Analyse und Auswertung - 03.02.2013 (1)
  5. unbekannte trojaner /rootkit Infektion
    Log-Analyse und Auswertung - 20.07.2012 (4)
  6. Rootkit-Infektion?
    Log-Analyse und Auswertung - 18.06.2012 (1)
  7. NtMapViewOfSection-Hook
    Log-Analyse und Auswertung - 11.06.2012 (3)
  8. Avast Fehler 10050 - Infektion mit Rootkit.Zeroaccess?
    Plagegeister aller Art und deren Bekämpfung - 14.02.2012 (19)
  9. Verdacht auf Rootkit // ACPI.sys >>UNKNOWN [0xfffffa8003a912c0]
    Log-Analyse und Auswertung - 22.12.2011 (8)
  10. Rootkit und JavaAgent Infektion
    Plagegeister aller Art und deren Bekämpfung - 05.08.2011 (8)
  11. Rootkit gefunden, Malware Infektion?
    Log-Analyse und Auswertung - 15.06.2011 (27)
  12. AVAST meldet Mal-Infektion bei svchost.exe
    Log-Analyse und Auswertung - 20.04.2011 (23)
  13. Anti-malware Bericht ok, Spyware Doctor meldet noch Infektion
    Log-Analyse und Auswertung - 08.12.2010 (18)
  14. Infektion mit Anti Malware Doctor
    Log-Analyse und Auswertung - 05.08.2010 (1)
  15. AntiVir meldet TR/Dropper-Infektion; Anti-malware kann nicht zuende scannen...
    Plagegeister aller Art und deren Bekämpfung - 17.02.2010 (5)
  16. NOD32 meldet zahlreiche "Unknown Virus"
    Plagegeister aller Art und deren Bekämpfung - 22.05.2008 (7)

Zum Thema AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... - Hallo, hatte kürzlich die komische Abo Email von Media Center deren Anhang beim Öffnen der Mail! plötzlich verschwunden ist. Danach habe ich gescannt mit meinem Norton 360 (hatte nie angeschlagen), - AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection......
Archiv
Du betrachtest: AVG meldet Anti-Rootkit infektion unknown NtMapViewOfSection... auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.