Zurück   Trojaner-Board > Malware entfernen > Plagegeister aller Art und deren Bekämpfung

Plagegeister aller Art und deren Bekämpfung: TROJAN DNS Reply Sinkhole - Anubis -

Windows 7 Wenn Du nicht sicher bist, ob Du dir Malware oder Trojaner eingefangen hast, erstelle hier ein Thema. Ein Experte wird sich mit weiteren Anweisungen melden und Dir helfen die Malware zu entfernen oder Unerwünschte Software zu deinstallieren bzw. zu löschen. Bitte schildere dein Problem so genau wie möglich. Sollte es ein Trojaner oder Viren Problem sein wird ein Experte Dir bei der Beseitigug der Infektion helfen.

Antwort
Alt 08.11.2014, 13:45   #1
Sil@s
 
TROJAN DNS Reply Sinkhole - Anubis - - Icon17

TROJAN DNS Reply Sinkhole - Anubis -



Hallo liebe Helfer,

ich nutze Windowas 7 und mein Laptop ist von einem Trojaner befallen.
Per Mail wurde mir dies über den Anbieter gigaspeed mitgeteilt.
Was kann ich tun, um ihn zu entfernen?
Avira free Antivirus zeigt keine besonderen Auffälligkeiten oder Benachrichtigungen an.

Vielen Dank für Ihre Hilfe,
Gruß

Sil@s

Alt 08.11.2014, 14:47   #2
schrauber
/// the machine
/// TB-Ausbilder
 

TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



hi,

Bitte lade dir die passende Version von Farbar's Recovery Scan Tool auf deinen Desktop: FRST Download FRST 32-Bit | FRST 64-Bit
(Wenn du nicht sicher bist: Lade beide Versionen oder unter Start > Computer (Rechtsklick) > Eigenschaften nachschauen)
  • Starte jetzt FRST.
  • Ändere ungefragt keine der Checkboxen und klicke auf Untersuchen.
  • Die Logdateien werden nun erstellt und befinden sich danach auf deinem Desktop.
  • Poste mir die FRST.txt und nach dem ersten Scan auch die Addition.txt in deinem Thread (#-Symbol im Eingabefenster der Webseite anklicken)

__________________

__________________

Alt 08.11.2014, 15:52   #3
Sil@s
 
TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



Die Ergebnisse von FRST 64-Byte:

FRST- Editor:
FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-11-2014 01
Ran by Mandy (administrator) on MANDY-PC on 08-11-2014 15:43:24
Running from C:\Users\Mandy\Desktop\trojanerHILFE
Loaded Profile: Mandy (Available profiles: Mandy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe
(Avira) C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Research In Motion) C:\Users\Mandy\BlackBerryLink.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Research In Motion) C:\Users\Mandy\BlackBerryLink.Helper.exe
() C:\Program Files (x86)\Common Files\Research in Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research in Motion\nginx\nginx.exe
(Research In Motion) C:\Users\Mandy\BlackBerryLink.AutoUpdate.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\RIMDeviceManager\RIMDeviceManager.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2403840 2009-09-11] (Vodafone)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-02-07] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4493824 2014-05-07] (Research In Motion Limited)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-23] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-09-01] (Sony)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [BlackBerryLink.exe] => C:\Users\Mandy\BlackBerryLink.exe [1463824 2014-05-08] (Research In Motion)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [5395192 2014-11-07] (Avira)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [EADM] => D:\Oblivion\EADM\EADMUI.exe [11509760 2011-02-17] (Electronic Arts)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\MountPoints2: {3589a953-d524-11e3-ad5d-806e6f6e6963} - H:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\MountPoints2: {3589a96e-d524-11e3-ad5d-80c16e3c6e03} - H:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\MountPoints2: {3589a997-d524-11e3-ad5d-001e101f50a4} - H:\setup_vmc_lite.exe /checkApplicationPresence
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\MountPoints2: {646e8af1-d856-11e3-9cba-80c16e3c6e03} - I:\Startme.exe
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\MountPoints2: {953390bd-8a78-11e3-9b56-806e6f6e6963} - G:\Autorun.exe
HKU\S-1-5-18\...\Run: [AviraSpeedup] => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [5395192 2014-11-07] (Avira)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-02-01] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk
ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = Suche
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE2D9CB67341FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.2.0.10 10.2.0.130
Tcpip\..\Interfaces\{17EE3BAF-33CC-49AC-AD46-509894EF9C4A}: [NameServer] 94.135.229.197 94.135.229.213

FireFox:
========
FF ProfilePath: C:\Users\Mandy\AppData\Roaming\Mozilla\Firefox\Profiles\xlkt84k5.default
FF DefaultSearchEngine: Conduit Search
FF SelectedSearchEngine: Conduit Search
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Mandy\AppData\Roaming\Mozilla\Firefox\Profiles\xlkt84k5.default\Extensions\abs@avira.com [2014-11-07]
FF Extension: Adblock Plus - C:\Users\Mandy\AppData\Roaming\Mozilla\Firefox\Profiles\xlkt84k5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-06]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2014-02-18]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [582144 2014-02-04] (Hauppauge Computer Works) [File not signed]
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone) [File not signed]
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 HCWF9BDA; C:\Windows\System32\Drivers\hcwF9b64.sys [188376 2013-09-25] (ITE                      )
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 15:42 - 2014-11-08 15:43 - 00000000 ____D () C:\Users\Mandy\Desktop\trojanerHILFE
2014-11-08 15:42 - 2014-11-08 15:43 - 00000000 ____D () C:\FRST
2014-11-08 01:54 - 2014-11-08 01:54 - 00000000 ____D () C:\ProgramData\EA Core
2014-11-08 01:53 - 2014-11-08 02:04 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-11-08 01:53 - 2014-11-08 01:53 - 00000630 _____ () C:\Users\Public\Desktop\EA Download Manager.lnk
2014-11-08 01:53 - 2014-11-08 01:53 - 00000000 ____D () C:\Users\Mandy\AppData\Local\Electronic Arts
2014-11-08 01:53 - 2014-11-08 01:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-11-08 01:53 - 2014-11-08 01:53 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-11-08 00:46 - 2014-11-08 00:46 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-11-07 22:35 - 2014-11-07 22:35 - 00001209 _____ () C:\Users\Mandy\Desktop\Avira System Speedup.lnk
2014-11-07 22:33 - 2014-11-07 22:35 - 00000000 ____D () C:\Users\Mandy\AppData\Local\AviraSpeedup
2014-11-07 20:35 - 2014-11-07 22:35 - 00003320 _____ () C:\Windows\System32\Tasks\AviraSpeedup
2014-11-07 20:35 - 2014-11-07 20:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviraSpeedup
2014-11-07 19:56 - 2014-11-07 19:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-07 19:56 - 2014-11-07 19:56 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-11-07 19:56 - 2014-11-07 19:56 - 00000000 ____D () C:\ProgramData\Sun
2014-11-07 19:56 - 2014-11-07 19:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-11-07 19:56 - 2014-11-07 19:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-07 19:54 - 2014-11-07 19:54 - 00638888 _____ (Oracle Corporation) C:\Users\Mandy\Desktop\jxpiinstall.exe
2014-11-07 19:38 - 2014-11-07 19:38 - 00000000 ____D () C:\Users\Mandy\AppData\Roaming\Avira
2014-11-07 19:34 - 2014-10-23 14:02 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-11-07 19:34 - 2014-10-23 14:02 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-11-07 19:34 - 2014-10-23 14:01 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-11-07 19:33 - 2014-11-07 20:35 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-07 19:33 - 2014-11-07 19:37 - 00001143 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-07 19:33 - 2014-11-07 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-07 19:33 - 2014-11-07 19:34 - 00000000 ____D () C:\ProgramData\Avira
2014-11-07 19:33 - 2014-11-07 19:33 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\Mandy\Downloads\avira_de_av___ws.exe
2014-11-07 19:10 - 2014-11-07 19:11 - 00854448 _____ () C:\Users\Mandy\Desktop\SecurityCheck.exe
2014-11-07 16:12 - 2014-11-07 16:12 - 00000000 __SHD () C:\Users\Mandy\AppData\Local\EmieUserList
2014-11-07 16:12 - 2014-11-07 16:12 - 00000000 __SHD () C:\Users\Mandy\AppData\Local\EmieSiteList
2014-11-07 16:05 - 2014-11-07 16:05 - 02347384 _____ (ESET) C:\Users\Mandy\Downloads\esetsmartinstaller_deu.exe
2014-11-07 15:46 - 2014-11-07 15:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-07 15:00 - 2014-11-07 15:27 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-11-07 15:00 - 2014-11-07 15:27 - 00001908 _____ () C:\Windows\diagerr.xml
2014-11-05 12:17 - 2014-11-05 12:17 - 00002032 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-11-03 17:23 - 2014-11-03 17:23 - 00000000 ____D () C:\Users\Mandy\AppData\Local\Skyrim
2014-11-03 17:22 - 2014-11-08 00:46 - 00034988 _____ () C:\Windows\DirectX.log
2014-10-29 16:55 - 2014-11-07 13:33 - 00000000 ____D () C:\Users\Mandy\Desktop\Soziologie
2014-10-26 16:20 - 2014-10-26 16:20 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-10-22 13:48 - 2014-10-22 13:48 - 00381511 _____ () C:\Users\Mandy\Desktop\Medien Propaganda, meinungsäußerung.php
2014-10-15 21:10 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 21:10 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 21:10 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 21:10 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 21:10 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 21:10 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 21:10 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 21:10 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 21:10 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 21:10 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 21:10 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 21:10 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 21:10 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 21:10 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 21:10 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 21:10 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 21:10 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 21:10 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 21:10 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 21:10 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 21:10 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 21:10 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 21:10 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 21:10 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 21:10 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 21:10 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 21:10 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 21:10 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 21:10 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 21:10 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 21:10 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 21:10 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 21:10 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 21:10 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 21:10 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 21:10 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 21:09 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 21:09 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 21:09 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 21:09 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 21:09 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 21:09 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 21:09 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 21:09 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 21:09 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 21:09 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 21:09 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 21:09 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 21:09 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 21:09 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 21:09 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 21:09 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 21:09 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 21:09 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 21:09 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 21:09 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 21:09 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 21:09 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 21:09 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 21:09 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 21:09 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 21:09 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 21:09 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 21:09 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 21:09 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 21:09 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 21:09 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 21:09 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 21:09 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 21:09 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 21:09 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 21:09 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 21:09 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 21:09 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 21:09 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 21:09 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 21:09 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 21:09 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 21:09 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 21:09 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 21:09 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 21:09 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 21:09 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 21:08 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 21:08 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 21:08 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 21:08 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 21:08 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 21:08 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 21:08 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 21:08 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 21:08 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 21:08 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 21:08 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 21:08 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 21:07 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 21:07 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 21:07 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 21:07 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 21:07 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 21:07 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 21:07 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-15 21:07 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-15 21:07 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 21:07 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 21:07 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 21:07 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 21:07 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-15 21:06 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 21:06 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 21:06 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 21:06 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 21:06 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 21:06 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 21:06 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 21:06 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 21:06 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 21:06 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 21:06 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 21:06 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 21:06 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 08:40 - 2014-11-03 16:07 - 00000000 ____D () C:\Users\Mandy\Desktop\Bestaetigung-Dateien

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-08 15:25 - 2014-04-17 09:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-08 13:05 - 2014-02-01 11:00 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9A2FC46C-DD34-4E4E-B60D-48EAD0A09815}
2014-11-08 12:55 - 2009-07-14 05:45 - 00023696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-08 12:55 - 2009-07-14 05:45 - 00023696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-08 12:53 - 2014-07-14 17:47 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-08 12:53 - 2014-01-31 14:10 - 01172289 _____ () C:\Windows\WindowsUpdate.log
2014-11-08 12:47 - 2014-02-19 18:44 - 00001085 _____ () C:\Windows\setupact.log
2014-11-08 12:47 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-08 12:46 - 2014-02-19 18:43 - 00288304 _____ () C:\Windows\PFRO.log
2014-11-08 02:04 - 2014-02-01 18:27 - 00000000 ____D () C:\Users\Mandy\Documents\My Games
2014-11-08 01:54 - 2014-01-31 14:13 - 00000000 ____D () C:\Users\Mandy\AppData\Local\VirtualStore
2014-11-08 01:05 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-07 22:29 - 2014-02-01 17:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-07 19:33 - 2014-02-07 19:17 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-07 16:19 - 2009-07-14 18:58 - 00817426 _____ () C:\Windows\system32\perfh007.dat
2014-11-07 16:19 - 2009-07-14 18:58 - 00187118 _____ () C:\Windows\system32\perfc007.dat
2014-11-07 16:19 - 2009-07-14 06:13 - 00006220 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-07 16:06 - 2014-09-13 17:49 - 00027681 _____ () C:\Users\Mandy\Documents\TombRaider.log
2014-11-07 15:00 - 2014-02-19 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-07 14:53 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-05 12:18 - 2014-05-10 16:29 - 00257938 _____ () C:\Windows\DPINST.LOG
2014-11-05 12:17 - 2014-05-10 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-11-05 12:16 - 2014-01-31 18:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-05 12:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-30 19:49 - 2014-02-01 17:56 - 00000000 ____D () C:\Users\Mandy\AppData\Roaming\vlc
2014-10-29 10:01 - 2014-04-17 09:37 - 00000000 ____D () C:\Users\Mandy\AppData\Roaming\Audacity
2014-10-26 19:09 - 2014-02-01 17:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-24 07:41 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-17 13:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 13:29 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 13:27 - 2014-02-19 18:43 - 04973784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 13:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 13:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 13:24 - 2014-08-15 12:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 23:43 - 2014-02-01 12:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 23:41 - 2014-02-01 12:15 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 08:59 - 2014-02-01 17:31 - 00000000 ____D () C:\ProgramData\Adobe

Files to move or delete:
====================
C:\Users\Mandy\BlackBerryLink.AutoUpdate.exe
C:\Users\Mandy\BlackBerryLink.exe
C:\Users\Mandy\BlackBerryLink.Helper.exe
C:\Users\Mandy\CE.dll
C:\Users\Mandy\log4net.dll
C:\Users\Mandy\Microsoft.Practices.Prism.dll
C:\Users\Mandy\Microsoft.Practices.Prism.Interactivity.dll
C:\Users\Mandy\Microsoft.Practices.Prism.MefExtensions.dll
C:\Users\Mandy\Microsoft.Practices.Prism.UnityExtensions.dll
C:\Users\Mandy\Microsoft.Practices.ServiceLocation.dll
C:\Users\Mandy\Microsoft.Practices.Unity.dll
C:\Users\Mandy\Microsoft.Windows.Shell.dll
C:\Users\Mandy\MSOE.Interactions.dll
C:\Users\Mandy\MSOl.Interactions.dll
C:\Users\Mandy\Rim.Common.Filesystem.dll
C:\Users\Mandy\Rim.Common.Utilities.dll
C:\Users\Mandy\Rim.Desktop.AutoUpdate.dll
C:\Users\Mandy\Rim.Desktop.AutoUpdate.UpgradeXMLParser.dll
C:\Users\Mandy\Rim.Desktop.AutoUpdate.Utilities.dll
C:\Users\Mandy\Rim.Desktop.Common.dll
C:\Users\Mandy\Rim.Desktop.DiagnosticsReport.exe
C:\Users\Mandy\Rim.Desktop.Services.Common.dll
C:\Users\Mandy\Rim.Desktop.Services.Configuration.dll
C:\Users\Mandy\Rim.Desktop.Services.Device.HttpControlChannel.dll
C:\Users\Mandy\Rim.Desktop.Services.Interfaces.dll
C:\Users\Mandy\Rim.Desktop.Services.Logging.dll
C:\Users\Mandy\Rim.Desktop.Services.Native.dll
C:\Users\Mandy\Rim.Desktop.Services.Tasks.dll
C:\Users\Mandy\Rim.Desktop.Services.WindowState.dll
C:\Users\Mandy\Rim.Desktop.Themes.dll
C:\Users\Mandy\Rim.DesktopHelper.common.dll
C:\Users\Mandy\rMSOEDE.dll
C:\Users\Mandy\rMSOLDE.dll
C:\Users\Mandy\rWinVistaDE.dll
C:\Users\Mandy\SyncApi.Configuration.dll
C:\Users\Mandy\SyncApi.dll
C:\Users\Mandy\SyncApi.MSOE.dll
C:\Users\Mandy\SyncApi.MSOL.dll
C:\Users\Mandy\SyncApi.WinVista.dll
C:\Users\Mandy\System.Windows.Interactivity.dll
C:\Users\Mandy\WinVista.Interactions.dll
C:\Users\Mandy\XCPCSYNCLib.dll


Some content of TEMP:
====================
C:\Users\Mandy\AppData\Local\Temp\avgnt.exe
C:\Users\Mandy\AppData\Local\Temp\AviraSetup210788.exe
C:\Users\Mandy\AppData\Local\Temp\drm_dyndata_7380014.dll
C:\Users\Mandy\AppData\Local\Temp\nst3DFD.exe
C:\Users\Mandy\AppData\Local\Temp\nst410A.exe
C:\Users\Mandy\AppData\Local\Temp\nsvAF65.exe
C:\Users\Mandy\AppData\Local\Temp\nsy5B60.exe
C:\Users\Mandy\AppData\Local\Temp\nsy5E1F.exe
C:\Users\Mandy\AppData\Local\Temp\Offercast_AVIRAV7_.exe
C:\Users\Mandy\AppData\Local\Temp\SpOrder.dll
C:\Users\Mandy\AppData\Local\Temp\vlc-2.1.3-win32.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 22:11

==================== End Of Log ============================
         
--- --- ---

Addition-EditorFRST Additions Logfile:
Code:
ATTFilter
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-11-2014 01
Ran by Mandy at 2014-11-08 15:44:03
Running from C:\Users\Mandy\Desktop\trojanerHILFE
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.6.0.19140 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{1BBD8D70-721A-41AD-AC8F-7308A0C8FA92}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) - Deutsch (HKLM-x32\...\{AC76BA86-7AD7-1031-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Alice Madness Returns (HKLM-x32\...\{93A3AB24-36E8-41BA-80C6-CCEC237836DC}) (Version: 1.0.0.0 - Electronic Arts)
AMD Catalyst Install Manager (HKLM\...\{70F55D70-7E5F-6291-4924-2F7640F19BFE}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM-x32\...\{9480d4af-12b9-4e56-8034-4031ef6ab39d}) (Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG)
Avira (x32 Version: 1.1.25.25607 - Avira Operations GmbH & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.342 - Avira)
Avira System Speedup (HKLM-x32\...\AviraSpeedup) (Version: 1.3.1.9970 - Avira System Speedup)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
BlackBerry Link (HKLM-x32\...\BlackBerry_10_Desktop) (Version: 1.2.3.48 - BlackBerry Ltd.)
BlackBerry Link (x32 Version: 1.2.3.48 - BlackBerry Ltd.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.10 - Piriform)
EA Download Manager (HKLM-x32\...\EADM) (Version: 7.3.1.16 - Electronic Arts, Inc.)
Grand Theft Auto IV (HKLM-x32\...\{579BA58C-F33D-4970-9953-B94B43768AC3}) (Version: 1.00.0000 - Rockstar Games)
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Hauppauge WinTV 7 (HKLM-x32\...\Hauppauge WinTV 7) (Version: v7.0.32035 (CD 3.3) - Hauppauge Computer Works)
Hauppauge WinTV Infrared Remote (HKLM-x32\...\Hauppauge WinTV Infrared Remote) (Version: 2.68.29013 - Hauppauge Computer Works, Inc.)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6365.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
K-Lite Codec Pack 10.2.0 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.2.0 - )
Microsoft .NET Framework 4 Client Profile DEU Language Pack (HKLM\...\Microsoft .NET Framework 4 Client Profile DEU Language Pack) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{929CE49F-1CA7-4CF3-A9A1-6D757443C63F}) (Version: 1.2.0241 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 33.0.3 (x86 de) (HKLM-x32\...\Mozilla Firefox 33.0.3 (x86 de)) (Version: 33.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0.1 - Mozilla)
Oblivion (HKLM-x32\...\{C66BF9FD-D367-4E13-8EB8-385FFEA20DB3}) (Version: 1.2.0416 - Bethesda Softworks)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF24 Creator 6.2.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version:  - PDF24.org)
PX Profile Update (x32 Version: 1.00.1. - AMD) Hidden
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Ralink RT5390 802.11b/g/n WiFi Adapter (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.2.13.0 - Ralink)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.85 - Realtek Semiconductor Corp.)
Skype™ 6.13 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.13.104 - Skype Technologies S.A.)
Sony PC Companion 2.10.228 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.228 - Sony)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Synaptics TouchPad Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Vodafone Mobile Connect Lite (HKLM-x32\...\{79A64F98-1796-4FA2-B5FF-C90F83D8BACD}) (Version: 9.4.3.17550 - Vodafone)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.3-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version:  - )

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3408470921-2802912741-564172878-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

==================== Restore Points  =========================

23-10-2014 13:10:12 Geplanter Prüfpunkt
30-10-2014 20:14:39 Geplanter Prüfpunkt
03-11-2014 16:22:00 DirectX wurde installiert
05-11-2014 11:17:37 Sony PC Companion
07-11-2014 19:34:39 Avira System Speedup(1.3.1.9930)
07-11-2014 21:34:39 Avira System Speedup(1.3.1.9970)
07-11-2014 23:27:34 Installed ProductName from default.wxl

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2014-02-18 15:13 - 00002246 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 3dns.adobe.com
127.0.0.1 3dns-1.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-4.adobe.com
127.0.0.1 activate.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 activate.wip.adobe.com
127.0.0.1 activate.wip1.adobe.com
127.0.0.1 activate.wip2.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 activate.wip4.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-1.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 adobe-dns-4.adobe.com
127.0.0.1 crl.verisign.net
127.0.0.1 CRL.VERISIGN.NET
127.0.0.1 ood.opsource.net
127.0.0.1 209-34-83-73.ood.opsource.net
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe
127.0.0.1 practivate.adobe.com
127.0.0.1 practivate.adobe.newoa
127.0.0.1 practivate.adobe.ntp
127.0.0.1 practivate.adobe.ipp

There are 17 more lines.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {2632809C-A6C6-4E75-8CAF-39BCC39948E9} - System32\Tasks\AviraSpeedup => C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe [2014-11-07] (Avira)
Task: {9FC85D7D-E94B-435D-B1F5-A08028EC4454} - System32\Tasks\AdobeAAMUpdater-1.0-Mandy-PC-Mandy => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {CBB5BC97-B38D-43DE-A322-FE43ABC0AABF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-27] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2014-02-01 17:12 - 2006-12-11 02:14 - 00043008 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-08-09 07:44 - 2011-08-09 07:44 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-01 18:06 - 2014-01-13 08:24 - 01356568 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2014-05-10 16:29 - 2014-06-23 09:07 - 00113376 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
2012-10-16 10:39 - 2012-10-16 10:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2014-01-10 10:27 - 2014-01-10 10:27 - 00663056 _____ () C:\Program Files (x86)\Common Files\Research In Motion\nginx\nginx.exe
2014-02-07 19:16 - 2011-08-23 10:04 - 00057344 _____ () C:\Program Files (x86)\WinTV\TVServer\libhdhomerun.dll
2014-02-07 19:16 - 2014-01-31 20:03 - 00025600 _____ () C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServerps.dll
2014-05-10 16:29 - 2012-04-30 11:57 - 00039936 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\TMonitorAPI.dll
2014-05-10 16:29 - 2013-09-13 11:02 - 00208896 _____ () C:\Program Files (x86)\Sony\Sony PC Companion\MExplorer.dll
2009-07-13 22:03 - 2009-07-14 02:15 - 00364544 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2014-11-07 15:46 - 2014-11-07 15:46 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupreg: SynTPEnh => %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe

========================= Accounts: ==========================

Administrator (S-1-5-21-3408470921-2802912741-564172878-500 - Administrator - Disabled)
Gast (S-1-5-21-3408470921-2802912741-564172878-501 - Limited - Disabled)
Mandy (S-1-5-21-3408470921-2802912741-564172878-1000 - Administrator - Enabled) => C:\Users\Mandy

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/08/2014 00:54:14 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(Friendly_ED064385DC5B7346_CFD99C865538E7A7._bp2p._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (11/08/2014 00:54:14 PM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(320b376b021721c4756a17d5ec837f._tunnel._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (11/08/2014 00:49:42 PM) (Source: MsiInstaller) (EventID: 10005) (User: Mandy-PC)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.

Error: (11/08/2014 00:47:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: Pen_Tablet.exe, Version: 5.3.3.3, Zeitstempel: 0x52d4123e
Name des fehlerhaften Moduls: Pen_Tablet.exe, Version: 5.3.3.3, Zeitstempel: 0x52d4123e
Ausnahmecode: 0xc0000005
Fehleroffset: 0x000000000019b9f3
ID des fehlerhaften Prozesses: 0xc94
Startzeit der fehlerhaften Anwendung: 0xPen_Tablet.exe0
Pfad der fehlerhaften Anwendung: Pen_Tablet.exe1
Pfad des fehlerhaften Moduls: Pen_Tablet.exe2
Berichtskennung: Pen_Tablet.exe3

Error: (11/08/2014 00:47:36 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue

Error: (11/08/2014 00:29:21 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(Friendly_6E63CFEA38D8617E_310DB655747F04E0._bp2p._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (11/08/2014 00:29:21 AM) (Source: RIM MDNS) (EventID: 100) (User: )
Description: Client application bug: DNSServiceResolve(220a6524f5f10a6fe9632de4e42c86._tunnel._tcp.local.) active for over two minutes. This places considerable burden on the network.

Error: (11/07/2014 10:33:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Name der fehlerhaften Anwendung: avira_system_speedup.exe, Version: 1.3.1.9930, Zeitstempel: 0x2a425e19
Name des fehlerhaften Moduls: avira_system_speedup.exe, Version: 1.3.1.9930, Zeitstempel: 0x2a425e19
Ausnahmecode: 0xc0000005
Fehleroffset: 0x00001dba
ID des fehlerhaften Prozesses: 0xa18
Startzeit der fehlerhaften Anwendung: 0xavira_system_speedup.exe0
Pfad der fehlerhaften Anwendung: avira_system_speedup.exe1
Pfad des fehlerhaften Moduls: avira_system_speedup.exe2
Berichtskennung: avira_system_speedup.exe3

Error: (11/07/2014 10:32:27 PM) (Source: MsiInstaller) (EventID: 10005) (User: Mandy-PC)
Description: Produkt: Vodafone Mobile Connect Lite -- Fehler 2711. The specified Feature name ('ByteMobile') not found in Feature table.

Error: (11/07/2014 10:30:35 PM) (Source: VMCService) (EventID: 0) (User: )
Description: conflictManagerTypeValue


System errors:
=============
Error: (11/08/2014 02:47:07 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "WinHTTP-Web Proxy Auto-Discovery-Dienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (11/08/2014 02:47:07 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "WinHttpAutoProxySvc" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1352

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).

Error: (11/08/2014 00:27:55 AM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{17EE3BAF-33CC-49AC-AD46-509894EF9C4A} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (11/08/2014 00:23:53 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {FE9617F6-E606-42AA-BECC-0E9CDA246D63}

Error: (11/07/2014 10:25:20 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {078AEF33-C48A-49F7-AFF3-A0EE810BFE7C}

Error: (11/07/2014 04:07:23 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: Der Dienst "Avira Browser-Schutz" ist von folgendem Dienst abhängig: AntiVirService. Dieser Dienst ist eventuell nicht installiert.

Error: (11/07/2014 03:29:25 PM) (Source: Server) (EventID: 2505) (User: )
Description: Aufgrund eines doppelten Netzwerknamens konnte zu der Transportschicht \Device\NetBT_Tcpip_{17EE3BAF-33CC-49AC-AD46-509894EF9C4A} vom Serverdienst nicht gebunden werden. Der Serverdienst konnte nicht gestartet werden.

Error: (11/07/2014 02:54:21 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Der Dienst "Server" wurde mit folgendem Fehler beendet: 
%%1062

Error: (11/07/2014 02:54:15 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Der Dienst "Netzwerklistendienst" wurde aufgrund folgenden Fehlers nicht gestartet: 
%%1069

Error: (11/07/2014 02:54:15 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Der Dienst "netprofm" konnte sich nicht als "NT AUTHORITY\LocalService" mit dem aktuellen Kennwort aufgrund des folgenden Fehlers anmelden: 
%%1352

Vergewissern Sie sich, dass der Dienst richtig konfiguriert ist im Dienste-Snap-In in der Microsoft Management Console (MMC).


Microsoft Office Sessions:
=========================

==================== Memory info =========================== 

Processor: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
Percentage of memory in use: 44%
Total physical RAM: 4043.86 MB
Available physical RAM: 2248.95 MB
Total Pagefile: 8085.9 MB
Available Pagefile: 5909.95 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (SYSTEM) (Fixed) (Total:139.69 GB) (Free:71.67 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (GAMES) (Fixed) (Total:186.26 GB) (Free:150.94 GB) NTFS
Drive e: (DATA) (Fixed) (Total:119.2 GB) (Free:118.73 GB) NTFS
Drive f: (Recovery) (Fixed) (Total:20.61 GB) (Free:2.2 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive g: (ALICE_2) (CDROM) (Total:7.15 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 257422C2)
Partition 1: (Active) - (Size=139.7 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=186.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=20.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=119.2 GB) - (Type=07 NTFS)

==================== End Of Log ============================
         
--- --- ---

Danke für die schnelle Antwort
__________________

Alt 09.11.2014, 08:00   #4
schrauber
/// the machine
/// TB-Ausbilder
 

TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



hi,

Downloade dir bitte TDSSKiller TDSSKiller.exe und speichere diese Datei auf dem Desktop
  • Starte die TDSSKiller.exe - Einstellen wie in der Anleitung zu TDSSKiller beschrieben.
  • Drücke Start Scan
  • Sollten infizierte Objekte gefunden werden, wähle keinesfalls Cure. Wähle Skip und klicke auf Continue.
    TDSSKiller wird eine Logfile auf deinem Systemlaufwerk speichern (Meistens C:\)
    Als Beispiel: C:\TDSSKiller.<Version_Datum_Uhrzeit>log.txt
Poste den Inhalt bitte in jedem Fall hier in deinen Thread.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 09.11.2014, 12:44   #5
Sil@s
 
TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



Hallo

Hier der Report von TDSSKiller, allerdings in mehreren Treads wegen zu vielen Zeichen:

12:26:31.0018 0x1664 TDSS rootkit removing tool 3.0.0.41 Oct 28 2014 17:58:34
12:26:35.0475 0x1664 ============================================================
12:26:35.0475 0x1664 Current date / time: 2014/11/09 12:26:35.0475
12:26:35.0475 0x1664 SystemInfo:
12:26:35.0475 0x1664
12:26:35.0475 0x1664 OS Version: 6.1.7601 ServicePack: 1.0
12:26:35.0475 0x1664 Product type: Workstation
12:26:35.0475 0x1664 ComputerName: MANDY-PC
12:26:35.0475 0x1664 UserName: Mandy
12:26:35.0475 0x1664 Windows directory: C:\Windows
12:26:35.0475 0x1664 System windows directory: C:\Windows
12:26:35.0475 0x1664 Running under WOW64
12:26:35.0475 0x1664 Processor architecture: Intel x64
12:26:35.0475 0x1664 Number of processors: 4
12:26:35.0475 0x1664 Page size: 0x1000
12:26:35.0475 0x1664 Boot type: Normal boot
12:26:35.0475 0x1664 ============================================================
12:26:37.0690 0x1664 KLMD registered as C:\Windows\system32\drivers\69400208.sys
12:26:37.0963 0x1664 System UUID: {6777D549-F468-DA88-7E23-6A179E5C99F9}
12:26:38.0421 0x1664 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:26:38.0425 0x1664 ============================================================
12:26:38.0425 0x1664 \Device\Harddisk0\DR0:
12:26:38.0425 0x1664 MBR partitions:
12:26:38.0425 0x1664 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x11763BFD
12:26:38.0425 0x1664 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x11763C3C, BlocksNum 0x1748653B
12:26:38.0425 0x1664 \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x37A4E43F, BlocksNum 0x2936802
12:26:38.0425 0x1664 \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x28BEA177, BlocksNum 0xEE642C8
12:26:38.0425 0x1664 ============================================================
12:26:38.0443 0x1664 C: <-> \Device\Harddisk0\DR0\Partition1
12:26:38.0476 0x1664 D: <-> \Device\Harddisk0\DR0\Partition2
12:26:38.0508 0x1664 E: <-> \Device\Harddisk0\DR0\Partition4
12:26:38.0546 0x1664 F: <-> \Device\Harddisk0\DR0\Partition3
12:26:38.0546 0x1664 ============================================================
12:26:38.0546 0x1664 Initialize success
12:26:38.0546 0x1664 ============================================================
12:26:41.0692 0x17b8 ============================================================
12:26:41.0692 0x17b8 Scan started
12:26:41.0692 0x17b8 Mode: Manual;
12:26:41.0692 0x17b8 ============================================================
12:26:41.0692 0x17b8 KSN ping started
12:26:48.0881 0x17b8 KSN ping finished: true
12:26:50.0638 0x17b8 ================ Scan system memory ========================
12:26:50.0638 0x17b8 System memory - ok
12:26:50.0638 0x17b8 ================ Scan services =============================
12:26:50.0809 0x17b8 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:26:50.0824 0x17b8 1394ohci - ok
12:26:50.0900 0x17b8 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:26:50.0906 0x17b8 ACPI - ok
12:26:50.0926 0x17b8 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:26:50.0936 0x17b8 AcpiPmi - ok
12:26:51.0051 0x17b8 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:26:51.0059 0x17b8 AdobeARMservice - ok
12:26:51.0216 0x17b8 [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:26:51.0221 0x17b8 AdobeFlashPlayerUpdateSvc - ok
12:26:51.0278 0x17b8 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:26:51.0310 0x17b8 adp94xx - ok
12:26:51.0337 0x17b8 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:26:51.0366 0x17b8 adpahci - ok
12:26:51.0387 0x17b8 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:26:51.0398 0x17b8 adpu320 - ok
12:26:51.0429 0x17b8 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:26:51.0430 0x17b8 AeLookupSvc - ok
12:26:51.0502 0x17b8 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:26:51.0523 0x17b8 AFD - ok
12:26:51.0567 0x17b8 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:26:51.0574 0x17b8 agp440 - ok
12:26:51.0591 0x17b8 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:26:51.0598 0x17b8 ALG - ok
12:26:51.0638 0x17b8 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:26:51.0644 0x17b8 aliide - ok
12:26:51.0677 0x17b8 [ 6807D94E8148771263308521E8CADE5E, C8B6E45CF0B33C97BF1F0C6F2F8CD31A9105D945932D1A8B659D5CBEE093BBED ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:26:51.0691 0x17b8 AMD External Events Utility - ok
12:26:51.0707 0x17b8 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:26:51.0713 0x17b8 amdide - ok
12:26:51.0756 0x17b8 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:26:51.0764 0x17b8 AmdK8 - ok
12:26:52.0103 0x17b8 [ F784F9BF32E708C71A63220E89A58496, A39750F1839763313CFFAB4AC897EA088DC02EA3BF84D58DE1504E5FF40AB828 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:26:52.0515 0x17b8 amdkmdag - ok
12:26:52.0592 0x17b8 [ 43FD45C0DFE0A0FF2B8BE0D4AC165E18, CAFA1E5D0C3474E862B51A379CB8C5491C1E12803741AAA45CA46365E112C991 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:26:52.0606 0x17b8 amdkmdap - ok
12:26:52.0632 0x17b8 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:26:52.0639 0x17b8 AmdPPM - ok
12:26:52.0680 0x17b8 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:26:52.0688 0x17b8 amdsata - ok
12:26:52.0701 0x17b8 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:26:52.0712 0x17b8 amdsbs - ok
12:26:52.0728 0x17b8 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:26:52.0735 0x17b8 amdxata - ok
12:26:52.0988 0x17b8 [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:26:52.0996 0x17b8 AntiVirSchedulerService - ok
12:26:53.0036 0x17b8 [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:26:53.0054 0x17b8 AntiVirService - ok
12:26:53.0113 0x17b8 [ E68A60DEFD150B73F9617A0537239449, 2DC780D677388E03936E9E99070C60A467D32145B3A02344D9F670714D71F5AF ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
12:26:53.0164 0x17b8 AntiVirWebService - ok
12:26:53.0223 0x17b8 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
12:26:53.0231 0x17b8 AppID - ok
12:26:53.0244 0x17b8 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:26:53.0253 0x17b8 AppIDSvc - ok
12:26:53.0282 0x17b8 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:26:53.0284 0x17b8 Appinfo - ok
12:26:53.0321 0x17b8 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:26:53.0330 0x17b8 arc - ok
12:26:53.0340 0x17b8 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:26:53.0348 0x17b8 arcsas - ok
12:26:53.0448 0x17b8 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:26:53.0465 0x17b8 aspnet_state - ok
12:26:53.0487 0x17b8 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:26:53.0491 0x17b8 AsyncMac - ok
12:26:53.0522 0x17b8 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:26:53.0523 0x17b8 atapi - ok
12:26:53.0599 0x17b8 [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:26:53.0620 0x17b8 AudioEndpointBuilder - ok
12:26:53.0655 0x17b8 [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:26:53.0666 0x17b8 AudioSrv - ok
12:26:53.0711 0x17b8 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:26:53.0721 0x17b8 avgntflt - ok
12:26:53.0739 0x17b8 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:26:53.0749 0x17b8 avipbb - ok
12:26:53.0847 0x17b8 [ F21955927D1C99206A8B91DE2CCE85E1, 26A6155CF46123C489CBE19B5B3E3B0D9ED02C9388E57058724B0FFB7D7C08B5 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
12:26:53.0859 0x17b8 Avira.OE.ServiceHost - ok
12:26:53.0880 0x17b8 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:26:53.0887 0x17b8 avkmgr - ok
12:26:53.0948 0x17b8 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:26:53.0962 0x17b8 AxInstSV - ok
12:26:54.0099 0x17b8 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:26:54.0215 0x17b8 b06bdrv - ok
12:26:54.0231 0x17b8 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:26:54.0245 0x17b8 b57nd60a - ok
12:26:54.0284 0x17b8 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:26:54.0295 0x17b8 BDESVC - ok
12:26:54.0305 0x17b8 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:26:54.0309 0x17b8 Beep - ok
12:26:54.0376 0x17b8 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:26:54.0407 0x17b8 BFE - ok
12:26:54.0444 0x17b8 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:26:54.0478 0x17b8 BITS - ok
12:26:54.0563 0x17b8 [ 5AD1283BB135F69F481FD5BB2A5F62A7, 981CCF329ECB0B77506BC85C49924DED1AC4ACC194AF6865764A8A1808B18755 ] BlackBerry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
12:26:54.0573 0x17b8 BlackBerry Device Manager - ok
12:26:54.0593 0x17b8 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:26:54.0598 0x17b8 blbdrive - ok
12:26:54.0635 0x17b8 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:26:54.0643 0x17b8 bowser - ok
12:26:54.0666 0x17b8 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:26:54.0671 0x17b8 BrFiltLo - ok
12:26:54.0684 0x17b8 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:26:54.0688 0x17b8 BrFiltUp - ok
12:26:54.0736 0x17b8 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:26:54.0740 0x17b8 Browser - ok
12:26:54.0764 0x17b8 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:26:54.0779 0x17b8 Brserid - ok
12:26:54.0797 0x17b8 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:26:54.0803 0x17b8 BrSerWdm - ok
12:26:54.0810 0x17b8 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:26:54.0815 0x17b8 BrUsbMdm - ok
12:26:54.0820 0x17b8 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:26:54.0826 0x17b8 BrUsbSer - ok
12:26:54.0844 0x17b8 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:26:54.0850 0x17b8 BTHMODEM - ok
12:26:54.0886 0x17b8 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:26:54.0897 0x17b8 bthserv - ok
12:26:54.0921 0x17b8 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:26:54.0929 0x17b8 cdfs - ok
12:26:54.0969 0x17b8 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:26:54.0980 0x17b8 cdrom - ok
12:26:55.0034 0x17b8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:26:55.0036 0x17b8 CertPropSvc - ok
12:26:55.0068 0x17b8 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:26:55.0076 0x17b8 circlass - ok
12:26:55.0111 0x17b8 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:26:55.0119 0x17b8 CLFS - ok
12:26:55.0184 0x17b8 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:26:55.0192 0x17b8 clr_optimization_v2.0.50727_32 - ok
12:26:55.0230 0x17b8 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:26:55.0241 0x17b8 clr_optimization_v2.0.50727_64 - ok
12:26:55.0333 0x17b8 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:26:55.0374 0x17b8 clr_optimization_v4.0.30319_32 - ok
12:26:55.0392 0x17b8 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:26:55.0406 0x17b8 clr_optimization_v4.0.30319_64 - ok
12:26:55.0434 0x17b8 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:26:55.0439 0x17b8 CmBatt - ok
12:26:55.0459 0x17b8 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:26:55.0465 0x17b8 cmdide - ok
12:26:55.0520 0x17b8 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:26:55.0554 0x17b8 CNG - ok
12:26:55.0581 0x17b8 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:26:55.0586 0x17b8 Compbatt - ok
12:26:55.0618 0x17b8 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:26:55.0625 0x17b8 CompositeBus - ok
12:26:55.0639 0x17b8 COMSysApp - ok
12:26:55.0657 0x17b8 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:26:55.0664 0x17b8 crcdisk - ok
12:26:55.0722 0x17b8 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:26:55.0726 0x17b8 CryptSvc - ok
12:26:55.0786 0x17b8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:26:55.0807 0x17b8 DcomLaunch - ok
12:26:55.0846 0x17b8 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:26:55.0860 0x17b8 defragsvc - ok
12:26:55.0895 0x17b8 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:26:55.0903 0x17b8 DfsC - ok
12:26:55.0946 0x17b8 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:26:55.0955 0x17b8 Dhcp - ok
12:26:55.0973 0x17b8 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:26:55.0974 0x17b8 discache - ok
12:26:56.0007 0x17b8 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:26:56.0015 0x17b8 Disk - ok
12:26:56.0068 0x17b8 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:26:56.0072 0x17b8 Dnscache - ok
12:26:56.0109 0x17b8 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:26:56.0126 0x17b8 dot3svc - ok
12:26:56.0157 0x17b8 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:26:56.0160 0x17b8 DPS - ok
12:26:56.0211 0x17b8 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:26:56.0215 0x17b8 drmkaud - ok
12:26:56.0277 0x17b8 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:26:56.0323 0x17b8 DXGKrnl - ok
12:26:56.0370 0x17b8 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:26:56.0372 0x17b8 EapHost - ok
12:26:56.0500 0x17b8 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:26:56.0653 0x17b8 ebdrv - ok
12:26:56.0705 0x17b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:26:56.0706 0x17b8 EFS - ok
12:26:56.0773 0x17b8 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:26:56.0838 0x17b8 ehRecvr - ok
12:26:56.0863 0x17b8 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:26:56.0873 0x17b8 ehSched - ok
12:26:56.0924 0x17b8 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:26:56.0954 0x17b8 elxstor - ok
12:26:56.0980 0x17b8 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:26:56.0985 0x17b8 ErrDev - ok
12:26:57.0025 0x17b8 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:26:57.0034 0x17b8 EventSystem - ok
12:26:57.0123 0x17b8 [ 251AF86E0A4DDF3A6B181ED5103B06B1, 1823E7C87F0D8972A89D71B1FB633C5D43744F9803E6A8B866F6EA610032437C ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
12:26:57.0130 0x17b8 ewusbnet - ok
12:26:57.0176 0x17b8 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:26:57.0186 0x17b8 exfat - ok
12:26:57.0204 0x17b8 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:26:57.0215 0x17b8 fastfat - ok
12:26:57.0279 0x17b8 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:26:57.0306 0x17b8 Fax - ok
12:26:57.0323 0x17b8 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:26:57.0328 0x17b8 fdc - ok
12:26:57.0343 0x17b8 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:26:57.0344 0x17b8 fdPHost - ok
12:26:57.0357 0x17b8 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:26:57.0358 0x17b8 FDResPub - ok
12:26:57.0370 0x17b8 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:26:57.0376 0x17b8 FileInfo - ok
12:26:57.0390 0x17b8 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:26:57.0395 0x17b8 Filetrace - ok
12:26:57.0399 0x17b8 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:26:57.0404 0x17b8 flpydisk - ok
12:26:57.0437 0x17b8 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:26:57.0452 0x17b8 FltMgr - ok
12:26:57.0528 0x17b8 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:26:57.0604 0x17b8 FontCache - ok
12:26:57.0674 0x17b8 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:26:57.0682 0x17b8 FontCache3.0.0.0 - ok
12:26:57.0710 0x17b8 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:26:57.0717 0x17b8 FsDepends - ok
12:26:57.0741 0x17b8 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:26:57.0746 0x17b8 Fs_Rec - ok
12:26:57.0797 0x17b8 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:26:57.0802 0x17b8 fvevol - ok
12:26:57.0820 0x17b8 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:26:57.0827 0x17b8 gagp30kx - ok
12:26:57.0878 0x17b8 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:26:57.0943 0x17b8 gpsvc - ok
12:26:58.0081 0x17b8 [ 344DE044CA057ACFA0AC914B4E780907, AE1A5CB25D79F35F0C0E93BDF7DE4A734C0EEEF4B971D57EE86AD52FCB4119A2 ] HauppaugeTVServer C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
12:26:58.0114 0x17b8 HauppaugeTVServer - ok
12:26:58.0140 0x17b8 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:26:58.0146 0x17b8 hcw85cir - ok
12:26:58.0197 0x17b8 [ 5BA6AEBB9B124D257A8BE9923837FDC3, 3495FACFE152773D82945D9C9E67F689CEFF34B0EC49E6ACE4FE29A10EDBC10C ] HCWF9BDA C:\Windows\system32\Drivers\hcwF9b64.sys
12:26:58.0209 0x17b8 HCWF9BDA - ok
12:26:58.0258 0x17b8 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:26:58.0274 0x17b8 HdAudAddService - ok
12:26:58.0295 0x17b8 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:26:58.0297 0x17b8 HDAudBus - ok
12:26:58.0327 0x17b8 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:26:58.0333 0x17b8 HidBatt - ok
12:26:58.0342 0x17b8 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:26:58.0350 0x17b8 HidBth - ok
12:26:58.0366 0x17b8 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:26:58.0373 0x17b8 HidIr - ok
12:26:58.0426 0x17b8 [ 943B20F119F05BCAB4D2593E2D3D4278, 7056691C0EFF0AA236195BD254E452C026EEDFB2E257330F92A072D4CEC3B712 ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
12:26:58.0431 0x17b8 hidkmdf - ok
12:26:58.0462 0x17b8 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:26:58.0464 0x17b8 hidserv - ok
12:26:58.0511 0x17b8 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:26:58.0516 0x17b8 HidUsb - ok
12:26:58.0545 0x17b8 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:26:58.0548 0x17b8 hkmsvc - ok
12:26:58.0590 0x17b8 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:26:58.0607 0x17b8 HomeGroupListener - ok
12:26:58.0641 0x17b8 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:26:58.0646 0x17b8 HomeGroupProvider - ok
12:26:58.0692 0x17b8 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:26:58.0700 0x17b8 HpSAMD - ok
12:26:58.0749 0x17b8 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:26:58.0761 0x17b8 HTTP - ok
12:26:58.0812 0x17b8 [ 4B5C07DB91A0099272FAAE732E1152BD, E0408F85A2E1E310F5143A01A34456F120875D21E0E9D0A9F9EBC96514CFC47C ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
12:26:58.0819 0x17b8 hwdatacard - ok
12:26:58.0844 0x17b8 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:26:58.0845 0x17b8 hwpolicy - ok
12:26:58.0896 0x17b8 [ 9C13A2691AC410CC7469F298684DCA5D, 2B07FE759B479A36AB4DE185AF8B4295396A1F8674587721BE7C92FC31ADFF0D ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
12:26:58.0904 0x17b8 hwusbfake - ok
12:26:58.0956 0x17b8 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:26:58.0965 0x17b8 i8042prt - ok
12:26:59.0011 0x17b8 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:26:59.0027 0x17b8 iaStorV - ok
12:26:59.0152 0x17b8 [ D3090576412EC63E0C6271D8B0974D73, 0E7EB7818FE248DCA5FE6CDFBD540A862B39E0A88609141FB3D7D1F82E0521D6 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
12:26:59.0244 0x17b8 IconMan_R - ok
12:26:59.0310 0x17b8 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:26:59.0387 0x17b8 idsvc - ok
12:26:59.0406 0x17b8 IEEtwCollectorService - ok
12:26:59.0440 0x17b8 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:26:59.0446 0x17b8 iirsp - ok
12:26:59.0506 0x17b8 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:26:59.0540 0x17b8 IKEEXT - ok
12:26:59.0608 0x17b8 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:26:59.0621 0x17b8 IntcDAud - ok
12:26:59.0652 0x17b8 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:26:59.0657 0x17b8 intelide - ok
12:27:00.0037 0x17b8 [ 33FAA40B288002C89529DBD14F3AB72C, 670BA536796322122EBD93F256331899DD2E1834471B017A58F74132EE8DFDB7 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
12:27:00.0487 0x17b8 intelkmd - ok
12:27:00.0531 0x17b8 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:27:00.0533 0x17b8 intelppm - ok
12:27:00.0553 0x17b8 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:27:00.0564 0x17b8 IPBusEnum - ok
12:27:00.0601 0x17b8 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:27:00.0609 0x17b8 IpFilterDriver - ok
12:27:00.0657 0x17b8 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:27:00.0679 0x17b8 iphlpsvc - ok
12:27:00.0710 0x17b8 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:27:00.0718 0x17b8 IPMIDRV - ok
12:27:00.0757 0x17b8 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:27:00.0765 0x17b8 IPNAT - ok
12:27:00.0785 0x17b8 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:27:00.0790 0x17b8 IRENUM - ok
12:27:00.0809 0x17b8 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:27:00.0814 0x17b8 isapnp - ok
12:27:00.0850 0x17b8 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:27:00.0864 0x17b8 iScsiPrt - ok
12:27:00.0887 0x17b8 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:27:00.0894 0x17b8 kbdclass - ok
12:27:00.0946 0x17b8 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:27:00.0952 0x17b8 kbdhid - ok
12:27:00.0975 0x17b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:27:00.0976 0x17b8 KeyIso - ok
12:27:01.0008 0x17b8 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:27:01.0016 0x17b8 KSecDD - ok
12:27:01.0028 0x17b8 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:27:01.0038 0x17b8 KSecPkg - ok
12:27:01.0068 0x17b8 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:27:01.0073 0x17b8 ksthunk - ok
12:27:01.0110 0x17b8 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:27:01.0144 0x17b8 KtmRm - ok
12:27:01.0195 0x17b8 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:27:01.0201 0x17b8 LanmanServer - ok
12:27:01.0241 0x17b8 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:27:01.0244 0x17b8 LanmanWorkstation - ok
12:27:01.0282 0x17b8 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:27:01.0288 0x17b8 lltdio - ok
12:27:01.0325 0x17b8 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:27:01.0343 0x17b8 lltdsvc - ok
12:27:01.0360 0x17b8 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:27:01.0366 0x17b8 lmhosts - ok
12:27:01.0399 0x17b8 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:27:01.0406 0x17b8 LSI_FC - ok
12:27:01.0424 0x17b8 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:27:01.0432 0x17b8 LSI_SAS - ok
12:27:01.0451 0x17b8 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:27:01.0458 0x17b8 LSI_SAS2 - ok
12:27:01.0473 0x17b8 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:27:01.0481 0x17b8 LSI_SCSI - ok
12:27:01.0501 0x17b8 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:27:01.0510 0x17b8 luafv - ok
12:27:01.0541 0x17b8 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:27:01.0552 0x17b8 Mcx2Svc - ok
12:27:01.0571 0x17b8 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:27:01.0578 0x17b8 megasas - ok
12:27:01.0599 0x17b8 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:27:01.0613 0x17b8 MegaSR - ok
12:27:01.0663 0x17b8 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:27:01.0675 0x17b8 MEIx64 - ok
12:27:01.0747 0x17b8 [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:27:01.0756 0x17b8 Microsoft Office Groove Audit Service - ok
12:27:01.0784 0x17b8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:27:01.0786 0x17b8 MMCSS - ok
12:27:01.0808 0x17b8 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:27:01.0813 0x17b8 Modem - ok
12:27:01.0834 0x17b8 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:27:01.0835 0x17b8 monitor - ok
12:27:01.0885 0x17b8 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:27:01.0892 0x17b8 mouclass - ok
12:27:01.0914 0x17b8 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:27:01.0919 0x17b8 mouhid - ok
12:27:01.0950 0x17b8 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:27:01.0953 0x17b8 mountmgr - ok
12:27:02.0004 0x17b8 [ 28048289E32294004A86935CC40A3252, D397C3BAD6BCDA33FA0982E10677598E8BDF69A0933D19A36873CB45BA4FB819 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:27:02.0014 0x17b8 MozillaMaintenance - ok
12:27:02.0051 0x17b8 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:27:02.0063 0x17b8 mpio - ok
12:27:02.0098 0x17b8 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:27:02.0105 0x17b8 mpsdrv - ok
12:27:02.0166 0x17b8 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:27:02.0196 0x17b8 MpsSvc - ok
12:27:02.0232 0x17b8 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:27:02.0242 0x17b8 MRxDAV - ok
12:27:02.0270 0x17b8 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:27:02.0281 0x17b8 mrxsmb - ok
12:27:02.0299 0x17b8 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:27:02.0313 0x17b8 mrxsmb10 - ok
12:27:02.0345 0x17b8 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:27:02.0355 0x17b8 mrxsmb20 - ok
12:27:02.0395 0x17b8 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:27:02.0400 0x17b8 msahci - ok
12:27:02.0415 0x17b8 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:27:02.0426 0x17b8 msdsm - ok
12:27:02.0449 0x17b8 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:27:02.0460 0x17b8 MSDTC - ok
12:27:02.0491 0x17b8 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:27:02.0496 0x17b8 Msfs - ok
12:27:02.0525 0x17b8 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:27:02.0529 0x17b8 mshidkmdf - ok
12:27:02.0568 0x17b8 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:27:02.0573 0x17b8 msisadrv - ok
12:27:02.0591 0x17b8 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:27:02.0604 0x17b8 MSiSCSI - ok
12:27:02.0607 0x17b8 msiserver - ok
12:27:02.0637 0x17b8 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:27:02.0641 0x17b8 MSKSSRV - ok
12:27:02.0652 0x17b8 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:27:02.0655 0x17b8 MSPCLOCK - ok
12:27:02.0673 0x17b8 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:27:02.0677 0x17b8 MSPQM - ok
12:27:02.0713 0x17b8 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:27:02.0727 0x17b8 MsRPC - ok
12:27:02.0762 0x17b8 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:27:02.0763 0x17b8 mssmbios - ok
12:27:02.0781 0x17b8 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:27:02.0786 0x17b8 MSTEE - ok
12:27:02.0794 0x17b8 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:27:02.0798 0x17b8 MTConfig - ok
12:27:02.0818 0x17b8 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:27:02.0825 0x17b8 Mup - ok
12:27:02.0867 0x17b8 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:27:02.0887 0x17b8 napagent - ok
12:27:02.0937 0x17b8 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:27:02.0952 0x17b8 NativeWifiP - ok
12:27:03.0023 0x17b8 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:27:03.0039 0x17b8 NDIS - ok
12:27:03.0089 0x17b8 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:27:03.0095 0x17b8 NdisCap - ok
12:27:03.0118 0x17b8 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:27:03.0123 0x17b8 NdisTapi - ok
12:27:03.0174 0x17b8 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:27:03.0181 0x17b8 Ndisuio - ok
12:27:03.0220 0x17b8 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:27:03.0231 0x17b8 NdisWan - ok
12:27:03.0266 0x17b8 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:27:03.0273 0x17b8 NDProxy - ok
12:27:03.0315 0x17b8 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:27:03.0321 0x17b8 NetBIOS - ok
12:27:03.0356 0x17b8 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:27:03.0361 0x17b8 NetBT - ok
12:27:03.0374 0x17b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:27:03.0375 0x17b8 Netlogon - ok
12:27:03.0413 0x17b8 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:27:03.0422 0x17b8 Netman - ok
12:27:03.0483 0x17b8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:27:03.0510 0x17b8 NetMsmqActivator - ok
12:27:03.0516 0x17b8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:27:03.0519 0x17b8 NetPipeActivator - ok
12:27:03.0560 0x17b8 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:27:03.0578 0x17b8 netprofm - ok
12:27:03.0685 0x17b8 [ 2EED549279D7FBD10B846B5397573967, 4F7EBB6C1AC58D1EFFA7A86AC799137FC88F5CCA3AC27E563B4EE2AF1EAE4ECC ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
12:27:03.0807 0x17b8 netr28x - ok
12:27:03.0825 0x17b8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:27:03.0827 0x17b8 NetTcpActivator - ok
12:27:03.0834 0x17b8 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:27:03.0837 0x17b8 NetTcpPortSharing - ok
12:27:03.0872 0x17b8 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:27:03.0879 0x17b8 nfrd960 - ok
12:27:03.0917 0x17b8 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:27:03.0925 0x17b8 NlaSvc - ok
12:27:03.0934 0x17b8 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:27:03.0940 0x17b8 Npfs - ok
12:27:03.0965 0x17b8 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:27:03.0966 0x17b8 nsi - ok
12:27:03.0981 0x17b8 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:27:03.0982 0x17b8 nsiproxy - ok
12:27:04.0064 0x17b8 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:27:04.0183 0x17b8 Ntfs - ok
12:27:04.0216 0x17b8 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:27:04.0220 0x17b8 Null - ok
12:27:04.0254 0x17b8 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:27:04.0263 0x17b8 nvraid - ok
12:27:04.0409 0x17b8 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:27:04.0446 0x17b8 nvstor - ok
12:27:04.0479 0x17b8 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:27:04.0488 0x17b8 nv_agp - ok
12:27:04.0570 0x17b8 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:27:04.0606 0x17b8 odserv - ok
12:27:04.0641 0x17b8 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:27:04.0648 0x17b8 ohci1394 - ok
12:27:04.0686 0x17b8 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:27:04.0697 0x17b8 ose - ok
12:27:04.0737 0x17b8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:27:04.0745 0x17b8 p2pimsvc - ok
12:27:04.0773 0x17b8 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:27:04.0806 0x17b8 p2psvc - ok
12:27:04.0835 0x17b8 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:27:04.0842 0x17b8 Parport - ok
12:27:04.0875 0x17b8 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:27:04.0883 0x17b8 partmgr - ok
12:27:04.0926 0x17b8 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:27:04.0930 0x17b8 PcaSvc - ok
12:27:04.0942 0x17b8 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:27:04.0954 0x17b8 pci - ok
12:27:04.0987 0x17b8 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:27:04.0992 0x17b8 pciide - ok
12:27:05.0010 0x17b8 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:27:05.0023 0x17b8 pcmcia - ok
12:27:05.0042 0x17b8 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:27:05.0049 0x17b8 pcw - ok
12:27:05.0100 0x17b8 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:27:05.0141 0x17b8 PEAUTH - ok
12:27:05.0200 0x17b8 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:27:05.0207 0x17b8 PerfHost - ok
12:27:05.0283 0x17b8 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:27:05.0351 0x17b8 pla - ok
12:27:05.0416 0x17b8 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:27:05.0426 0x17b8 PlugPlay - ok
12:27:05.0448 0x17b8 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:27:05.0456 0x17b8 PNRPAutoReg - ok
12:27:05.0485 0x17b8 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:27:05.0491 0x17b8 PNRPsvc - ok
12:27:05.0536 0x17b8 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:27:05.0569 0x17b8 PolicyAgent - ok
12:27:05.0609 0x17b8 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:27:05.0612 0x17b8 Power - ok
12:27:05.0656 0x17b8 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:27:05.0664 0x17b8 PptpMiniport - ok
12:27:05.0694 0x17b8 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:27:05.0702 0x17b8 Processor - ok
12:27:05.0751 0x17b8 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:27:05.0757 0x17b8 ProfSvc - ok
12:27:05.0773 0x17b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:27:05.0774 0x17b8 ProtectedStorage - ok
12:27:05.0812 0x17b8 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:27:05.0814 0x17b8 Psched - ok
12:27:05.0857 0x17b8 [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:27:05.0863 0x17b8 PxHlpa64 - ok
12:27:05.0921 0x17b8 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:27:06.0022 0x17b8 ql2300 - ok
12:27:06.0055 0x17b8 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:27:06.0064 0x17b8 ql40xx - ok
12:27:06.0093 0x17b8 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:27:06.0111 0x17b8 QWAVE - ok
12:27:06.0122 0x17b8 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:27:06.0128 0x17b8 QWAVEdrv - ok
12:27:06.0144 0x17b8 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:27:06.0148 0x17b8 RasAcd - ok
12:27:06.0171 0x17b8 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:27:06.0177 0x17b8 RasAgileVpn - ok
12:27:06.0191 0x17b8 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:27:06.0201 0x17b8 RasAuto - ok
12:27:06.0234 0x17b8 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:27:06.0244 0x17b8 Rasl2tp - ok
12:27:06.0281 0x17b8 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:27:06.0291 0x17b8 RasMan - ok
12:27:06.0301 0x17b8 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:27:06.0310 0x17b8 RasPppoe - ok
12:27:06.0339 0x17b8 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:27:06.0346 0x17b8 RasSstp - ok
12:27:06.0396 0x17b8 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:27:06.0413 0x17b8 rdbss - ok
12:27:06.0426 0x17b8 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:27:06.0431 0x17b8 rdpbus - ok
12:27:06.0446 0x17b8 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:27:06.0447 0x17b8 RDPCDD - ok
12:27:06.0475 0x17b8 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:27:06.0476 0x17b8 RDPENCDD - ok
12:27:06.0488 0x17b8 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:27:06.0489 0x17b8 RDPREFMP - ok
12:27:06.0569 0x17b8 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:27:06.0575 0x17b8 RdpVideoMiniport - ok
12:27:06.0626 0x17b8 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:27:06.0639 0x17b8 RDPWD - ok
12:27:06.0679 0x17b8 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:27:06.0693 0x17b8 rdyboost - ok
12:27:06.0742 0x17b8 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:27:06.0752 0x17b8 RemoteAccess - ok
12:27:06.0779 0x17b8 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:27:06.0790 0x17b8 RemoteRegistry - ok
12:27:06.0869 0x17b8 [ 37E8AD3CCDAEC87B05C6050DBD9B56F0, 390A981B576BBCB6595FEC1A3525A5748BB957268571E0C325B6F058F30115CE ] RIM MDNS C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
12:27:06.0889 0x17b8 RIM MDNS - ok
12:27:06.0942 0x17b8 [ B5D6FFFD964EF6DC906C80910055101C, 39D84BB696738EAE1CFBAA6176309C382DE2D1AEC8AB5BEF8538A3D104B05E77 ] RIM Tunnel Service C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
12:27:07.0028 0x17b8 RIM Tunnel Service - ok
12:27:07.0073 0x17b8 [ 13D2E03E86B34C21D108770E0B5115BB, 8A1695188DD69C377C3B3BEC0B07F5D0F4D19651D7D984BD91F0D78E6B630CC6 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:27:07.0081 0x17b8 RimUsb - ok
12:27:07.0099 0x17b8 [ A8C0368EF257B84D4E5A174FB999F7D2, D2B4FCD6B4BBA9DEBFAF24629E518211E913BC9B4D07F72BA5DA99CF4DCA6ABB ] rimvndis C:\Windows\system32\Drivers\rimvndis6_AMD64.sys
12:27:07.0103 0x17b8 rimvndis - ok
12:27:07.0133 0x17b8 [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
12:27:07.0140 0x17b8 RimVSerPort - ok
12:27:07.0160 0x17b8 [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
12:27:07.0164 0x17b8 ROOTMODEM - ok
12:27:07.0182 0x17b8 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:27:07.0184 0x17b8 RpcEptMapper - ok
12:27:07.0206 0x17b8 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:27:07.0210 0x17b8 RpcLocator - ok
12:27:07.0264 0x17b8 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:27:07.0273 0x17b8 RpcSs - ok
12:27:07.0326 0x17b8 [ 6E5C3D18C3BCC72AA527DBC5FA61AB8F, DED50163906A86A55E299AAEE127B00EFCCEA7DF26AC962568C91935A13A1562 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
12:27:07.0340 0x17b8 RSPCIESTOR - ok
12:27:07.0352 0x17b8 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:27:07.0359 0x17b8 rspndr - ok
12:27:07.0411 0x17b8 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:27:07.0442 0x17b8 RTL8167 - ok
12:27:07.0458 0x17b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:27:07.0460 0x17b8 SamSs - ok
12:27:07.0498 0x17b8 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:27:07.0506 0x17b8 sbp2port - ok
12:27:07.0543 0x17b8 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:27:07.0557 0x17b8 SCardSvr - ok
12:27:07.0588 0x17b8 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:27:07.0595 0x17b8 scfilter - ok
12:27:07.0656 0x17b8 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:27:07.0691 0x17b8 Schedule - ok
12:27:07.0724 0x17b8 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:27:07.0726 0x17b8 SCPolicySvc - ok
12:27:07.0747 0x17b8 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:27:07.0763 0x17b8 SDRSVC - ok
12:27:07.0792 0x17b8 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:27:07.0797 0x17b8 secdrv - ok
12:27:07.0829 0x17b8 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:27:07.0831 0x17b8 seclogon - ok
12:27:07.0852 0x17b8 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:27:07.0854 0x17b8 SENS - ok
12:27:07.0868 0x17b8 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:27:07.0876 0x17b8 SensrSvc - ok
12:27:07.0895 0x17b8 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:27:07.0900 0x17b8 Serenum - ok
12:27:07.0922 0x17b8 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:27:07.0930 0x17b8 Serial - ok
12:27:07.0960 0x17b8 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:27:07.0966 0x17b8 sermouse - ok
12:27:08.0002 0x17b8 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:27:08.0005 0x17b8 SessionEnv - ok
12:27:08.0039 0x17b8 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:27:08.0043 0x17b8 sffdisk - ok
12:27:08.0058 0x17b8 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:27:08.0064 0x17b8 sffp_mmc - ok
12:27:08.0072 0x17b8 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:27:08.0076 0x17b8 sffp_sd - ok
12:27:08.0093 0x17b8 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:27:08.0098 0x17b8 sfloppy - ok
12:27:08.0134 0x17b8 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:27:08.0155 0x17b8 SharedAccess - ok
12:27:08.0195 0x17b8 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:27:08.0202 0x17b8 ShellHWDetection - ok
12:27:08.0219 0x17b8 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:27:08.0226 0x17b8 SiSRaid2 - ok
12:27:08.0242 0x17b8 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:27:08.0250 0x17b8 SiSRaid4 - ok
12:27:08.0309 0x17b8 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:27:08.0353 0x17b8 SkypeUpdate - ok
12:27:08.0377 0x17b8 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:27:08.0386 0x17b8 Smb - ok
12:27:08.0411 0x17b8 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:27:08.0418 0x17b8 SNMPTRAP - ok
12:27:08.0501 0x17b8 [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
12:27:08.0513 0x17b8 Sony PC Companion - ok
12:27:08.0520 0x17b8 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:27:08.0525 0x17b8 spldr - ok
12:27:08.0572 0x17b8 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:27:08.0593 0x17b8 Spooler - ok
12:27:08.0725 0x17b8 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:27:08.0850 0x17b8 sppsvc - ok
12:27:08.0883 0x17b8 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:27:08.0893 0x17b8 sppuinotify - ok
12:27:08.0938 0x17b8 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:27:08.0968 0x17b8 srv - ok
12:27:08.0987 0x17b8 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:27:09.0005 0x17b8 srv2 - ok
12:27:09.0018 0x17b8 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:27:09.0029 0x17b8 srvnet - ok
12:27:09.0051 0x17b8 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:27:09.0056 0x17b8 SSDPSRV - ok
12:27:09.0069 0x17b8 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:27:09.0072 0x17b8 SstpSvc - ok
12:27:09.0179 0x17b8 [ 7BF818B11C1FEDC3E76D233124470A30, 77CEF8CBAECB30FC3487830CEAD272287D2A4400B5059DB8930A37EE5F5F7E7E ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
12:27:09.0187 0x17b8 STacSV - ok
12:27:09.0272 0x17b8 [ 189879824D01F9A0DD1D72259A120F50, D587688E9EF7C43319AB87EEA368C9310F3A8F4A8A6D8A6E427A54126C209DF0 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:27:09.0298 0x17b8 Steam Client Service - ok
12:27:09.0320 0x17b8 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:27:09.0325 0x17b8 stexstor - ok
12:27:09.0390 0x17b8 [ EBC1A5E076A9BE314D3D9E8ED19ABB0A, 7ED7AE9EEEC492D7176E093F6E080E5B3DC6F342041FD88F5848E8522EA06742 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:27:09.0424 0x17b8 STHDA - ok
12:27:09.0510 0x17b8 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:27:09.0531 0x17b8 stisvc - ok
12:27:09.0563 0x17b8 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:27:09.0567 0x17b8 swenum - ok
12:27:09.0691 0x17b8 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:27:09.0728 0x17b8 SwitchBoard - ok
12:27:09.0767 0x17b8 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:27:09.0789 0x17b8 swprv - ok
12:27:09.0834 0x17b8 [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:27:09.0864 0x17b8 SynTP - ok
12:27:09.0938 0x17b8 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:27:10.0012 0x17b8 SysMain - ok
12:27:10.0056 0x17b8 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:27:10.0059 0x17b8 TabletInputService - ok
12:27:10.0105 0x17b8 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:27:10.0113 0x17b8 TapiSrv - ok
12:27:10.0131 0x17b8 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:27:10.0133 0x17b8 TBS - ok
12:27:10.0280 0x17b8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:27:10.0372 0x17b8 Tcpip - ok
12:27:10.0453 0x17b8 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:27:10.0490 0x17b8 TCPIP6 - ok
12:27:10.0526 0x17b8 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:27:10.0533 0x17b8 tcpipreg - ok
12:27:10.0559 0x17b8 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:27:10.0564 0x17b8 TDPIPE - ok
12:27:10.0604 0x17b8 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:27:10.0609 0x17b8 TDTCP - ok
12:27:10.0648 0x17b8 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:27:10.0656 0x17b8 tdx - ok
12:27:10.0691 0x17b8 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:27:10.0699 0x17b8 TermDD - ok
12:27:10.0756 0x17b8 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
12:27:10.0787 0x17b8 TermService - ok
12:27:10.0802 0x17b8 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:27:10.0804 0x17b8 Themes - ok
12:27:10.0831 0x17b8 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:27:10.0833 0x17b8 THREADORDER - ok
12:27:10.0851 0x17b8 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:27:10.0854 0x17b8 TrkWks - ok
12:27:10.0903 0x17b8 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:27:10.0908 0x17b8 TrustedInstaller - ok
12:27:10.0939 0x17b8 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:27:10.0945 0x17b8 tssecsrv - ok
12:27:10.0989 0x17b8 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:27:10.0996 0x17b8 TsUsbFlt - ok
12:27:11.0041 0x17b8 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:27:11.0043 0x17b8 tunnel - ok
12:27:11.0064 0x17b8 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:27:11.0071 0x17b8 uagp35 - ok
12:27:11.0115 0x17b8 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:27:11.0130 0x17b8 udfs - ok
12:27:11.0157 0x17b8 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:27:11.0164 0x17b8 UI0Detect - ok
12:27:11.0182 0x17b8 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:27:11.0189 0x17b8 uliagpkx - ok
12:27:11.0224 0x17b8 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
12:27:11.0231 0x17b8 umbus - ok
12:27:11.0253 0x17b8 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:27:11.0258 0x17b8 UmPass - ok
12:27:11.0279 0x17b8 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:27:11.0288 0x17b8 upnphost - ok
12:27:11.0332 0x17b8 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:27:11.0339 0x17b8 usbccgp - ok
12:27:11.0368 0x17b8 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:27:11.0377 0x17b8 usbcir - ok
12:27:11.0389 0x17b8 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:27:11.0396 0x17b8 usbehci - ok
12:27:11.0430 0x17b8 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:27:11.0448 0x17b8 usbhub - ok
12:27:11.0466 0x17b8 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:27:11.0472 0x17b8 usbohci - ok
12:27:11.0502 0x17b8 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:27:11.0503 0x17b8 usbprint - ok
12:27:11.0540 0x17b8 [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys
12:27:11.0544 0x17b8 usbrndis6 - ok
12:27:11.0577 0x17b8 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:27:11.0579 0x17b8 usbscan - ok
12:27:11.0609 0x17b8 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:27:11.0611 0x17b8 USBSTOR - ok
12:27:11.0643 0x17b8 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:27:11.0649 0x17b8 usbuhci - ok
12:27:11.0694 0x17b8 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:27:11.0705 0x17b8 usbvideo - ok
12:27:11.0726 0x17b8 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:27:11.0729 0x17b8 UxSms - ok
12:27:11.0739 0x17b8 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:27:11.0740 0x17b8 VaultSvc - ok
12:27:11.0789 0x17b8 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:27:11.0795 0x17b8 vdrvroot - ok
12:27:11.0839 0x17b8 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:27:11.0870 0x17b8 vds - ok
12:27:11.0900 0x17b8 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:27:11.0906 0x17b8 vga - ok
12:27:11.0916 0x17b8 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:27:11.0921 0x17b8 VgaSave - ok
12:27:11.0957 0x17b8 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:27:11.0970 0x17b8 vhdmp - ok
12:27:11.0997 0x17b8 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:27:12.0002 0x17b8 viaide - ok
12:27:12.0082 0x17b8 [ 1B0D441D8AB264D39C2B09130CC28045, 15589A3A30B05AAD35152289AAF42CB792198FD15B55D6A7D5E4C1CE58459680 ] VMCService C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
12:27:12.0086 0x17b8 VMCService - ok
12:27:12.0105 0x17b8 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:27:12.0113 0x17b8 volmgr - ok
12:27:12.0182 0x17b8 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:27:12.0191 0x17b8 volmgrx - ok
12:27:12.0216 0x17b8 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:27:12.0234 0x17b8 volsnap - ok
12:27:12.0279 0x17b8 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:27:12.0289 0x17b8 vsmraid - ok
12:27:12.0374 0x17b8 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:27:12.0446 0x17b8 VSS - ok
12:27:12.0466 0x17b8 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:27:12.0472 0x17b8 vwifibus - ok
12:27:12.0481 0x17b8 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:27:12.0487 0x17b8 vwififlt - ok
12:27:12.0524 0x17b8 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:27:12.0538 0x17b8 W32Time - ok
12:27:12.0583 0x17b8 [ 0D67B715AE6729D0B518D20B7A7BAD1C, 05B044CB816CBF54DCB634AC765A5937C76B471722C6D6E1A9C27E7EBAB68913 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
12:27:12.0592 0x17b8 WacHidRouter - ok
12:27:12.0619 0x17b8 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:27:12.0625 0x17b8 WacomPen - ok
12:27:12.0639 0x17b8 [ 1042B08B4336EF3CE34E09435BB33A4A, A42B447B4A9B364BAE329F75D36A906999E8CB754F1B10DE322B6611FF9764F7 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
12:27:12.0644 0x17b8 wacomrouterfilter - ok
12:27:12.0677 0x17b8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:27:12.0686 0x17b8 WANARP - ok
12:27:12.0691 0x17b8 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:27:12.0693 0x17b8 Wanarpv6 - ok
12:27:12.0769 0x17b8 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:27:12.0847 0x17b8 wbengine - ok
12:27:12.0882 0x17b8 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:27:12.0897 0x17b8 WbioSrvc - ok
12:27:12.0934 0x17b8 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:27:12.0951 0x17b8 wcncsvc - ok
12:27:12.0975 0x17b8 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:27:12.0984 0x17b8 WcsPlugInService - ok
12:27:13.0008 0x17b8 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:27:13.0013 0x17b8 Wd - ok
12:27:13.0074 0x17b8 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:27:13.0150 0x17b8 Wdf01000 - ok
12:27:13.0181 0x17b8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:27:13.0183 0x17b8 WdiServiceHost - ok
12:27:13.0191 0x17b8 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:27:13.0194 0x17b8 WdiSystemHost - ok
12:27:13.0236 0x17b8 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:27:13.0251 0x17b8 WebClient - ok
12:27:13.0290 0x17b8 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:27:13.0307 0x17b8 Wecsvc - ok
12:27:13.0316 0x17b8 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:27:13.0319 0x17b8 wercplsupport - ok
12:27:13.0340 0x17b8 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:27:13.0343 0x17b8 WerSvc - ok
12:27:13.0366 0x17b8 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:27:13.0370 0x17b8 WfpLwf - ok
12:27:13.0389 0x17b8 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:27:13.0396 0x17b8 WIMMount - ok
12:27:13.0417 0x17b8 WinDefend - ok
12:27:13.0432 0x17b8 WinHttpAutoProxySvc - ok
12:27:13.0483 0x17b8 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:27:13.0498 0x17b8 Winmgmt - ok
12:27:13.0587 0x17b8 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
12:27:13.0687 0x17b8 WinRM - ok
12:27:13.0775 0x17b8 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:27:13.0782 0x17b8 WinUsb - ok
12:27:13.0833 0x17b8 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:27:13.0865 0x17b8 Wlansvc - ok
12:27:13.0903 0x17b8 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:27:13.0904 0x17b8 WmiAcpi - ok
12:27:13.0936 0x17b8 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:27:13.0947 0x17b8 wmiApSrv - ok
12:27:13.0978 0x17b8 WMPNetworkSvc - ok
12:27:14.0008 0x17b8 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:27:14.0016 0x17b8 WPCSvc - ok
12:27:14.0047 0x17b8 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:27:14.0050 0x17b8 WPDBusEnum - ok
12:27:14.0068 0x17b8 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:27:14.0073 0x17b8 ws2ifsl - ok
12:27:14.0087 0x17b8 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:27:14.0089 0x17b8 wscsvc - ok
12:27:14.0092 0x17b8 WSearch - ok
12:27:14.0168 0x17b8 [ CD16EB55F78AB1C92A0711F92B04B570, 387FCC84DD142AF66E15871F9D9EF67096EDFBECC6DEB9A8FB75A09168737723 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
12:27:14.0206 0x17b8 WTabletServiceCon - ok
12:27:14.0313 0x17b8 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:27:14.0417 0x17b8 wuauserv - ok
12:27:14.0447 0x17b8 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:27:14.0455 0x17b8 WudfPf - ok
12:27:14.0496 0x17b8 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:27:14.0500 0x17b8 WUDFRd - ok
12:27:14.0543 0x17b8 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:27:14.0545 0x17b8 wudfsvc - ok
12:27:14.0592 0x17b8 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:27:14.0607 0x17b8 WwanSvc - ok
12:27:14.0647 0x17b8 ================ Scan global ===============================
12:27:14.0677 0x17b8 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:27:14.0718 0x17b8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:27:14.0730 0x17b8 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:27:14.0753 0x17b8 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:27:14.0774 0x17b8 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:27:14.0782 0x17b8 [ Global ] - ok
12:27:14.0783 0x17b8 ================ Scan MBR ==================================
12:27:14.0798 0x17b8 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:27:15.0071 0x17b8 \Device\Harddisk0\DR0 - ok
12:27:15.0072 0x17b8 ================ Scan VBR ==================================
12:27:15.0074 0x17b8 [ 4F7A71D9FFC2F3AD47D66F659FB646A0 ] \Device\Harddisk0\DR0\Partition1
12:27:15.0075 0x17b8 \Device\Harddisk0\DR0\Partition1 - ok
12:27:15.0078 0x17b8 [ 67F7610C72D6EB5B44D1539CAA3531AF ] \Device\Harddisk0\DR0\Partition2
12:27:15.0114 0x17b8 \Device\Harddisk0\DR0\Partition2 - ok
12:27:15.0116 0x17b8 [ 0C4D666E02C110555D9CB77CE2B53207 ] \Device\Harddisk0\DR0\Partition3
12:27:15.0119 0x17b8 \Device\Harddisk0\DR0\Partition3 - ok
12:27:15.0135 0x17b8 [ 7290014D764838729CD328556CB0747C ] \Device\Harddisk0\DR0\Partition4
12:27:15.0164 0x17b8 \Device\Harddisk0\DR0\Partition4 - ok
12:27:15.0165 0x17b8 ================ Scan generic autorun ======================
12:27:15.0165 0x17b8 SynTPEnh - ok
12:27:15.0213 0x17b8 [ 31F52459AA89317FFB57EBAF9B4DD8BC, 05DA7048451BEF06B059A86D7FB3084942724F3359BD67A0DFADFB3FFFF6990A ] C:\Windows\system32\igfxtray.exe
12:27:15.0225 0x17b8 IgfxTray - ok
12:27:15.0248 0x17b8 [ 39AC970429FB9E56A29655FA8B959E90, 7272BD9AB1D7D84F352C6A48A4E83D34F0AE456A3404362DCCB04BC2D7D4D564 ] C:\Windows\system32\hkcmd.exe
12:27:15.0268 0x17b8 HotKeysCmds - ok
12:27:15.0294 0x17b8 [ 7CA105C4CCDFCA407859B2DF3D05A645, 36EEE251B2A221F1974A5BE3A743135EB317FF95A32A8B31DA3791573DB7D6BE ] C:\Windows\system32\igfxpers.exe
12:27:15.0303 0x17b8 Persistence - ok
12:27:15.0373 0x17b8 [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
12:27:15.0381 0x17b8 AdobeAAMUpdater-1.0 - ok
12:27:15.0440 0x17b8 [ C6352C29C56077749CEEDD08680D347D, DF520DA9E9F8D34004E497969FC4AB0D9F057EEE5D8A0BBB91C5EBC983011ABD ] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
12:27:15.0480 0x17b8 BambooCore - ok
12:27:15.0553 0x17b8 [ 27CFFB1E41A2BE2A25957A679BD84E10, 521DC8F3439EAA780AE0DA68B0FC6E671963AF76E165590EA83D2F6896B1C941 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
12:27:15.0562 0x17b8 AdobeCS5ServiceManager - ok
12:27:15.0590 0x17b8 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:27:15.0599 0x17b8 SwitchBoard - ok
12:27:15.0696 0x17b8 [ 9C2E66D8A9D40C4661943B235E3E5AFB, AC39141C37746AB16BB0F49D575664858AC72120F17361B01042A31102F07FF9 ] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
12:27:15.0783 0x17b8 MobileConnect - ok
12:27:15.0851 0x17b8 [ AD63907455110A66D55E899326EC6B8E, AD3E215502E237EF3D38EB2A028CC3E3A583DC8B9961EA7E8F49A50F9BC303C6 ] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
12:27:15.0860 0x17b8 RIMBBLaunchAgent.exe - ok
12:27:16.0004 0x17b8 [ FAA8D140E2886C3BC3A033A50239080A, EE5DC1010F5F8A9D4DF7F82EE38E10D5DBED1B7D44F27462605E6C80ECF2D85D ] C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
12:27:16.0134 0x17b8 RIM PeerManager - ok
12:27:16.0200 0x17b8 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:27:16.0261 0x17b8 Adobe ARM - ok
12:27:16.0354 0x17b8 [ 5909C378DF9132FC91F50AF70A53455A, E13CE76ABAFA459BFDB4B7806E73BF57217D0800206FC24805E66573F3670604 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
12:27:16.0365 0x17b8 Avira Systray - ok
12:27:16.0562 0x17b8 [ 616954748C2F28D653C7BAE814CA51FD, D75E46D978E42C2E7041206B18591EDAF700AD27077AE4D1D76E2857A4A77BF8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
12:27:16.0588 0x17b8 avgnt - ok
12:27:16.0686 0x17b8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:27:16.0809 0x17b8 Sidebar - ok
12:27:16.0843 0x17b8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:27:16.0852 0x17b8 mctadmin - ok
12:27:16.0896 0x17b8 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:27:16.0915 0x17b8 Sidebar - ok
12:27:16.0924 0x17b8 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:27:16.0926 0x17b8 mctadmin - ok
12:27:16.0965 0x17b8 [ 46A429DDE3208A722C7C70F63C33ADBE, A1F3836EB3C3910F382040716A0A520DF0328988FB3777B74FF68B4ED645F96A ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
12:27:16.0974 0x17b8 Sony PC Companion - ok
12:27:17.0065 0x17b8 [ 091AB7C8DC82397894EA567DF965C61C, C141338B60BAB08DB4E1B030A9BC93BE4A87F578F6F40FFE2A05D87A11B3FBE6 ] C:\Users\Mandy\BlackBerryLink.exe
12:27:17.0245 0x17b8 BlackBerryLink.exe - ok
12:27:17.0363 0x17b8 [ AECBBD0C048354B07A62D275D6DFE9F0, 9D163D281641676420DA480F331DE0C0E230ECEB97D413AEE2C9878F3DD77382 ] C:\Program Files (x86)\Steam\Steam.exe
12:27:17.0394 0x17b8 Steam - ok
12:27:17.0600 0x17b8 [ 252ACA694CA538515DB1454D3CB6652D, 930352D1D04FF65D465A1E2B42164E250318A88756FD0C073E89779507829F81 ] C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
12:27:17.0687 0x17b8 AviraSpeedup - ok
12:27:18.0147 0x17b8 [ 1BDD6B2A4ACC5596C235394783A86D65, 8DFF7942D8B588C8FFEBF3BD3CEB658ADA5DE95DC645B9B430569AC3B7EFB800 ] D:\Oblivion\EADM\EADMUI.exe
12:27:18.0526 0x17b8 EADM - ok
12:27:18.0541 0x17b8 Waiting for KSN requests completion. In queue: 386
12:27:19.0541 0x17b8 Waiting for KSN requests completion. In queue: 74
12:27:20.0541 0x17b8 Waiting for KSN requests completion. In queue: 74
12:27:21.0633 0x17b8 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.310 ), 0x41000 ( enabled : updated )
12:27:21.0637 0x17b8 Win FW state via NFP2: enabled
12:27:23.0969 0x17b8 ============================================================
12:27:23.0969 0x17b8 Scan finished
12:27:23.0969 0x17b8 ============================================================
12:27:23.0974 0x07f4 Detected object count: 0
12:27:23.0974 0x07f4 Actual detected object count: 0
12:27:58.0255 0x171c ============================================================
12:27:58.0255 0x171c Scan started
12:27:58.0255 0x171c Mode: Manual;
12:27:58.0255 0x171c ============================================================
12:27:58.0255 0x171c KSN ping started
12:28:05.0072 0x171c KSN ping finished: true
12:28:05.0656 0x171c ================ Scan system memory ========================
12:28:05.0656 0x171c System memory - ok
12:28:05.0657 0x171c ================ Scan services =============================
12:28:05.0784 0x171c [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:28:05.0788 0x171c 1394ohci - ok
12:28:05.0830 0x171c [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:28:05.0836 0x171c ACPI - ok
12:28:05.0846 0x171c [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:28:05.0846 0x171c AcpiPmi - ok
12:28:05.0949 0x171c [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:28:05.0950 0x171c AdobeARMservice - ok
12:28:06.0037 0x171c [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:28:06.0042 0x171c AdobeFlashPlayerUpdateSvc - ok
12:28:06.0077 0x171c [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:28:06.0085 0x171c adp94xx - ok
12:28:06.0097 0x171c [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:28:06.0103 0x171c adpahci - ok
12:28:06.0119 0x171c [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:28:06.0123 0x171c adpu320 - ok
12:28:06.0151 0x171c [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:28:06.0152 0x171c AeLookupSvc - ok
12:28:06.0202 0x171c [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:28:06.0211 0x171c AFD - ok
12:28:06.0245 0x171c [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:28:06.0246 0x171c agp440 - ok
12:28:06.0258 0x171c [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:28:06.0259 0x171c ALG - ok
12:28:06.0292 0x171c [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:28:06.0293 0x171c aliide - ok
12:28:06.0333 0x171c [ 6807D94E8148771263308521E8CADE5E, C8B6E45CF0B33C97BF1F0C6F2F8CD31A9105D945932D1A8B659D5CBEE093BBED ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:28:06.0337 0x171c AMD External Events Utility - ok
12:28:06.0352 0x171c [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:28:06.0352 0x171c amdide - ok


Alt 09.11.2014, 12:45   #6
Sil@s
 
TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



12:28:06.0379 0x171c [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:28:06.0381 0x171c AmdK8 - ok
12:28:06.0693 0x171c [ F784F9BF32E708C71A63220E89A58496, A39750F1839763313CFFAB4AC897EA088DC02EA3BF84D58DE1504E5FF40AB828 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:28:06.0860 0x171c amdkmdag - ok
12:28:07.0049 0x171c [ 43FD45C0DFE0A0FF2B8BE0D4AC165E18, CAFA1E5D0C3474E862B51A379CB8C5491C1E12803741AAA45CA46365E112C991 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:28:07.0054 0x171c amdkmdap - ok
12:28:07.0068 0x171c [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:28:07.0069 0x171c AmdPPM - ok
12:28:07.0094 0x171c [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:28:07.0096 0x171c amdsata - ok
12:28:07.0115 0x171c [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:28:07.0118 0x171c amdsbs - ok
12:28:07.0130 0x171c [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:28:07.0131 0x171c amdxata - ok
12:28:07.0347 0x171c [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:28:07.0354 0x171c AntiVirSchedulerService - ok
12:28:07.0385 0x171c [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:28:07.0392 0x171c AntiVirService - ok
12:28:07.0438 0x171c [ E68A60DEFD150B73F9617A0537239449, 2DC780D677388E03936E9E99070C60A467D32145B3A02344D9F670714D71F5AF ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
12:28:07.0456 0x171c AntiVirWebService - ok
12:28:07.0493 0x171c [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
12:28:07.0495 0x171c AppID - ok
12:28:07.0514 0x171c [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:28:07.0515 0x171c AppIDSvc - ok
12:28:07.0552 0x171c [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:28:07.0554 0x171c Appinfo - ok
12:28:07.0581 0x171c [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:28:07.0583 0x171c arc - ok
12:28:07.0600 0x171c [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:28:07.0601 0x171c arcsas - ok
12:28:07.0686 0x171c [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:28:07.0687 0x171c aspnet_state - ok
12:28:07.0703 0x171c [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:28:07.0704 0x171c AsyncMac - ok
12:28:07.0738 0x171c [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:28:07.0738 0x171c atapi - ok
12:28:07.0784 0x171c [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:28:07.0796 0x171c AudioEndpointBuilder - ok
12:28:07.0837 0x171c [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:28:07.0849 0x171c AudioSrv - ok
12:28:07.0882 0x171c [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:28:07.0885 0x171c avgntflt - ok
12:28:07.0922 0x171c [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:28:07.0924 0x171c avipbb - ok
12:28:07.0996 0x171c [ F21955927D1C99206A8B91DE2CCE85E1, 26A6155CF46123C489CBE19B5B3E3B0D9ED02C9388E57058724B0FFB7D7C08B5 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
12:28:08.0000 0x171c Avira.OE.ServiceHost - ok
12:28:08.0018 0x171c [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:28:08.0019 0x171c avkmgr - ok
12:28:08.0054 0x171c [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:28:08.0056 0x171c AxInstSV - ok
12:28:08.0100 0x171c [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:28:08.0107 0x171c b06bdrv - ok
12:28:08.0127 0x171c [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:28:08.0133 0x171c b57nd60a - ok
12:28:08.0169 0x171c [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:28:08.0171 0x171c BDESVC - ok
12:28:08.0191 0x171c [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:28:08.0191 0x171c Beep - ok
12:28:08.0251 0x171c [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:28:08.0263 0x171c BFE - ok
12:28:08.0296 0x171c [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:28:08.0311 0x171c BITS - ok
12:28:08.0372 0x171c [ 5AD1283BB135F69F481FD5BB2A5F62A7, 981CCF329ECB0B77506BC85C49924DED1AC4ACC194AF6865764A8A1808B18755 ] BlackBerry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
12:28:08.0383 0x171c BlackBerry Device Manager - ok
12:28:08.0401 0x171c [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:28:08.0402 0x171c blbdrive - ok
12:28:08.0443 0x171c [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:28:08.0445 0x171c bowser - ok
12:28:08.0463 0x171c [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:28:08.0464 0x171c BrFiltLo - ok
12:28:08.0481 0x171c [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:28:08.0482 0x171c BrFiltUp - ok
12:28:08.0532 0x171c [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:28:08.0535 0x171c Browser - ok
12:28:08.0561 0x171c [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:28:08.0566 0x171c Brserid - ok
12:28:08.0583 0x171c [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:28:08.0584 0x171c BrSerWdm - ok
12:28:08.0596 0x171c [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:28:08.0597 0x171c BrUsbMdm - ok
12:28:08.0602 0x171c [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:28:08.0603 0x171c BrUsbSer - ok
12:28:08.0619 0x171c [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:28:08.0621 0x171c BTHMODEM - ok
12:28:08.0650 0x171c [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:28:08.0652 0x171c bthserv - ok
12:28:08.0674 0x171c [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:28:08.0676 0x171c cdfs - ok
12:28:08.0733 0x171c [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:28:08.0735 0x171c cdrom - ok
12:28:08.0777 0x171c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:28:08.0779 0x171c CertPropSvc - ok
12:28:08.0810 0x171c [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:28:08.0811 0x171c circlass - ok
12:28:08.0852 0x171c [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:28:08.0859 0x171c CLFS - ok
12:28:08.0915 0x171c [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:28:08.0916 0x171c clr_optimization_v2.0.50727_32 - ok
12:28:08.0962 0x171c [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:28:08.0963 0x171c clr_optimization_v2.0.50727_64 - ok
12:28:09.0042 0x171c [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:28:09.0044 0x171c clr_optimization_v4.0.30319_32 - ok
12:28:09.0057 0x171c [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:28:09.0060 0x171c clr_optimization_v4.0.30319_64 - ok
12:28:09.0077 0x171c [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:28:09.0078 0x171c CmBatt - ok
12:28:09.0091 0x171c [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:28:09.0092 0x171c cmdide - ok
12:28:09.0142 0x171c [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:28:09.0151 0x171c CNG - ok
12:28:09.0169 0x171c [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:28:09.0170 0x171c Compbatt - ok
12:28:09.0207 0x171c [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:28:09.0208 0x171c CompositeBus - ok
12:28:09.0211 0x171c COMSysApp - ok
12:28:09.0223 0x171c [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:28:09.0224 0x171c crcdisk - ok
12:28:09.0276 0x171c [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:28:09.0280 0x171c CryptSvc - ok
12:28:09.0331 0x171c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:28:09.0340 0x171c DcomLaunch - ok
12:28:09.0367 0x171c [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:28:09.0373 0x171c defragsvc - ok
12:28:09.0406 0x171c [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:28:09.0409 0x171c DfsC - ok
12:28:09.0447 0x171c [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:28:09.0452 0x171c Dhcp - ok
12:28:09.0473 0x171c [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:28:09.0474 0x171c discache - ok
12:28:09.0485 0x171c [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:28:09.0486 0x171c Disk - ok
12:28:09.0590 0x171c [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:28:09.0594 0x171c Dnscache - ok
12:28:09.0745 0x171c [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:28:09.0751 0x171c dot3svc - ok
12:28:09.0778 0x171c [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:28:09.0782 0x171c DPS - ok
12:28:09.0810 0x171c [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:28:09.0811 0x171c drmkaud - ok
12:28:09.0880 0x171c [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:28:09.0901 0x171c DXGKrnl - ok
12:28:09.0925 0x171c [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:28:09.0928 0x171c EapHost - ok
12:28:10.0073 0x171c [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:28:10.0128 0x171c ebdrv - ok
12:28:10.0161 0x171c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:28:10.0162 0x171c EFS - ok
12:28:10.0229 0x171c [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:28:10.0241 0x171c ehRecvr - ok
12:28:10.0275 0x171c [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:28:10.0277 0x171c ehSched - ok
12:28:10.0324 0x171c [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:28:10.0333 0x171c elxstor - ok
12:28:10.0359 0x171c [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:28:10.0360 0x171c ErrDev - ok
12:28:10.0393 0x171c [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:28:10.0400 0x171c EventSystem - ok
12:28:10.0438 0x171c [ 251AF86E0A4DDF3A6B181ED5103B06B1, 1823E7C87F0D8972A89D71B1FB633C5D43744F9803E6A8B866F6EA610032437C ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
12:28:10.0440 0x171c ewusbnet - ok
12:28:10.0457 0x171c [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:28:10.0461 0x171c exfat - ok
12:28:10.0484 0x171c [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:28:10.0488 0x171c fastfat - ok
12:28:10.0596 0x171c [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:28:10.0610 0x171c Fax - ok
12:28:10.0625 0x171c [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:28:10.0626 0x171c fdc - ok
12:28:10.0645 0x171c [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:28:10.0646 0x171c fdPHost - ok
12:28:10.0659 0x171c [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:28:10.0660 0x171c FDResPub - ok
12:28:10.0672 0x171c [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:28:10.0674 0x171c FileInfo - ok
12:28:10.0692 0x171c [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:28:10.0693 0x171c Filetrace - ok
12:28:10.0699 0x171c [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:28:10.0700 0x171c flpydisk - ok
12:28:10.0739 0x171c [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:28:10.0744 0x171c FltMgr - ok
12:28:10.0808 0x171c [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:28:10.0828 0x171c FontCache - ok
12:28:10.0888 0x171c [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:28:10.0889 0x171c FontCache3.0.0.0 - ok
12:28:10.0913 0x171c [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:28:10.0915 0x171c FsDepends - ok
12:28:10.0944 0x171c [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:28:10.0945 0x171c Fs_Rec - ok
12:28:10.0989 0x171c [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:28:10.0993 0x171c fvevol - ok
12:28:11.0012 0x171c [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:28:11.0013 0x171c gagp30kx - ok
12:28:11.0070 0x171c [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:28:11.0084 0x171c gpsvc - ok
12:28:11.0185 0x171c [ 344DE044CA057ACFA0AC914B4E780907, AE1A5CB25D79F35F0C0E93BDF7DE4A734C0EEEF4B971D57EE86AD52FCB4119A2 ] HauppaugeTVServer C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
12:28:11.0196 0x171c HauppaugeTVServer - ok
12:28:11.0221 0x171c [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:28:11.0222 0x171c hcw85cir - ok
12:28:11.0257 0x171c [ 5BA6AEBB9B124D257A8BE9923837FDC3, 3495FACFE152773D82945D9C9E67F689CEFF34B0EC49E6ACE4FE29A10EDBC10C ] HCWF9BDA C:\Windows\system32\Drivers\hcwF9b64.sys
12:28:11.0261 0x171c HCWF9BDA - ok
12:28:11.0309 0x171c [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:28:11.0318 0x171c HdAudAddService - ok
12:28:11.0333 0x171c [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:28:11.0336 0x171c HDAudBus - ok
12:28:11.0344 0x171c [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:28:11.0346 0x171c HidBatt - ok
12:28:11.0369 0x171c [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:28:11.0372 0x171c HidBth - ok
12:28:11.0393 0x171c [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:28:11.0394 0x171c HidIr - ok
12:28:11.0431 0x171c [ 943B20F119F05BCAB4D2593E2D3D4278, 7056691C0EFF0AA236195BD254E452C026EEDFB2E257330F92A072D4CEC3B712 ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
12:28:11.0432 0x171c hidkmdf - ok
12:28:11.0456 0x171c [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:28:11.0458 0x171c hidserv - ok
12:28:11.0483 0x171c [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:28:11.0484 0x171c HidUsb - ok
12:28:11.0517 0x171c [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:28:11.0520 0x171c hkmsvc - ok
12:28:11.0562 0x171c [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:28:11.0567 0x171c HomeGroupListener - ok
12:28:11.0603 0x171c [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:28:11.0607 0x171c HomeGroupProvider - ok
12:28:11.0642 0x171c [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:28:11.0644 0x171c HpSAMD - ok
12:28:11.0699 0x171c [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:28:11.0711 0x171c HTTP - ok
12:28:11.0761 0x171c [ 4B5C07DB91A0099272FAAE732E1152BD, E0408F85A2E1E310F5143A01A34456F120875D21E0E9D0A9F9EBC96514CFC47C ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
12:28:11.0763 0x171c hwdatacard - ok
12:28:11.0794 0x171c [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:28:11.0794 0x171c hwpolicy - ok
12:28:11.0835 0x171c [ 9C13A2691AC410CC7469F298684DCA5D, 2B07FE759B479A36AB4DE185AF8B4295396A1F8674587721BE7C92FC31ADFF0D ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
12:28:11.0838 0x171c hwusbfake - ok
12:28:11.0873 0x171c [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:28:11.0875 0x171c i8042prt - ok
12:28:11.0906 0x171c [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:28:11.0913 0x171c iaStorV - ok
12:28:12.0036 0x171c [ D3090576412EC63E0C6271D8B0974D73, 0E7EB7818FE248DCA5FE6CDFBD540A862B39E0A88609141FB3D7D1F82E0521D6 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
12:28:12.0081 0x171c IconMan_R - ok
12:28:12.0139 0x171c [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:28:12.0154 0x171c idsvc - ok
12:28:12.0159 0x171c IEEtwCollectorService - ok
12:28:12.0191 0x171c [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:28:12.0192 0x171c iirsp - ok
12:28:12.0249 0x171c [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:28:12.0266 0x171c IKEEXT - ok
12:28:12.0315 0x171c [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:28:12.0322 0x171c IntcDAud - ok
12:28:12.0360 0x171c [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:28:12.0361 0x171c intelide - ok
12:28:12.0756 0x171c [ 33FAA40B288002C89529DBD14F3AB72C, 670BA536796322122EBD93F256331899DD2E1834471B017A58F74132EE8DFDB7 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
12:28:12.0969 0x171c intelkmd - ok
12:28:13.0138 0x171c [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:28:13.0140 0x171c intelppm - ok
12:28:13.0162 0x171c [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:28:13.0165 0x171c IPBusEnum - ok
12:28:13.0199 0x171c [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:28:13.0201 0x171c IpFilterDriver - ok
12:28:13.0244 0x171c [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:28:13.0254 0x171c iphlpsvc - ok
12:28:13.0286 0x171c [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:28:13.0287 0x171c IPMIDRV - ok
12:28:13.0311 0x171c [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:28:13.0313 0x171c IPNAT - ok
12:28:13.0329 0x171c [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:28:13.0329 0x171c IRENUM - ok
12:28:13.0340 0x171c [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:28:13.0341 0x171c isapnp - ok
12:28:13.0381 0x171c [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:28:13.0386 0x171c iScsiPrt - ok
12:28:13.0407 0x171c [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:28:13.0408 0x171c kbdclass - ok
12:28:13.0445 0x171c [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:28:13.0446 0x171c kbdhid - ok
12:28:13.0462 0x171c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:28:13.0464 0x171c KeyIso - ok
12:28:13.0495 0x171c [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:28:13.0497 0x171c KSecDD - ok
12:28:13.0515 0x171c [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:28:13.0518 0x171c KSecPkg - ok
12:28:13.0545 0x171c [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:28:13.0546 0x171c ksthunk - ok
12:28:13.0576 0x171c [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:28:13.0587 0x171c KtmRm - ok
12:28:13.0651 0x171c [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:28:13.0658 0x171c LanmanServer - ok
12:28:13.0695 0x171c [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:28:13.0699 0x171c LanmanWorkstation - ok
12:28:13.0725 0x171c [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:28:13.0731 0x171c lltdio - ok
12:28:13.0768 0x171c [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:28:13.0774 0x171c lltdsvc - ok
12:28:13.0793 0x171c [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:28:13.0794 0x171c lmhosts - ok
12:28:13.0809 0x171c [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:28:13.0811 0x171c LSI_FC - ok
12:28:13.0823 0x171c [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:28:13.0825 0x171c LSI_SAS - ok
12:28:13.0840 0x171c [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:28:13.0841 0x171c LSI_SAS2 - ok
12:28:13.0861 0x171c [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:28:13.0864 0x171c LSI_SCSI - ok
12:28:13.0879 0x171c [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:28:13.0882 0x171c luafv - ok
12:28:13.0907 0x171c [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:28:13.0909 0x171c Mcx2Svc - ok
12:28:13.0927 0x171c [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:28:13.0928 0x171c megasas - ok
12:28:13.0955 0x171c [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:28:13.0960 0x171c MegaSR - ok
12:28:13.0997 0x171c [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:28:13.0998 0x171c MEIx64 - ok
12:28:14.0047 0x171c [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:28:14.0049 0x171c Microsoft Office Groove Audit Service - ok
12:28:14.0074 0x171c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:28:14.0075 0x171c MMCSS - ok
12:28:14.0098 0x171c [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:28:14.0099 0x171c Modem - ok
12:28:14.0112 0x171c [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:28:14.0113 0x171c monitor - ok
12:28:14.0153 0x171c [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:28:14.0154 0x171c mouclass - ok
12:28:14.0171 0x171c [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:28:14.0171 0x171c mouhid - ok
12:28:14.0207 0x171c [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:28:14.0209 0x171c mountmgr - ok
12:28:14.0250 0x171c [ 28048289E32294004A86935CC40A3252, D397C3BAD6BCDA33FA0982E10677598E8BDF69A0933D19A36873CB45BA4FB819 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:28:14.0252 0x171c MozillaMaintenance - ok
12:28:14.0286 0x171c [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:28:14.0289 0x171c mpio - ok
12:28:14.0311 0x171c [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:28:14.0312 0x171c mpsdrv - ok
12:28:14.0380 0x171c [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:28:14.0396 0x171c MpsSvc - ok
12:28:14.0445 0x171c [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:28:14.0448 0x171c MRxDAV - ok
12:28:14.0482 0x171c [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:28:14.0486 0x171c mrxsmb - ok
12:28:14.0511 0x171c [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:28:14.0518 0x171c mrxsmb10 - ok
12:28:14.0536 0x171c [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:28:14.0538 0x171c mrxsmb20 - ok
12:28:14.0563 0x171c [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:28:14.0564 0x171c msahci - ok
12:28:14.0584 0x171c [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:28:14.0587 0x171c msdsm - ok
12:28:14.0607 0x171c [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:28:14.0610 0x171c MSDTC - ok
12:28:14.0638 0x171c [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:28:14.0640 0x171c Msfs - ok
12:28:14.0650 0x171c [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:28:14.0650 0x171c mshidkmdf - ok
12:28:14.0681 0x171c [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:28:14.0682 0x171c msisadrv - ok
12:28:14.0705 0x171c [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:28:14.0708 0x171c MSiSCSI - ok
12:28:14.0712 0x171c msiserver - ok
12:28:14.0728 0x171c [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:28:14.0729 0x171c MSKSSRV - ok
12:28:14.0743 0x171c [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:28:14.0744 0x171c MSPCLOCK - ok
12:28:14.0787 0x171c [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:28:14.0788 0x171c MSPQM - ok
12:28:14.0827 0x171c [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:28:14.0834 0x171c MsRPC - ok
12:28:14.0875 0x171c [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:28:14.0876 0x171c mssmbios - ok
12:28:14.0895 0x171c [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:28:14.0896 0x171c MSTEE - ok
12:28:14.0907 0x171c [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:28:14.0908 0x171c MTConfig - ok
12:28:14.0921 0x171c [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:28:14.0922 0x171c Mup - ok
12:28:14.0969 0x171c [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:28:14.0978 0x171c napagent - ok
12:28:14.0996 0x171c [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:28:15.0001 0x171c NativeWifiP - ok
12:28:15.0065 0x171c [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:28:15.0081 0x171c NDIS - ok
12:28:15.0098 0x171c [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:28:15.0100 0x171c NdisCap - ok
12:28:15.0132 0x171c [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:28:15.0133 0x171c NdisTapi - ok
12:28:15.0166 0x171c [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:28:15.0168 0x171c Ndisuio - ok
12:28:15.0202 0x171c [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:28:15.0206 0x171c NdisWan - ok
12:28:15.0236 0x171c [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:28:15.0239 0x171c NDProxy - ok
12:28:15.0263 0x171c [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:28:15.0264 0x171c NetBIOS - ok
12:28:15.0305 0x171c [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:28:15.0310 0x171c NetBT - ok
12:28:15.0323 0x171c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:28:15.0324 0x171c Netlogon - ok
12:28:15.0362 0x171c [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:28:15.0368 0x171c Netman - ok
12:28:15.0410 0x171c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:28:15.0412 0x171c NetMsmqActivator - ok
12:28:15.0419 0x171c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:28:15.0422 0x171c NetPipeActivator - ok
12:28:15.0451 0x171c [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:28:15.0460 0x171c netprofm - ok
12:28:15.0571 0x171c [ 2EED549279D7FBD10B846B5397573967, 4F7EBB6C1AC58D1EFFA7A86AC799137FC88F5CCA3AC27E563B4EE2AF1EAE4ECC ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
12:28:15.0612 0x171c netr28x - ok
12:28:15.0630 0x171c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:28:15.0633 0x171c NetTcpActivator - ok
12:28:15.0640 0x171c [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:28:15.0644 0x171c NetTcpPortSharing - ok
12:28:15.0667 0x171c [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:28:15.0668 0x171c nfrd960 - ok
12:28:15.0702 0x171c [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:28:15.0708 0x171c NlaSvc - ok
12:28:15.0718 0x171c [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:28:15.0719 0x171c Npfs - ok
12:28:15.0748 0x171c [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:28:15.0749 0x171c nsi - ok
12:28:15.0764 0x171c [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:28:15.0765 0x171c nsiproxy - ok
12:28:15.0847 0x171c [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:28:15.0876 0x171c Ntfs - ok
12:28:15.0911 0x171c [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:28:15.0912 0x171c Null - ok
12:28:15.0935 0x171c [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:28:15.0938 0x171c nvraid - ok
12:28:15.0980 0x171c [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:28:15.0983 0x171c nvstor - ok
12:28:15.0998 0x171c [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:28:16.0000 0x171c nv_agp - ok
12:28:16.0088 0x171c [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:28:16.0096 0x171c odserv - ok
12:28:16.0127 0x171c [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:28:16.0129 0x171c ohci1394 - ok
12:28:16.0172 0x171c [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:28:16.0174 0x171c ose - ok
12:28:16.0211 0x171c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:28:16.0219 0x171c p2pimsvc - ok
12:28:16.0259 0x171c [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:28:16.0268 0x171c p2psvc - ok
12:28:16.0299 0x171c [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:28:16.0301 0x171c Parport - ok
12:28:16.0329 0x171c [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:28:16.0330 0x171c partmgr - ok
12:28:16.0369 0x171c [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:28:16.0374 0x171c PcaSvc - ok
12:28:16.0396 0x171c [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:28:16.0401 0x171c pci - ok
12:28:16.0440 0x171c [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:28:16.0441 0x171c pciide - ok
12:28:16.0474 0x171c [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:28:16.0479 0x171c pcmcia - ok
12:28:16.0495 0x171c [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:28:16.0497 0x171c pcw - ok
12:28:16.0554 0x171c [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:28:16.0566 0x171c PEAUTH - ok
12:28:16.0653 0x171c [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:28:16.0655 0x171c PerfHost - ok
12:28:16.0725 0x171c [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:28:16.0749 0x171c pla - ok
12:28:16.0793 0x171c [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:28:16.0800 0x171c PlugPlay - ok
12:28:16.0825 0x171c [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:28:16.0826 0x171c PNRPAutoReg - ok
12:28:16.0849 0x171c [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:28:16.0856 0x171c PNRPsvc - ok
12:28:16.0902 0x171c [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:28:16.0911 0x171c PolicyAgent - ok
12:28:16.0952 0x171c [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:28:16.0956 0x171c Power - ok
12:28:16.0988 0x171c [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:28:16.0990 0x171c PptpMiniport - ok
12:28:17.0015 0x171c [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:28:17.0017 0x171c Processor - ok
12:28:17.0051 0x171c [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:28:17.0055 0x171c ProfSvc - ok
12:28:17.0072 0x171c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:28:17.0073 0x171c ProtectedStorage - ok
12:28:17.0111 0x171c [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:28:17.0114 0x171c Psched - ok
12:28:17.0145 0x171c [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:28:17.0146 0x171c PxHlpa64 - ok
12:28:17.0210 0x171c [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:28:17.0235 0x171c ql2300 - ok
12:28:17.0266 0x171c [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:28:17.0269 0x171c ql40xx - ok
12:28:17.0296 0x171c [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:28:17.0302 0x171c QWAVE - ok
12:28:17.0324 0x171c [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:28:17.0326 0x171c QWAVEdrv - ok
12:28:17.0334 0x171c [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:28:17.0336 0x171c RasAcd - ok
12:28:17.0361 0x171c [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:28:17.0362 0x171c RasAgileVpn - ok
12:28:17.0381 0x171c [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:28:17.0385 0x171c RasAuto - ok
12:28:17.0424 0x171c [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:28:17.0427 0x171c Rasl2tp - ok
12:28:17.0449 0x171c [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:28:17.0456 0x171c RasMan - ok
12:28:17.0503 0x171c [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:28:17.0505 0x171c RasPppoe - ok
12:28:17.0518 0x171c [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:28:17.0520 0x171c RasSstp - ok
12:28:17.0563 0x171c [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:28:17.0569 0x171c rdbss - ok
12:28:17.0583 0x171c [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:28:17.0603 0x171c rdpbus - ok
12:28:17.0614 0x171c [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:28:17.0615 0x171c RDPCDD - ok
12:28:17.0632 0x171c [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:28:17.0633 0x171c RDPENCDD - ok
12:28:17.0656 0x171c [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:28:17.0657 0x171c RDPREFMP - ok
12:28:17.0715 0x171c [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:28:17.0716 0x171c RdpVideoMiniport - ok
12:28:17.0750 0x171c [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:28:17.0755 0x171c RDPWD - ok
12:28:17.0793 0x171c [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:28:17.0798 0x171c rdyboost - ok
12:28:17.0822 0x171c [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:28:17.0825 0x171c RemoteAccess - ok
12:28:17.0859 0x171c [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:28:17.0862 0x171c RemoteRegistry - ok
12:28:17.0949 0x171c [ 37E8AD3CCDAEC87B05C6050DBD9B56F0, 390A981B576BBCB6595FEC1A3525A5748BB957268571E0C325B6F058F30115CE ] RIM MDNS C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
12:28:17.0956 0x171c RIM MDNS - ok
12:28:18.0009 0x171c [ B5D6FFFD964EF6DC906C80910055101C, 39D84BB696738EAE1CFBAA6176309C382DE2D1AEC8AB5BEF8538A3D104B05E77 ] RIM Tunnel Service C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
12:28:18.0032 0x171c RIM Tunnel Service - ok
12:28:18.0065 0x171c [ 13D2E03E86B34C21D108770E0B5115BB, 8A1695188DD69C377C3B3BEC0B07F5D0F4D19651D7D984BD91F0D78E6B630CC6 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:28:18.0067 0x171c RimUsb - ok
12:28:18.0080 0x171c [ A8C0368EF257B84D4E5A174FB999F7D2, D2B4FCD6B4BBA9DEBFAF24629E518211E913BC9B4D07F72BA5DA99CF4DCA6ABB ] rimvndis C:\Windows\system32\Drivers\rimvndis6_AMD64.sys
12:28:18.0081 0x171c rimvndis - ok
12:28:18.0092 0x171c [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
12:28:18.0093 0x171c RimVSerPort - ok
12:28:18.0108 0x171c [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
12:28:18.0109 0x171c ROOTMODEM - ok
12:28:18.0130 0x171c [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:28:18.0132 0x171c RpcEptMapper - ok
12:28:18.0154 0x171c [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:28:18.0156 0x171c RpcLocator - ok
12:28:18.0212 0x171c [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:28:18.0222 0x171c RpcSs - ok
12:28:18.0264 0x171c [ 6E5C3D18C3BCC72AA527DBC5FA61AB8F, DED50163906A86A55E299AAEE127B00EFCCEA7DF26AC962568C91935A13A1562 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
12:28:18.0269 0x171c RSPCIESTOR - ok
12:28:18.0289 0x171c [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:28:18.0292 0x171c rspndr - ok
12:28:18.0347 0x171c [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:28:18.0364 0x171c RTL8167 - ok
12:28:18.0382 0x171c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:28:18.0384 0x171c SamSs - ok
12:28:18.0424 0x171c [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:28:18.0426 0x171c sbp2port - ok
12:28:18.0468 0x171c [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:28:18.0473 0x171c SCardSvr - ok
12:28:18.0502 0x171c [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:28:18.0503 0x171c scfilter - ok
12:28:18.0570 0x171c [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:28:18.0593 0x171c Schedule - ok
12:28:18.0627 0x171c [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:28:18.0629 0x171c SCPolicySvc - ok
12:28:18.0650 0x171c [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:28:18.0653 0x171c SDRSVC - ok
12:28:18.0684 0x171c [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:28:18.0684 0x171c secdrv - ok
12:28:18.0720 0x171c [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:28:18.0722 0x171c seclogon - ok
12:28:18.0744 0x171c [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:28:18.0746 0x171c SENS - ok
12:28:18.0760 0x171c [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:28:18.0761 0x171c SensrSvc - ok
12:28:18.0776 0x171c [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:28:18.0777 0x171c Serenum - ok
12:28:18.0794 0x171c [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:28:18.0795 0x171c Serial - ok
12:28:18.0830 0x171c [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:28:18.0831 0x171c sermouse - ok
12:28:18.0872 0x171c [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:28:18.0875 0x171c SessionEnv - ok
12:28:18.0909 0x171c [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:28:18.0910 0x171c sffdisk - ok
12:28:18.0928 0x171c [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:28:18.0929 0x171c sffp_mmc - ok
12:28:18.0942 0x171c [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:28:18.0942 0x171c sffp_sd - ok
12:28:18.0974 0x171c [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:28:18.0975 0x171c sfloppy - ok
12:28:19.0015 0x171c [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:28:19.0022 0x171c SharedAccess - ok
12:28:19.0065 0x171c [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:28:19.0072 0x171c ShellHWDetection - ok
12:28:19.0089 0x171c [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:28:19.0090 0x171c SiSRaid2 - ok
12:28:19.0101 0x171c [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:28:19.0102 0x171c SiSRaid4 - ok
12:28:19.0157 0x171c [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:28:19.0160 0x171c SkypeUpdate - ok
12:28:19.0180 0x171c [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:28:19.0182 0x171c Smb - ok
12:28:19.0204 0x171c [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:28:19.0206 0x171c SNMPTRAP - ok
12:28:19.0271 0x171c [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
12:28:19.0274 0x171c Sony PC Companion - ok
12:28:19.0291 0x171c [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:28:19.0292 0x171c spldr - ok
12:28:19.0342 0x171c [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:28:19.0354 0x171c Spooler - ok
12:28:19.0498 0x171c [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:28:19.0559 0x171c sppsvc - ok
12:28:19.0599 0x171c [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:28:19.0619 0x171c sppuinotify - ok
12:28:19.0664 0x171c [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:28:19.0672 0x171c srv - ok
12:28:19.0692 0x171c [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:28:19.0704 0x171c srv2 - ok
12:28:19.0723 0x171c [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:28:19.0726 0x171c srvnet - ok
12:28:19.0744 0x171c [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:28:19.0749 0x171c SSDPSRV - ok
12:28:19.0763 0x171c [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:28:19.0767 0x171c SstpSvc - ok
12:28:20.0147 0x171c [ 7BF818B11C1FEDC3E76D233124470A30, 77CEF8CBAECB30FC3487830CEAD272287D2A4400B5059DB8930A37EE5F5F7E7E ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
12:28:20.0152 0x171c STacSV - ok
12:28:20.0241 0x171c [ 189879824D01F9A0DD1D72259A120F50, D587688E9EF7C43319AB87EEA368C9310F3A8F4A8A6D8A6E427A54126C209DF0 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:28:20.0255 0x171c Steam Client Service - ok
12:28:20.0278 0x171c [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:28:20.0279 0x171c stexstor - ok
12:28:20.0314 0x171c [ EBC1A5E076A9BE314D3D9E8ED19ABB0A, 7ED7AE9EEEC492D7176E093F6E080E5B3DC6F342041FD88F5848E8522EA06742 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:28:20.0323 0x171c STHDA - ok
12:28:20.0371 0x171c [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:28:20.0383 0x171c stisvc - ok
12:28:20.0411 0x171c [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:28:20.0411 0x171c swenum - ok
12:28:20.0506 0x171c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:28:20.0514 0x171c SwitchBoard - ok
12:28:20.0560 0x171c [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:28:20.0570 0x171c swprv - ok
12:28:20.0604 0x171c [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:28:20.0611 0x171c SynTP - ok
12:28:20.0688 0x171c [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:28:20.0718 0x171c SysMain - ok
12:28:20.0761 0x171c [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:28:20.0763 0x171c TabletInputService - ok
12:28:20.0789 0x171c [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:28:20.0795 0x171c TapiSrv - ok
12:28:20.0812 0x171c [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:28:20.0814 0x171c TBS - ok
12:28:20.0897 0x171c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:28:20.0933 0x171c Tcpip - ok
12:28:20.0996 0x171c [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:28:21.0028 0x171c TCPIP6 - ok
12:28:21.0066 0x171c [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:28:21.0067 0x171c tcpipreg - ok
12:28:21.0099 0x171c [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:28:21.0100 0x171c TDPIPE - ok
12:28:21.0133 0x171c [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:28:21.0134 0x171c TDTCP - ok
12:28:21.0166 0x171c [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:28:21.0168 0x171c tdx - ok
12:28:21.0209 0x171c [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:28:21.0210 0x171c TermDD - ok
12:28:21.0262 0x171c [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
12:28:21.0276 0x171c TermService - ok
12:28:21.0298 0x171c [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:28:21.0300 0x171c Themes - ok
12:28:21.0327 0x171c [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:28:21.0329 0x171c THREADORDER - ok
12:28:21.0347 0x171c [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:28:21.0350 0x171c TrkWks - ok
12:28:21.0399 0x171c [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:28:21.0403 0x171c TrustedInstaller - ok
12:28:21.0435 0x171c [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:28:21.0436 0x171c tssecsrv - ok
12:28:21.0474 0x171c [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:28:21.0475 0x171c TsUsbFlt - ok
12:28:21.0515 0x171c [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:28:21.0517 0x171c tunnel - ok
12:28:21.0549 0x171c [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:28:21.0550 0x171c uagp35 - ok
12:28:21.0632 0x171c [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:28:21.0638 0x171c udfs - ok
12:28:21.0663 0x171c [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:28:21.0666 0x171c UI0Detect - ok
12:28:21.0678 0x171c [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:28:21.0680 0x171c uliagpkx - ok
12:28:21.0709 0x171c [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
12:28:21.0710 0x171c umbus - ok
12:28:21.0738 0x171c [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:28:21.0738 0x171c UmPass - ok
12:28:21.0764 0x171c [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:28:21.0771 0x171c upnphost - ok
12:28:21.0816 0x171c [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:28:21.0819 0x171c usbccgp - ok
12:28:21.0842 0x171c [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:28:21.0844 0x171c usbcir - ok
12:28:21.0863 0x171c [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:28:21.0864 0x171c usbehci - ok
12:28:21.0882 0x171c [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:28:21.0888 0x171c usbhub - ok
12:28:21.0906 0x171c [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:28:21.0907 0x171c usbohci - ok
12:28:21.0932 0x171c [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:28:21.0933 0x171c usbprint - ok
12:28:21.0969 0x171c [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys
12:28:21.0970 0x171c usbrndis6 - ok
12:28:21.0996 0x171c [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:28:21.0997 0x171c usbscan - ok
12:28:22.0028 0x171c [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:28:22.0030 0x171c USBSTOR - ok
12:28:22.0061 0x171c [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:28:22.0062 0x171c usbuhci - ok
12:28:22.0080 0x171c [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:28:22.0083 0x171c usbvideo - ok
12:28:22.0101 0x171c [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:28:22.0103 0x171c UxSms - ok
12:28:22.0113 0x171c [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:28:22.0115 0x171c VaultSvc - ok
12:28:22.0131 0x171c [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:28:22.0132 0x171c vdrvroot - ok
12:28:22.0181 0x171c [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:28:22.0190 0x171c vds - ok
12:28:22.0220 0x171c [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:28:22.0221 0x171c vga - ok
12:28:22.0235 0x171c [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:28:22.0236 0x171c VgaSave - ok
12:28:22.0277 0x171c [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:28:22.0281 0x171c vhdmp - ok
12:28:22.0316 0x171c [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:28:22.0317 0x171c viaide - ok
12:28:22.0379 0x171c [ 1B0D441D8AB264D39C2B09130CC28045, 15589A3A30B05AAD35152289AAF42CB792198FD15B55D6A7D5E4C1CE58459680 ] VMCService C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
12:28:22.0380 0x171c VMCService - ok
12:28:22.0414 0x171c [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:28:22.0416 0x171c volmgr - ok
12:28:22.0459 0x171c [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:28:22.0466 0x171c volmgrx - ok
12:28:22.0568 0x171c [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:28:22.0573 0x171c volsnap - ok
12:28:22.0609 0x171c [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:28:22.0612 0x171c vsmraid - ok
12:28:22.0690 0x171c [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:28:22.0718 0x171c VSS - ok
12:28:22.0731 0x171c [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:28:22.0732 0x171c vwifibus - ok
12:28:22.0745 0x171c [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:28:22.0747 0x171c vwififlt - ok
12:28:22.0778 0x171c [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:28:22.0785 0x171c W32Time - ok
12:28:22.0814 0x171c [ 0D67B715AE6729D0B518D20B7A7BAD1C, 05B044CB816CBF54DCB634AC765A5937C76B471722C6D6E1A9C27E7EBAB68913 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
12:28:22.0816 0x171c WacHidRouter - ok
12:28:22.0851 0x171c [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:28:22.0852 0x171c WacomPen - ok
12:28:22.0871 0x171c [ 1042B08B4336EF3CE34E09435BB33A4A, A42B447B4A9B364BAE329F75D36A906999E8CB754F1B10DE322B6611FF9764F7 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
12:28:22.0871 0x171c wacomrouterfilter - ok
12:28:22.0909 0x171c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:28:22.0911 0x171c WANARP - ok
12:28:22.0915 0x171c [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:28:22.0917 0x171c Wanarpv6 - ok
12:28:22.0989 0x171c [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:28:23.0015 0x171c wbengine - ok
12:28:23.0058 0x171c [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:28:23.0063 0x171c WbioSrvc - ok
12:28:23.0110 0x171c [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:28:23.0117 0x171c wcncsvc - ok
12:28:23.0129 0x171c [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:28:23.0131 0x171c WcsPlugInService - ok
12:28:23.0151 0x171c [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:28:23.0152 0x171c Wd - ok
12:28:23.0207 0x171c [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:28:23.0221 0x171c Wdf01000 - ok
12:28:23.0236 0x171c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:28:23.0239 0x171c WdiServiceHost - ok
12:28:23.0244 0x171c [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:28:23.0247 0x171c WdiSystemHost - ok
12:28:23.0292 0x171c [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:28:23.0297 0x171c WebClient - ok
12:28:23.0335 0x171c [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:28:23.0340 0x171c Wecsvc - ok
12:28:23.0350 0x171c [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:28:23.0353 0x171c wercplsupport - ok
12:28:23.0373 0x171c [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:28:23.0376 0x171c WerSvc - ok
12:28:23.0400 0x171c [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:28:23.0401 0x171c WfpLwf - ok
12:28:23.0412 0x171c [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:28:23.0413 0x171c WIMMount - ok
12:28:23.0440 0x171c WinDefend - ok
12:28:23.0445 0x171c WinHttpAutoProxySvc - ok
12:28:23.0505 0x171c [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:28:23.0509 0x171c Winmgmt - ok
12:28:23.0600 0x171c [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
12:28:23.0638 0x171c WinRM - ok
12:28:23.0687 0x171c [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:28:23.0689 0x171c WinUsb - ok
12:28:23.0746 0x171c [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:28:23.0762 0x171c Wlansvc - ok
12:28:23.0794 0x171c [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:28:23.0794 0x171c WmiAcpi - ok
12:28:23.0826 0x171c [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:28:23.0830 0x171c wmiApSrv - ok
12:28:23.0857 0x171c WMPNetworkSvc - ok
12:28:23.0888 0x171c [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:28:23.0889 0x171c WPCSvc - ok
12:28:23.0915 0x171c [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:28:23.0919 0x171c WPDBusEnum - ok
12:28:23.0947 0x171c [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:28:23.0948 0x171c ws2ifsl - ok
12:28:23.0966 0x171c [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:28:23.0969 0x171c wscsvc - ok
12:28:23.0974 0x171c WSearch - ok
12:28:24.0037 0x171c [ CD16EB55F78AB1C92A0711F92B04B570, 387FCC84DD142AF66E15871F9D9EF67096EDFBECC6DEB9A8FB75A09168737723 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
12:28:24.0048 0x171c WTabletServiceCon - ok
12:28:24.0162 0x171c [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:28:24.0205 0x171c wuauserv - ok
12:28:24.0238 0x171c [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:28:24.0245 0x171c WudfPf - ok
12:28:24.0265 0x171c [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:28:24.0268 0x171c WUDFRd - ok
12:28:24.0290 0x171c [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:28:24.0293 0x171c wudfsvc - ok
12:28:24.0328 0x171c [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:28:24.0333 0x171c WwanSvc - ok
12:28:24.0361 0x171c ================ Scan global ===============================
12:28:24.0392 0x171c [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:28:24.0433 0x171c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:28:24.0454 0x171c [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:28:24.0478 0x171c [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:28:24.0499 0x171c [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:28:24.0506 0x171c [ Global ] - ok
12:28:24.0506 0x171c ================ Scan MBR ==================================
12:28:24.0523 0x171c [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:28:24.0796 0x171c \Device\Harddisk0\DR0 - ok
12:28:24.0797 0x171c ================ Scan VBR ==================================
12:28:24.0799 0x171c [ 4F7A71D9FFC2F3AD47D66F659FB646A0 ] \Device\Harddisk0\DR0\Partition1
12:28:24.0801 0x171c \Device\Harddisk0\DR0\Partition1 - ok
12:28:24.0803 0x171c [ 67F7610C72D6EB5B44D1539CAA3531AF ] \Device\Harddisk0\DR0\Partition2
12:28:24.0839 0x171c \Device\Harddisk0\DR0\Partition2 - ok
12:28:24.0842 0x171c [ 0C4D666E02C110555D9CB77CE2B53207 ] \Device\Harddisk0\DR0\Partition3
12:28:24.0843 0x171c \Device\Harddisk0\DR0\Partition3 - ok
12:28:24.0846 0x171c [ 7290014D764838729CD328556CB0747C ] \Device\Harddisk0\DR0\Partition4
12:28:24.0890 0x171c \Device\Harddisk0\DR0\Partition4 - ok
12:28:24.0890 0x171c ================ Scan generic autorun ======================
12:28:24.0890 0x171c SynTPEnh - ok
12:28:24.0939 0x171c [ 31F52459AA89317FFB57EBAF9B4DD8BC, 05DA7048451BEF06B059A86D7FB3084942724F3359BD67A0DFADFB3FFFF6990A ] C:\Windows\system32\igfxtray.exe
12:28:24.0942 0x171c IgfxTray - ok
12:28:24.0963 0x171c [ 39AC970429FB9E56A29655FA8B959E90, 7272BD9AB1D7D84F352C6A48A4E83D34F0AE456A3404362DCCB04BC2D7D4D564 ] C:\Windows\system32\hkcmd.exe
12:28:24.0969 0x171c HotKeysCmds - ok
12:28:24.0998 0x171c [ 7CA105C4CCDFCA407859B2DF3D05A645, 36EEE251B2A221F1974A5BE3A743135EB317FF95A32A8B31DA3791573DB7D6BE ] C:\Windows\system32\igfxpers.exe
12:28:25.0006 0x171c Persistence - ok
12:28:25.0076 0x171c [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
12:28:25.0084 0x171c AdobeAAMUpdater-1.0 - ok
12:28:25.0144 0x171c [ C6352C29C56077749CEEDD08680D347D, DF520DA9E9F8D34004E497969FC4AB0D9F057EEE5D8A0BBB91C5EBC983011ABD ] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
12:28:25.0155 0x171c BambooCore - ok
12:28:25.0386 0x171c [ 27CFFB1E41A2BE2A25957A679BD84E10, 521DC8F3439EAA780AE0DA68B0FC6E671963AF76E165590EA83D2F6896B1C941 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
12:28:25.0393 0x171c AdobeCS5ServiceManager - ok
12:28:25.0437 0x171c [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:28:25.0446 0x171c SwitchBoard - ok
12:28:25.0542 0x171c [ 9C2E66D8A9D40C4661943B235E3E5AFB, AC39141C37746AB16BB0F49D575664858AC72120F17361B01042A31102F07FF9 ] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
12:28:25.0583 0x171c MobileConnect - ok
12:28:25.0664 0x171c [ AD63907455110A66D55E899326EC6B8E, AD3E215502E237EF3D38EB2A028CC3E3A583DC8B9961EA7E8F49A50F9BC303C6 ] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
12:28:25.0671 0x171c RIMBBLaunchAgent.exe - ok
12:28:25.0819 0x171c [ FAA8D140E2886C3BC3A033A50239080A, EE5DC1010F5F8A9D4DF7F82EE38E10D5DBED1B7D44F27462605E6C80ECF2D85D ] C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
12:28:25.0892 0x171c RIM PeerManager - ok
12:28:25.0962 0x171c [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:28:25.0978 0x171c Adobe ARM - ok
12:28:26.0069 0x171c [ 5909C378DF9132FC91F50AF70A53455A, E13CE76ABAFA459BFDB4B7806E73BF57217D0800206FC24805E66573F3670604 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
12:28:26.0071 0x171c Avira Systray - ok
12:28:26.0276 0x171c [ 616954748C2F28D653C7BAE814CA51FD, D75E46D978E42C2E7041206B18591EDAF700AD27077AE4D1D76E2857A4A77BF8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
12:28:26.0287 0x171c avgnt - ok
12:28:26.0379 0x171c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:28:26.0403 0x171c Sidebar - ok
12:28:26.0437 0x171c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:28:26.0439 0x171c mctadmin - ok
12:28:26.0493 0x171c [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:28:26.0512 0x171c Sidebar - ok
12:28:26.0525 0x171c [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:28:26.0527 0x171c mctadmin - ok
12:28:26.0569 0x171c [ 46A429DDE3208A722C7C70F63C33ADBE, A1F3836EB3C3910F382040716A0A520DF0328988FB3777B74FF68B4ED645F96A ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
12:28:26.0577 0x171c Sony PC Companion - ok
12:28:26.0669 0x171c [ 091AB7C8DC82397894EA567DF965C61C, C141338B60BAB08DB4E1B030A9BC93BE4A87F578F6F40FFE2A05D87A11B3FBE6 ] C:\Users\Mandy\BlackBerryLink.exe
12:28:26.0693 0x171c BlackBerryLink.exe - ok
12:28:26.0803 0x171c [ AECBBD0C048354B07A62D275D6DFE9F0, 9D163D281641676420DA480F331DE0C0E230ECEB97D413AEE2C9878F3DD77382 ] C:\Program Files (x86)\Steam\Steam.exe
12:28:26.0834 0x171c Steam - ok
12:28:27.0040 0x171c [ 252ACA694CA538515DB1454D3CB6652D, 930352D1D04FF65D465A1E2B42164E250318A88756FD0C073E89779507829F81 ] C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
12:28:27.0127 0x171c AviraSpeedup - ok
12:28:27.0585 0x171c [ 1BDD6B2A4ACC5596C235394783A86D65, 8DFF7942D8B588C8FFEBF3BD3CEB658ADA5DE95DC645B9B430569AC3B7EFB800 ] D:\Oblivion\EADM\EADMUI.exe
12:28:27.0781 0x171c EADM - ok
12:28:27.0797 0x171c AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.310 ), 0x41000 ( enabled : updated )
12:28:27.0799 0x171c Win FW state via NFP2: enabled
12:28:34.0953 0x171c ============================================================
12:28:34.0953 0x171c Scan finished
12:28:34.0953 0x171c ============================================================
12:28:34.0960 0x0c74 Detected object count: 0
12:28:34.0960 0x0c74 Actual detected object count: 0
12:30:21.0710 0x1168 ============================================================
12:30:21.0710 0x1168 Scan started
12:30:21.0710 0x1168 Mode: Manual; SigCheck; TDLFS;
12:30:21.0710 0x1168 ============================================================
12:30:21.0710 0x1168 KSN ping started
12:30:49.0109 0x1168 KSN ping finished: true
12:30:49.0967 0x1168 ================ Scan system memory ========================
12:30:49.0967 0x1168 System memory - ok
12:30:49.0967 0x1168 ================ Scan services =============================
12:30:50.0105 0x1168 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:30:50.0197 0x1168 1394ohci - ok
12:30:50.0240 0x1168 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:30:50.0255 0x1168 ACPI - ok
12:30:50.0289 0x1168 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:30:50.0444 0x1168 AcpiPmi - ok
12:30:50.0546 0x1168 [ C5679E5186B2FC95BC76A8A9870D5456, 70AC61850B811A0A902532F098AE1D5DF4622455E56C78B89D4ABDBE4A061A48 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:30:50.0575 0x1168 AdobeARMservice - ok
12:30:50.0680 0x1168 [ 4ECFCAAE5CB380F58934F0DCF5F64E7F, D82B37E57D93484D7A3CB65470BCD54A578A695F0203A8DD441B1348C1EEA751 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:30:50.0693 0x1168 AdobeFlashPlayerUpdateSvc - ok
12:30:50.0817 0x1168 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:30:50.0835 0x1168 adp94xx - ok
12:30:50.0853 0x1168 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:30:50.0868 0x1168 adpahci - ok
12:30:50.0881 0x1168 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:30:50.0893 0x1168 adpu320 - ok
12:30:50.0923 0x1168 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:30:51.0050 0x1168 AeLookupSvc - ok
12:30:51.0095 0x1168 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD C:\Windows\system32\drivers\afd.sys
12:30:51.0123 0x1168 AFD - ok
12:30:51.0150 0x1168 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:30:51.0161 0x1168 agp440 - ok
12:30:51.0184 0x1168 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:30:51.0232 0x1168 ALG - ok
12:30:51.0263 0x1168 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:30:51.0271 0x1168 aliide - ok
12:30:51.0315 0x1168 [ 6807D94E8148771263308521E8CADE5E, C8B6E45CF0B33C97BF1F0C6F2F8CD31A9105D945932D1A8B659D5CBEE093BBED ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:30:51.0402 0x1168 AMD External Events Utility - ok
12:30:51.0444 0x1168 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:30:51.0451 0x1168 amdide - ok
12:30:51.0482 0x1168 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:30:51.0510 0x1168 AmdK8 - ok
12:30:51.0858 0x1168 [ F784F9BF32E708C71A63220E89A58496, A39750F1839763313CFFAB4AC897EA088DC02EA3BF84D58DE1504E5FF40AB828 ] amdkmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:30:52.0115 0x1168 amdkmdag - ok
12:30:52.0152 0x1168 [ 43FD45C0DFE0A0FF2B8BE0D4AC165E18, CAFA1E5D0C3474E862B51A379CB8C5491C1E12803741AAA45CA46365E112C991 ] amdkmdap C:\Windows\system32\DRIVERS\atikmpag.sys
12:30:52.0183 0x1168 amdkmdap - ok
12:30:52.0204 0x1168 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:30:52.0215 0x1168 AmdPPM - ok
12:30:52.0241 0x1168 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:30:52.0251 0x1168 amdsata - ok
12:30:52.0273 0x1168 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:30:52.0285 0x1168 amdsbs - ok
12:30:52.0299 0x1168 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:30:52.0307 0x1168 amdxata - ok
12:30:52.0526 0x1168 [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
12:30:52.0557 0x1168 AntiVirSchedulerService - ok
12:30:52.0596 0x1168 [ 6F1BBF101B6DC9D34A564C2009D83B63, 1679D48C5A2CE6434E09F1D1330E616F8130C7A0ADF5C14D847CCEABDDA2950E ] AntiVirService C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
12:30:52.0610 0x1168 AntiVirService - ok
12:30:52.0652 0x1168 [ E68A60DEFD150B73F9617A0537239449, 2DC780D677388E03936E9E99070C60A467D32145B3A02344D9F670714D71F5AF ] AntiVirWebService C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
12:30:52.0678 0x1168 AntiVirWebService - ok
12:30:52.0717 0x1168 [ 80B9412C4DE09147581FC935FB4C97AB, 0C9661F7B5EF7F9D61981790B7AB64E3375BD117962166619D0CC546A2D014D3 ] AppID C:\Windows\system32\drivers\appid.sys
12:30:52.0754 0x1168 AppID - ok
12:30:52.0771 0x1168 [ F71CA01C24FC3798A717B5A6F682F9AD, 8CF1C209E7BBBAD02D6D087293C0B681CDA3170AF119CA2916C2708D8801E749 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:30:52.0798 0x1168 AppIDSvc - ok
12:30:52.0831 0x1168 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:30:52.0866 0x1168 Appinfo - ok
12:30:52.0892 0x1168 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\DRIVERS\arc.sys
12:30:52.0901 0x1168 arc - ok
12:30:52.0912 0x1168 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:30:52.0922 0x1168 arcsas - ok
12:30:52.0998 0x1168 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:30:53.0008 0x1168 aspnet_state - ok
12:30:53.0026 0x1168 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:30:53.0064 0x1168 AsyncMac - ok
12:30:53.0104 0x1168 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:30:53.0112 0x1168 atapi - ok
12:30:53.0160 0x1168 [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:30:53.0193 0x1168 AudioEndpointBuilder - ok
12:30:53.0226 0x1168 [ 2C1B6A64294F2182DC4999F923873974, 6D611636D849631BB1F852DC03A98BBFEC4D797A2707CA63427E187F0725A796 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:30:53.0251 0x1168 AudioSrv - ok
12:30:53.0282 0x1168 [ 1B87A1F2FA5B91AC1A7D171B8D952441, 4CB21F6567021DAE6B2E35B9BA84D015580E2DDFEBEB1AA9637BD93F42883DD2 ] avgntflt C:\Windows\system32\DRIVERS\avgntflt.sys
12:30:53.0297 0x1168 avgntflt - ok
12:30:53.0343 0x1168 [ AF61774060F277FE45CBD3A9A8E7D45A, 2F96DC9735BAF017603D72A258BF7A772BF8C4AFECB5AA0CAD8F8E3CCAA0F2B5 ] avipbb C:\Windows\system32\DRIVERS\avipbb.sys
12:30:53.0353 0x1168 avipbb - ok
12:30:53.0429 0x1168 [ F21955927D1C99206A8B91DE2CCE85E1, 26A6155CF46123C489CBE19B5B3E3B0D9ED02C9388E57058724B0FFB7D7C08B5 ] Avira.OE.ServiceHost C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
12:30:53.0439 0x1168 Avira.OE.ServiceHost - ok
12:30:53.0451 0x1168 [ 390184FAD8FCC1B6DA25AEBAE928C3B6, 537B0E0FAE080B55D70E990BBA0F7F22903CA340F6A42039BAD617A8ECF59119 ] avkmgr C:\Windows\system32\DRIVERS\avkmgr.sys
12:30:53.0460 0x1168 avkmgr - ok
12:30:53.0498 0x1168 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:30:53.0568 0x1168 AxInstSV - ok
12:30:53.0609 0x1168 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:30:53.0657 0x1168 b06bdrv - ok
12:30:53.0846 0x1168 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:30:53.0909 0x1168 b57nd60a - ok
12:30:53.0988 0x1168 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:30:54.0026 0x1168 BDESVC - ok
12:30:54.0042 0x1168 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:30:54.0092 0x1168 Beep - ok
12:30:54.0145 0x1168 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:30:54.0188 0x1168 BFE - ok
12:30:54.0227 0x1168 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:30:54.0406 0x1168 BITS - ok
12:30:54.0458 0x1168 [ 5AD1283BB135F69F481FD5BB2A5F62A7, 981CCF329ECB0B77506BC85C49924DED1AC4ACC194AF6865764A8A1808B18755 ] BlackBerry Device Manager C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe
12:30:54.0494 0x1168 BlackBerry Device Manager - detected UnsignedFile.Multi.Generic ( 1 )
12:30:54.0494 0x1168 Detect skipped due to KSN trusted
12:30:54.0494 0x1168 BlackBerry Device Manager - ok
12:30:54.0505 0x1168 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:30:54.0517 0x1168 blbdrive - ok
12:30:54.0548 0x1168 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:30:54.0582 0x1168 bowser - ok
12:30:54.0601 0x1168 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:30:54.0645 0x1168 BrFiltLo - ok
12:30:54.0663 0x1168 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:30:54.0678 0x1168 BrFiltUp - ok
12:30:54.0727 0x1168 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:30:54.0758 0x1168 Browser - ok
12:30:54.0787 0x1168 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:30:54.0826 0x1168 Brserid - ok
12:30:54.0843 0x1168 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:30:54.0867 0x1168 BrSerWdm - ok
12:30:54.0878 0x1168 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:30:54.0895 0x1168 BrUsbMdm - ok
12:30:54.0900 0x1168 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:30:54.0921 0x1168 BrUsbSer - ok
12:30:54.0934 0x1168 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:30:54.0956 0x1168 BTHMODEM - ok
12:30:54.0986 0x1168 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:30:55.0032 0x1168 bthserv - ok
12:30:55.0043 0x1168 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:30:55.0088 0x1168 cdfs - ok
12:30:55.0114 0x1168 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:30:55.0131 0x1168 cdrom - ok
12:30:55.0168 0x1168 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:30:55.0195 0x1168 CertPropSvc - ok
12:30:55.0223 0x1168 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:30:55.0240 0x1168 circlass - ok
12:30:55.0277 0x1168 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:30:55.0292 0x1168 CLFS - ok
12:30:55.0350 0x1168 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:30:55.0360 0x1168 clr_optimization_v2.0.50727_32 - ok
12:30:55.0397 0x1168 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:30:55.0406 0x1168 clr_optimization_v2.0.50727_64 - ok
12:30:55.0488 0x1168 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:30:55.0499 0x1168 clr_optimization_v4.0.30319_32 - ok
12:30:55.0514 0x1168 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:30:55.0526 0x1168 clr_optimization_v4.0.30319_64 - ok
12:30:55.0546 0x1168 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:30:55.0571 0x1168 CmBatt - ok
12:30:55.0582 0x1168 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:30:55.0607 0x1168 cmdide - ok
12:30:55.0654 0x1168 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:30:55.0694 0x1168 CNG - ok
12:30:55.0703 0x1168 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:30:55.0712 0x1168 Compbatt - ok
12:30:55.0752 0x1168 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:30:55.0772 0x1168 CompositeBus - ok
12:30:55.0775 0x1168 COMSysApp - ok
12:30:55.0790 0x1168 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:30:55.0799 0x1168 crcdisk - ok
12:30:55.0844 0x1168 [ 19D511CC455C19DE1ADF60E6C39C85B6, 2A05DD5EF3D0BEC2C9F4EA186E0E2D0F7BE0BF6A473D51194B09D33773AC7FAA ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:30:55.0883 0x1168 CryptSvc - ok
12:30:55.0932 0x1168 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:30:55.0979 0x1168 DcomLaunch - ok
12:30:56.0023 0x1168 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:30:56.0057 0x1168 defragsvc - ok
12:30:56.0106 0x1168 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:30:56.0144 0x1168 DfsC - ok
12:30:56.0179 0x1168 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:30:56.0221 0x1168 Dhcp - ok
12:30:56.0238 0x1168 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:30:56.0289 0x1168 discache - ok
12:30:56.0306 0x1168 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:30:56.0316 0x1168 Disk - ok
12:30:56.0356 0x1168 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:30:56.0399 0x1168 Dnscache - ok
12:30:56.0430 0x1168 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:30:56.0476 0x1168 dot3svc - ok
12:30:56.0510 0x1168 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:30:56.0554 0x1168 DPS - ok
12:30:56.0586 0x1168 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:30:56.0615 0x1168 drmkaud - ok
12:30:56.0675 0x1168 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:30:56.0703 0x1168 DXGKrnl - ok
12:30:56.0723 0x1168 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:30:56.0767 0x1168 EapHost - ok
12:30:56.0896 0x1168 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:30:56.0977 0x1168 ebdrv - ok
12:30:57.0014 0x1168 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] EFS C:\Windows\System32\lsass.exe
12:30:57.0038 0x1168 EFS - ok
12:30:57.0104 0x1168 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:30:57.0162 0x1168 ehRecvr - ok

Alt 09.11.2014, 12:47   #7
Sil@s
 
TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



12:30:57.0184 0x1168 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:30:57.0222 0x1168 ehSched - ok
12:30:57.0266 0x1168 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:30:57.0285 0x1168 elxstor - ok
12:30:57.0312 0x1168 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:30:57.0332 0x1168 ErrDev - ok
12:30:57.0368 0x1168 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:30:57.0408 0x1168 EventSystem - ok
12:30:57.0446 0x1168 [ 251AF86E0A4DDF3A6B181ED5103B06B1, 1823E7C87F0D8972A89D71B1FB633C5D43744F9803E6A8B866F6EA610032437C ] ewusbnet C:\Windows\system32\DRIVERS\ewusbnet.sys
12:30:57.0530 0x1168 ewusbnet - ok
12:30:57.0563 0x1168 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:30:57.0609 0x1168 exfat - ok
12:30:57.0634 0x1168 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:30:57.0687 0x1168 fastfat - ok
12:30:57.0743 0x1168 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:30:57.0774 0x1168 Fax - ok
12:30:57.0798 0x1168 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:30:57.0820 0x1168 fdc - ok
12:30:57.0840 0x1168 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:30:57.0869 0x1168 fdPHost - ok
12:30:57.0876 0x1168 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:30:57.0919 0x1168 FDResPub - ok
12:30:57.0933 0x1168 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:30:57.0945 0x1168 FileInfo - ok
12:30:57.0964 0x1168 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:30:58.0004 0x1168 Filetrace - ok
12:30:58.0029 0x1168 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:30:58.0042 0x1168 flpydisk - ok
12:30:58.0077 0x1168 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:30:58.0093 0x1168 FltMgr - ok
12:30:58.0157 0x1168 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:30:58.0212 0x1168 FontCache - ok
12:30:58.0281 0x1168 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:30:58.0290 0x1168 FontCache3.0.0.0 - ok
12:30:58.0317 0x1168 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:30:58.0326 0x1168 FsDepends - ok
12:30:58.0348 0x1168 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:30:58.0357 0x1168 Fs_Rec - ok
12:30:58.0406 0x1168 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:30:58.0423 0x1168 fvevol - ok
12:30:58.0438 0x1168 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:30:58.0448 0x1168 gagp30kx - ok
12:30:58.0496 0x1168 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:30:58.0554 0x1168 gpsvc - ok
12:30:58.0656 0x1168 [ 344DE044CA057ACFA0AC914B4E780907, AE1A5CB25D79F35F0C0E93BDF7DE4A734C0EEEF4B971D57EE86AD52FCB4119A2 ] HauppaugeTVServer C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
12:30:58.0671 0x1168 HauppaugeTVServer - detected UnsignedFile.Multi.Generic ( 1 )
12:30:58.0671 0x1168 Detect skipped due to KSN trusted
12:30:58.0671 0x1168 HauppaugeTVServer - ok
12:30:58.0703 0x1168 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:30:58.0724 0x1168 hcw85cir - ok
12:30:58.0749 0x1168 [ 5BA6AEBB9B124D257A8BE9923837FDC3, 3495FACFE152773D82945D9C9E67F689CEFF34B0EC49E6ACE4FE29A10EDBC10C ] HCWF9BDA C:\Windows\system32\Drivers\hcwF9b64.sys
12:30:58.0761 0x1168 HCWF9BDA - ok
12:30:58.0810 0x1168 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:30:58.0843 0x1168 HdAudAddService - ok
12:30:58.0858 0x1168 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:30:58.0882 0x1168 HDAudBus - ok
12:30:58.0912 0x1168 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:30:58.0931 0x1168 HidBatt - ok
12:30:58.0949 0x1168 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:30:58.0975 0x1168 HidBth - ok
12:30:59.0017 0x1168 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:30:59.0037 0x1168 HidIr - ok
12:30:59.0077 0x1168 [ 943B20F119F05BCAB4D2593E2D3D4278, 7056691C0EFF0AA236195BD254E452C026EEDFB2E257330F92A072D4CEC3B712 ] hidkmdf C:\Windows\system32\DRIVERS\hidkmdf.sys
12:30:59.0084 0x1168 hidkmdf - ok
12:30:59.0113 0x1168 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:30:59.0166 0x1168 hidserv - ok
12:30:59.0195 0x1168 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:30:59.0218 0x1168 HidUsb - ok
12:30:59.0251 0x1168 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:30:59.0288 0x1168 hkmsvc - ok
12:30:59.0330 0x1168 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:30:59.0358 0x1168 HomeGroupListener - ok
12:30:59.0391 0x1168 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:30:59.0419 0x1168 HomeGroupProvider - ok
12:30:59.0453 0x1168 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:30:59.0464 0x1168 HpSAMD - ok
12:30:59.0520 0x1168 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:30:59.0576 0x1168 HTTP - ok
12:30:59.0617 0x1168 [ 4B5C07DB91A0099272FAAE732E1152BD, E0408F85A2E1E310F5143A01A34456F120875D21E0E9D0A9F9EBC96514CFC47C ] hwdatacard C:\Windows\system32\DRIVERS\ewusbmdm.sys
12:30:59.0658 0x1168 hwdatacard - ok
12:30:59.0693 0x1168 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:30:59.0701 0x1168 hwpolicy - ok
12:30:59.0734 0x1168 [ 9C13A2691AC410CC7469F298684DCA5D, 2B07FE759B479A36AB4DE185AF8B4295396A1F8674587721BE7C92FC31ADFF0D ] hwusbfake C:\Windows\system32\DRIVERS\ewusbfake.sys
12:30:59.0764 0x1168 hwusbfake - ok
12:30:59.0794 0x1168 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:30:59.0805 0x1168 i8042prt - ok
12:30:59.0850 0x1168 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:30:59.0865 0x1168 iaStorV - ok
12:30:59.0979 0x1168 [ D3090576412EC63E0C6271D8B0974D73, 0E7EB7818FE248DCA5FE6CDFBD540A862B39E0A88609141FB3D7D1F82E0521D6 ] IconMan_R C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
12:31:00.0037 0x1168 IconMan_R - ok
12:31:00.0105 0x1168 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:31:00.0130 0x1168 idsvc - ok
12:31:00.0134 0x1168 IEEtwCollectorService - ok
12:31:00.0168 0x1168 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:31:00.0176 0x1168 iirsp - ok
12:31:00.0235 0x1168 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:31:00.0262 0x1168 IKEEXT - ok
12:31:00.0314 0x1168 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys
12:31:00.0338 0x1168 IntcDAud - ok
12:31:00.0369 0x1168 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:31:00.0376 0x1168 intelide - ok
12:31:00.0767 0x1168 [ 33FAA40B288002C89529DBD14F3AB72C, 670BA536796322122EBD93F256331899DD2E1834471B017A58F74132EE8DFDB7 ] intelkmd C:\Windows\system32\DRIVERS\igdpmd64.sys
12:31:01.0034 0x1168 intelkmd - ok
12:31:01.0126 0x1168 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:31:01.0150 0x1168 intelppm - ok
12:31:01.0171 0x1168 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:31:01.0214 0x1168 IPBusEnum - ok
12:31:01.0252 0x1168 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:31:01.0293 0x1168 IpFilterDriver - ok
12:31:01.0341 0x1168 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:31:01.0379 0x1168 iphlpsvc - ok
12:31:01.0405 0x1168 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:31:01.0423 0x1168 IPMIDRV - ok
12:31:01.0452 0x1168 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:31:01.0512 0x1168 IPNAT - ok
12:31:01.0546 0x1168 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:31:01.0593 0x1168 IRENUM - ok
12:31:01.0603 0x1168 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:31:01.0612 0x1168 isapnp - ok
12:31:01.0644 0x1168 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:31:01.0657 0x1168 iScsiPrt - ok
12:31:01.0670 0x1168 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\drivers\kbdclass.sys
12:31:01.0680 0x1168 kbdclass - ok
12:31:01.0718 0x1168 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
12:31:01.0729 0x1168 kbdhid - ok
12:31:01.0747 0x1168 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] KeyIso C:\Windows\system32\lsass.exe
12:31:01.0758 0x1168 KeyIso - ok
12:31:01.0791 0x1168 [ 353009DEDF918B2A51414F330CF72DEC, BF157D6E329F26E02FA16271B751B421396040DBB1D7BF9B2E0A21BC569672E2 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:31:01.0801 0x1168 KSecDD - ok
12:31:01.0822 0x1168 [ 1C2D8E18AA8FD50CD04C15CC27F7F5AB, 4BA3B0F9F01BD47D66091D3AD86B69A523981D61DFB4D677F2CD39405B2DA989 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:31:01.0833 0x1168 KSecPkg - ok
12:31:01.0862 0x1168 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:31:01.0902 0x1168 ksthunk - ok
12:31:01.0937 0x1168 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:31:01.0972 0x1168 KtmRm - ok
12:31:02.0011 0x1168 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:31:02.0042 0x1168 LanmanServer - ok
12:31:02.0079 0x1168 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:31:02.0108 0x1168 LanmanWorkstation - ok
12:31:02.0142 0x1168 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:31:02.0177 0x1168 lltdio - ok
12:31:02.0207 0x1168 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:31:02.0243 0x1168 lltdsvc - ok
12:31:02.0254 0x1168 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:31:02.0282 0x1168 lmhosts - ok
12:31:02.0303 0x1168 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:31:02.0314 0x1168 LSI_FC - ok
12:31:02.0350 0x1168 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:31:02.0360 0x1168 LSI_SAS - ok
12:31:02.0377 0x1168 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:31:02.0386 0x1168 LSI_SAS2 - ok
12:31:02.0399 0x1168 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:31:02.0411 0x1168 LSI_SCSI - ok
12:31:02.0427 0x1168 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:31:02.0481 0x1168 luafv - ok
12:31:02.0511 0x1168 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:31:02.0524 0x1168 Mcx2Svc - ok
12:31:02.0552 0x1168 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:31:02.0561 0x1168 megasas - ok
12:31:02.0580 0x1168 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:31:02.0593 0x1168 MegaSR - ok
12:31:02.0633 0x1168 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:31:02.0642 0x1168 MEIx64 - ok
12:31:02.0695 0x1168 [ FAFE367D032ED82E9332B4C741A20216, 7B123766E360570E0FCB211835B7910D6A1806C25A06BCA9227AB9E993376CA8 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
12:31:02.0702 0x1168 Microsoft Office Groove Audit Service - ok
12:31:02.0732 0x1168 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:31:02.0774 0x1168 MMCSS - ok
12:31:02.0789 0x1168 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:31:02.0830 0x1168 Modem - ok
12:31:02.0837 0x1168 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:31:02.0857 0x1168 monitor - ok
12:31:02.0888 0x1168 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:31:02.0897 0x1168 mouclass - ok
12:31:02.0906 0x1168 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:31:02.0931 0x1168 mouhid - ok
12:31:02.0964 0x1168 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:31:02.0974 0x1168 mountmgr - ok
12:31:03.0007 0x1168 [ 28048289E32294004A86935CC40A3252, D397C3BAD6BCDA33FA0982E10677598E8BDF69A0933D19A36873CB45BA4FB819 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:31:03.0018 0x1168 MozillaMaintenance - ok
12:31:03.0054 0x1168 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:31:03.0065 0x1168 mpio - ok
12:31:03.0090 0x1168 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:31:03.0133 0x1168 mpsdrv - ok
12:31:03.0191 0x1168 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:31:03.0254 0x1168 MpsSvc - ok
12:31:03.0290 0x1168 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:31:03.0334 0x1168 MRxDAV - ok
12:31:03.0372 0x1168 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:31:03.0400 0x1168 mrxsmb - ok
12:31:03.0423 0x1168 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:31:03.0450 0x1168 mrxsmb10 - ok
12:31:03.0469 0x1168 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:31:03.0485 0x1168 mrxsmb20 - ok
12:31:03.0508 0x1168 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:31:03.0517 0x1168 msahci - ok
12:31:03.0539 0x1168 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:31:03.0550 0x1168 msdsm - ok
12:31:03.0573 0x1168 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:31:03.0624 0x1168 MSDTC - ok
12:31:03.0649 0x1168 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:31:03.0675 0x1168 Msfs - ok
12:31:03.0693 0x1168 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:31:03.0724 0x1168 mshidkmdf - ok
12:31:03.0758 0x1168 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:31:03.0766 0x1168 msisadrv - ok
12:31:03.0793 0x1168 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:31:03.0831 0x1168 MSiSCSI - ok
12:31:03.0834 0x1168 msiserver - ok
12:31:03.0860 0x1168 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:31:03.0887 0x1168 MSKSSRV - ok
12:31:03.0897 0x1168 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:31:03.0932 0x1168 MSPCLOCK - ok
12:31:03.0940 0x1168 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:31:03.0977 0x1168 MSPQM - ok
12:31:04.0057 0x1168 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:31:04.0073 0x1168 MsRPC - ok
12:31:04.0106 0x1168 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:31:04.0114 0x1168 mssmbios - ok
12:31:04.0137 0x1168 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:31:04.0177 0x1168 MSTEE - ok
12:31:04.0193 0x1168 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:31:04.0203 0x1168 MTConfig - ok
12:31:04.0218 0x1168 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:31:04.0227 0x1168 Mup - ok
12:31:04.0277 0x1168 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:31:04.0319 0x1168 napagent - ok
12:31:04.0369 0x1168 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:31:04.0407 0x1168 NativeWifiP - ok
12:31:04.0457 0x1168 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:31:04.0493 0x1168 NDIS - ok
12:31:04.0505 0x1168 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:31:04.0544 0x1168 NdisCap - ok
12:31:04.0561 0x1168 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:31:04.0599 0x1168 NdisTapi - ok
12:31:04.0639 0x1168 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:31:04.0673 0x1168 Ndisuio - ok
12:31:04.0708 0x1168 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:31:04.0754 0x1168 NdisWan - ok
12:31:04.0786 0x1168 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:31:04.0828 0x1168 NDProxy - ok
12:31:04.0857 0x1168 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:31:04.0884 0x1168 NetBIOS - ok
12:31:04.0920 0x1168 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:31:04.0968 0x1168 NetBT - ok
12:31:04.0982 0x1168 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] Netlogon C:\Windows\system32\lsass.exe
12:31:04.0991 0x1168 Netlogon - ok
12:31:05.0022 0x1168 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:31:05.0066 0x1168 Netman - ok
12:31:05.0103 0x1168 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:31:05.0115 0x1168 NetMsmqActivator - ok
12:31:05.0136 0x1168 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:31:05.0148 0x1168 NetPipeActivator - ok
12:31:05.0177 0x1168 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:31:05.0214 0x1168 netprofm - ok
12:31:05.0317 0x1168 [ 2EED549279D7FBD10B846B5397573967, 4F7EBB6C1AC58D1EFFA7A86AC799137FC88F5CCA3AC27E563B4EE2AF1EAE4ECC ] netr28x C:\Windows\system32\DRIVERS\netr28x.sys
12:31:05.0369 0x1168 netr28x - ok
12:31:05.0389 0x1168 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:31:05.0401 0x1168 NetTcpActivator - ok
12:31:05.0423 0x1168 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:31:05.0435 0x1168 NetTcpPortSharing - ok
12:31:05.0459 0x1168 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:31:05.0467 0x1168 nfrd960 - ok
12:31:05.0503 0x1168 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:31:05.0534 0x1168 NlaSvc - ok
12:31:05.0554 0x1168 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:31:05.0583 0x1168 Npfs - ok
12:31:05.0606 0x1168 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:31:05.0643 0x1168 nsi - ok
12:31:05.0666 0x1168 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:31:05.0701 0x1168 nsiproxy - ok
12:31:05.0792 0x1168 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:31:05.0839 0x1168 Ntfs - ok
12:31:05.0857 0x1168 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:31:05.0896 0x1168 Null - ok
12:31:05.0914 0x1168 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:31:05.0925 0x1168 nvraid - ok
12:31:05.0959 0x1168 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:31:05.0974 0x1168 nvstor - ok
12:31:05.0988 0x1168 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:31:05.0999 0x1168 nv_agp - ok
12:31:06.0068 0x1168 [ 84DE1DD996B48B05ACE31AD015FA108A, 4B9D1E4EF83ECED6C77F23D9879C124534F7053D7423E3A2D0F67A4A720CEA94 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:31:06.0083 0x1168 odserv - ok
12:31:06.0117 0x1168 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:31:06.0138 0x1168 ohci1394 - ok
12:31:06.0173 0x1168 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:31:06.0183 0x1168 ose - ok
12:31:06.0223 0x1168 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:31:06.0263 0x1168 p2pimsvc - ok
12:31:06.0293 0x1168 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:31:06.0312 0x1168 p2psvc - ok
12:31:06.0345 0x1168 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:31:06.0364 0x1168 Parport - ok
12:31:06.0396 0x1168 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:31:06.0407 0x1168 partmgr - ok
12:31:06.0447 0x1168 [ 256390425414F90FCBC12F525A84EB11, A4992020BF6A239AD8A77125426E2C39980C9ABC971C4DBCB24B358F946AD7F9 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:31:06.0488 0x1168 PcaSvc - ok
12:31:06.0506 0x1168 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:31:06.0519 0x1168 pci - ok
12:31:06.0551 0x1168 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:31:06.0560 0x1168 pciide - ok
12:31:06.0586 0x1168 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:31:06.0603 0x1168 pcmcia - ok
12:31:06.0617 0x1168 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:31:06.0626 0x1168 pcw - ok
12:31:06.0686 0x1168 [ 946010CDFA91469351B22E2620CEBCD8, F099C92706D42ADC289B72724F7932E5D4F62A427AEC967DDB0A1D728AE59A63 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:31:06.0719 0x1168 PEAUTH - ok
12:31:06.0776 0x1168 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:31:06.0798 0x1168 PerfHost - ok
12:31:06.0869 0x1168 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:31:06.0925 0x1168 pla - ok
12:31:06.0970 0x1168 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:31:06.0998 0x1168 PlugPlay - ok
12:31:07.0024 0x1168 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:31:07.0062 0x1168 PNRPAutoReg - ok
12:31:07.0081 0x1168 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:31:07.0097 0x1168 PNRPsvc - ok
12:31:07.0144 0x1168 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:31:07.0194 0x1168 PolicyAgent - ok
12:31:07.0250 0x1168 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:31:07.0292 0x1168 Power - ok
12:31:07.0352 0x1168 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:31:07.0391 0x1168 PptpMiniport - ok
12:31:07.0424 0x1168 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:31:07.0435 0x1168 Processor - ok
12:31:07.0481 0x1168 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:31:07.0517 0x1168 ProfSvc - ok
12:31:07.0535 0x1168 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:31:07.0545 0x1168 ProtectedStorage - ok
12:31:07.0585 0x1168 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:31:07.0629 0x1168 Psched - ok
12:31:07.0685 0x1168 [ 4712CC14E720ECCCC0AA16949D18AAF1, AF0223D118A25CA14EC1AF8A40A793D3CBCBE3576CCACBCD4F9A3D3F10407262 ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:31:07.0693 0x1168 PxHlpa64 - ok
12:31:07.0751 0x1168 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:31:07.0796 0x1168 ql2300 - ok
12:31:07.0828 0x1168 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:31:07.0839 0x1168 ql40xx - ok
12:31:07.0867 0x1168 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:31:07.0884 0x1168 QWAVE - ok
12:31:07.0896 0x1168 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:31:07.0915 0x1168 QWAVEdrv - ok
12:31:07.0929 0x1168 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:31:07.0957 0x1168 RasAcd - ok
12:31:07.0977 0x1168 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:31:08.0015 0x1168 RasAgileVpn - ok
12:31:08.0041 0x1168 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:31:08.0085 0x1168 RasAuto - ok
12:31:08.0117 0x1168 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:31:08.0159 0x1168 Rasl2tp - ok
12:31:08.0176 0x1168 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:31:08.0210 0x1168 RasMan - ok
12:31:08.0229 0x1168 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:31:08.0261 0x1168 RasPppoe - ok
12:31:08.0277 0x1168 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:31:08.0315 0x1168 RasSstp - ok
12:31:08.0355 0x1168 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:31:08.0386 0x1168 rdbss - ok
12:31:08.0397 0x1168 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:31:08.0417 0x1168 rdpbus - ok
12:31:08.0429 0x1168 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:31:08.0492 0x1168 RDPCDD - ok
12:31:08.0502 0x1168 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:31:08.0531 0x1168 RDPENCDD - ok
12:31:08.0548 0x1168 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:31:08.0575 0x1168 RDPREFMP - ok
12:31:08.0640 0x1168 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:31:08.0674 0x1168 RdpVideoMiniport - ok
12:31:08.0708 0x1168 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:31:08.0739 0x1168 RDPWD - ok
12:31:08.0783 0x1168 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:31:08.0795 0x1168 rdyboost - ok
12:31:08.0812 0x1168 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:31:08.0855 0x1168 RemoteAccess - ok
12:31:08.0882 0x1168 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:31:08.0923 0x1168 RemoteRegistry - ok
12:31:09.0006 0x1168 [ 37E8AD3CCDAEC87B05C6050DBD9B56F0, 390A981B576BBCB6595FEC1A3525A5748BB957268571E0C325B6F058F30115CE ] RIM MDNS C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe
12:31:09.0017 0x1168 RIM MDNS - detected UnsignedFile.Multi.Generic ( 1 )
12:31:09.0017 0x1168 Detect skipped due to KSN trusted
12:31:09.0017 0x1168 RIM MDNS - ok
12:31:09.0076 0x1168 [ B5D6FFFD964EF6DC906C80910055101C, 39D84BB696738EAE1CFBAA6176309C382DE2D1AEC8AB5BEF8538A3D104B05E77 ] RIM Tunnel Service C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe
12:31:09.0109 0x1168 RIM Tunnel Service - detected UnsignedFile.Multi.Generic ( 1 )
12:31:09.0109 0x1168 Detect skipped due to KSN trusted
12:31:09.0109 0x1168 RIM Tunnel Service - ok
12:31:09.0144 0x1168 [ 13D2E03E86B34C21D108770E0B5115BB, 8A1695188DD69C377C3B3BEC0B07F5D0F4D19651D7D984BD91F0D78E6B630CC6 ] RimUsb C:\Windows\system32\Drivers\RimUsb_AMD64.sys
12:31:09.0180 0x1168 RimUsb - ok
12:31:09.0214 0x1168 [ A8C0368EF257B84D4E5A174FB999F7D2, D2B4FCD6B4BBA9DEBFAF24629E518211E913BC9B4D07F72BA5DA99CF4DCA6ABB ] rimvndis C:\Windows\system32\Drivers\rimvndis6_AMD64.sys
12:31:09.0237 0x1168 rimvndis - ok
12:31:09.0248 0x1168 [ 344604E6913BD6E4EAEC34AF2E0943D7, 4ADFE13AFECD0F263A27F647FC6BA1AB47B2A28F9D70FCAC90F23D0A2FB8C493 ] RimVSerPort C:\Windows\system32\DRIVERS\RimSerial_AMD64.sys
12:31:09.0272 0x1168 RimVSerPort - ok
12:31:09.0297 0x1168 [ 388D3DD1A6457280F3BADBA9F3ACD6B1, 5C534EA15195B1301C917904627AF09FE2ABA3FEE1641B5C87E8F3191BC49058 ] ROOTMODEM C:\Windows\system32\Drivers\RootMdm.sys
12:31:09.0336 0x1168 ROOTMODEM - ok
12:31:09.0363 0x1168 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:31:09.0399 0x1168 RpcEptMapper - ok
12:31:09.0420 0x1168 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:31:09.0430 0x1168 RpcLocator - ok
12:31:09.0478 0x1168 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:31:09.0516 0x1168 RpcSs - ok
12:31:09.0562 0x1168 [ 6E5C3D18C3BCC72AA527DBC5FA61AB8F, DED50163906A86A55E299AAEE127B00EFCCEA7DF26AC962568C91935A13A1562 ] RSPCIESTOR C:\Windows\system32\DRIVERS\RtsPStor.sys
12:31:09.0575 0x1168 RSPCIESTOR - ok
12:31:09.0588 0x1168 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:31:09.0630 0x1168 rspndr - ok
12:31:09.0688 0x1168 [ 9140DB0911DE035FED0A9A77A2D156EA, 07C9D7E2978062ABD84B58B390360D4C0F72C6A5A2310444579DC095943BD008 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:31:09.0706 0x1168 RTL8167 - ok
12:31:09.0714 0x1168 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] SamSs C:\Windows\system32\lsass.exe
12:31:09.0725 0x1168 SamSs - ok
12:31:09.0766 0x1168 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:31:09.0776 0x1168 sbp2port - ok
12:31:09.0811 0x1168 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:31:09.0841 0x1168 SCardSvr - ok
12:31:09.0867 0x1168 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:31:09.0901 0x1168 scfilter - ok
12:31:09.0968 0x1168 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:31:10.0025 0x1168 Schedule - ok
12:31:10.0058 0x1168 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:31:10.0086 0x1168 SCPolicySvc - ok
12:31:10.0113 0x1168 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:31:10.0153 0x1168 SDRSVC - ok
12:31:10.0181 0x1168 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:31:10.0208 0x1168 secdrv - ok
12:31:10.0239 0x1168 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:31:10.0275 0x1168 seclogon - ok
12:31:10.0296 0x1168 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:31:10.0325 0x1168 SENS - ok
12:31:10.0345 0x1168 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:31:10.0375 0x1168 SensrSvc - ok
12:31:10.0394 0x1168 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:31:10.0414 0x1168 Serenum - ok
12:31:10.0432 0x1168 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:31:10.0444 0x1168 Serial - ok
12:31:10.0481 0x1168 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:31:10.0498 0x1168 sermouse - ok
12:31:10.0534 0x1168 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:31:10.0579 0x1168 SessionEnv - ok
12:31:10.0604 0x1168 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:31:10.0626 0x1168 sffdisk - ok
12:31:10.0634 0x1168 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:31:10.0657 0x1168 sffp_mmc - ok
12:31:10.0670 0x1168 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:31:10.0681 0x1168 sffp_sd - ok
12:31:10.0713 0x1168 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:31:10.0723 0x1168 sfloppy - ok
12:31:10.0765 0x1168 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:31:10.0799 0x1168 SharedAccess - ok
12:31:10.0892 0x1168 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:31:10.0926 0x1168 ShellHWDetection - ok
12:31:10.0938 0x1168 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:31:10.0946 0x1168 SiSRaid2 - ok
12:31:10.0960 0x1168 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:31:10.0971 0x1168 SiSRaid4 - ok
12:31:11.0017 0x1168 [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:31:11.0030 0x1168 SkypeUpdate - ok
12:31:11.0051 0x1168 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:31:11.0081 0x1168 Smb - ok
12:31:11.0108 0x1168 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:31:11.0131 0x1168 SNMPTRAP - ok
12:31:11.0197 0x1168 [ 3A4F2C0BB87A0895ABEBA341AA1E341B, 4DADEEF3C5D181502D6F4A00FBBF3B001FA626E49569FB330D7AE2955CC7DE08 ] Sony PC Companion C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe
12:31:11.0206 0x1168 Sony PC Companion - ok
12:31:11.0228 0x1168 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:31:11.0237 0x1168 spldr - ok
12:31:11.0290 0x1168 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:31:11.0342 0x1168 Spooler - ok
12:31:11.0478 0x1168 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:31:11.0580 0x1168 sppsvc - ok
12:31:11.0613 0x1168 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:31:11.0650 0x1168 sppuinotify - ok
12:31:11.0700 0x1168 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:31:11.0731 0x1168 srv - ok
12:31:11.0761 0x1168 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:31:11.0788 0x1168 srv2 - ok
12:31:11.0803 0x1168 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:31:11.0831 0x1168 srvnet - ok
12:31:11.0858 0x1168 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:31:11.0903 0x1168 SSDPSRV - ok
12:31:11.0920 0x1168 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:31:11.0964 0x1168 SstpSvc - ok
12:31:12.0052 0x1168 [ 7BF818B11C1FEDC3E76D233124470A30, 77CEF8CBAECB30FC3487830CEAD272287D2A4400B5059DB8930A37EE5F5F7E7E ] STacSV C:\Program Files\IDT\WDM\STacSV64.exe
12:31:12.0120 0x1168 STacSV - ok
12:31:12.0178 0x1168 [ 189879824D01F9A0DD1D72259A120F50, D587688E9EF7C43319AB87EEA368C9310F3A8F4A8A6D8A6E427A54126C209DF0 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
12:31:12.0202 0x1168 Steam Client Service - ok
12:31:12.0227 0x1168 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:31:12.0236 0x1168 stexstor - ok
12:31:12.0274 0x1168 [ EBC1A5E076A9BE314D3D9E8ED19ABB0A, 7ED7AE9EEEC492D7176E093F6E080E5B3DC6F342041FD88F5848E8522EA06742 ] STHDA C:\Windows\system32\DRIVERS\stwrt64.sys
12:31:12.0310 0x1168 STHDA - ok
12:31:12.0362 0x1168 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:31:12.0407 0x1168 stisvc - ok
12:31:12.0437 0x1168 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\drivers\swenum.sys
12:31:12.0444 0x1168 swenum - ok
12:31:12.0565 0x1168 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:31:12.0590 0x1168 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
12:31:12.0590 0x1168 Detect skipped due to KSN trusted
12:31:12.0590 0x1168 SwitchBoard - ok
12:31:12.0629 0x1168 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:31:12.0667 0x1168 swprv - ok
12:31:12.0719 0x1168 [ AC3CC98B1BDB6540021D3FFB105AC2B9, 671146CC16139AECE0BCCC44983807E045A930E262F64461D0D882A0A0B77E4F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
12:31:12.0733 0x1168 SynTP - ok
12:31:12.0812 0x1168 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:31:12.0870 0x1168 SysMain - ok
12:31:12.0908 0x1168 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:31:12.0937 0x1168 TabletInputService - ok
12:31:12.0979 0x1168 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:31:13.0011 0x1168 TapiSrv - ok
12:31:13.0047 0x1168 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:31:13.0081 0x1168 TBS - ok
12:31:13.0165 0x1168 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:31:13.0213 0x1168 Tcpip - ok
12:31:13.0330 0x1168 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:31:13.0376 0x1168 TCPIP6 - ok
12:31:13.0411 0x1168 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:31:13.0420 0x1168 tcpipreg - ok
12:31:13.0444 0x1168 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:31:13.0469 0x1168 TDPIPE - ok
12:31:13.0511 0x1168 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:31:13.0520 0x1168 TDTCP - ok
12:31:13.0556 0x1168 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:31:13.0593 0x1168 tdx - ok
12:31:13.0631 0x1168 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\drivers\termdd.sys
12:31:13.0640 0x1168 TermDD - ok
12:31:13.0695 0x1168 [ 4FC4C50985E5B840F4D72E57286887B8, 0BCBB4A938803AE3A3532B6D8FFC85594AA9AEF5D8F9792684841BEA8780AE9E ] TermService C:\Windows\System32\termsrv.dll
12:31:13.0718 0x1168 TermService - ok
12:31:13.0731 0x1168 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:31:13.0760 0x1168 Themes - ok
12:31:13.0782 0x1168 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:31:13.0812 0x1168 THREADORDER - ok
12:31:13.0824 0x1168 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:31:13.0864 0x1168 TrkWks - ok
12:31:13.0910 0x1168 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:31:13.0939 0x1168 TrustedInstaller - ok
12:31:13.0967 0x1168 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:31:13.0993 0x1168 tssecsrv - ok
12:31:14.0028 0x1168 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:31:14.0053 0x1168 TsUsbFlt - ok
12:31:14.0091 0x1168 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:31:14.0119 0x1168 tunnel - ok
12:31:14.0148 0x1168 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:31:14.0157 0x1168 uagp35 - ok
12:31:14.0198 0x1168 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:31:14.0230 0x1168 udfs - ok
12:31:14.0251 0x1168 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:31:14.0277 0x1168 UI0Detect - ok
12:31:14.0298 0x1168 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:31:14.0308 0x1168 uliagpkx - ok
12:31:14.0341 0x1168 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\drivers\umbus.sys
12:31:14.0351 0x1168 umbus - ok
12:31:14.0380 0x1168 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:31:14.0397 0x1168 UmPass - ok
12:31:14.0428 0x1168 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:31:14.0479 0x1168 upnphost - ok
12:31:14.0514 0x1168 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:31:14.0537 0x1168 usbccgp - ok
12:31:14.0572 0x1168 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:31:14.0601 0x1168 usbcir - ok
12:31:14.0615 0x1168 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:31:14.0635 0x1168 usbehci - ok
12:31:14.0667 0x1168 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:31:14.0683 0x1168 usbhub - ok
12:31:14.0714 0x1168 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:31:14.0723 0x1168 usbohci - ok
12:31:14.0750 0x1168 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:31:14.0762 0x1168 usbprint - ok
12:31:14.0799 0x1168 [ 2C42E595E7E381596B9A14F88F5AE027, 948C2AD7FA0B01184312D1ABE43F2F3D85A934CF0658A8B2BDF9F0919568377B ] usbrndis6 C:\Windows\system32\DRIVERS\usb80236.sys
12:31:14.0833 0x1168 usbrndis6 - ok
12:31:14.0858 0x1168 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:31:14.0890 0x1168 usbscan - ok
12:31:14.0924 0x1168 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:31:14.0951 0x1168 USBSTOR - ok
12:31:14.0979 0x1168 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:31:14.0988 0x1168 usbuhci - ok
12:31:15.0009 0x1168 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo C:\Windows\System32\Drivers\usbvideo.sys
12:31:15.0043 0x1168 usbvideo - ok
12:31:15.0062 0x1168 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:31:15.0098 0x1168 UxSms - ok
12:31:15.0108 0x1168 [ 204F3F58212B3E422C90BD9691A2DF28, D748A8CEE4D59B4248C9B1ACA5155D0FF6635A29564B4391B7FAC6261F93FE99 ] VaultSvc C:\Windows\system32\lsass.exe
12:31:15.0118 0x1168 VaultSvc - ok
12:31:15.0147 0x1168 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:31:15.0155 0x1168 vdrvroot - ok
12:31:15.0197 0x1168 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:31:15.0235 0x1168 vds - ok
12:31:15.0259 0x1168 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:31:15.0281 0x1168 vga - ok
12:31:15.0296 0x1168 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:31:15.0323 0x1168 VgaSave - ok
12:31:15.0359 0x1168 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:31:15.0371 0x1168 vhdmp - ok
12:31:15.0399 0x1168 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:31:15.0407 0x1168 viaide - ok
12:31:15.0473 0x1168 [ 1B0D441D8AB264D39C2B09130CC28045, 15589A3A30B05AAD35152289AAF42CB792198FD15B55D6A7D5E4C1CE58459680 ] VMCService C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
12:31:15.0487 0x1168 VMCService - detected UnsignedFile.Multi.Generic ( 1 )
12:31:15.0487 0x1168 Detect skipped due to KSN trusted
12:31:15.0487 0x1168 VMCService - ok
12:31:15.0519 0x1168 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:31:15.0528 0x1168 volmgr - ok
12:31:15.0574 0x1168 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:31:15.0588 0x1168 volmgrx - ok
12:31:15.0651 0x1168 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:31:15.0665 0x1168 volsnap - ok
12:31:15.0691 0x1168 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:31:15.0703 0x1168 vsmraid - ok
12:31:15.0781 0x1168 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:31:15.0854 0x1168 VSS - ok
12:31:15.0868 0x1168 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:31:15.0891 0x1168 vwifibus - ok
12:31:15.0905 0x1168 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:31:15.0919 0x1168 vwififlt - ok
12:31:15.0949 0x1168 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:31:15.0997 0x1168 W32Time - ok
12:31:16.0029 0x1168 [ 0D67B715AE6729D0B518D20B7A7BAD1C, 05B044CB816CBF54DCB634AC765A5937C76B471722C6D6E1A9C27E7EBAB68913 ] WacHidRouter C:\Windows\system32\DRIVERS\wachidrouter.sys
12:31:16.0038 0x1168 WacHidRouter - ok
12:31:16.0066 0x1168 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:31:16.0076 0x1168 WacomPen - ok
12:31:16.0085 0x1168 [ 1042B08B4336EF3CE34E09435BB33A4A, A42B447B4A9B364BAE329F75D36A906999E8CB754F1B10DE322B6611FF9764F7 ] wacomrouterfilter C:\Windows\system32\DRIVERS\wacomrouterfilter.sys
12:31:16.0091 0x1168 wacomrouterfilter - ok
12:31:16.0123 0x1168 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:31:16.0161 0x1168 WANARP - ok
12:31:16.0165 0x1168 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:31:16.0199 0x1168 Wanarpv6 - ok
12:31:16.0270 0x1168 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:31:16.0338 0x1168 wbengine - ok
12:31:16.0372 0x1168 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:31:16.0412 0x1168 WbioSrvc - ok
12:31:16.0446 0x1168 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:31:16.0470 0x1168 wcncsvc - ok
12:31:16.0487 0x1168 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:31:16.0512 0x1168 WcsPlugInService - ok
12:31:16.0531 0x1168 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:31:16.0539 0x1168 Wd - ok
12:31:16.0598 0x1168 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:31:16.0623 0x1168 Wdf01000 - ok
12:31:16.0638 0x1168 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:31:16.0727 0x1168 WdiServiceHost - ok
12:31:16.0748 0x1168 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:31:16.0766 0x1168 WdiSystemHost - ok
12:31:16.0805 0x1168 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:31:16.0821 0x1168 WebClient - ok
12:31:16.0846 0x1168 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:31:16.0877 0x1168 Wecsvc - ok
12:31:16.0894 0x1168 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:31:16.0938 0x1168 wercplsupport - ok
12:31:16.0951 0x1168 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:31:16.0982 0x1168 WerSvc - ok
12:31:17.0011 0x1168 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:31:17.0038 0x1168 WfpLwf - ok
12:31:17.0056 0x1168 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:31:17.0064 0x1168 WIMMount - ok
12:31:17.0095 0x1168 WinDefend - ok
12:31:17.0100 0x1168 WinHttpAutoProxySvc - ok
12:31:17.0160 0x1168 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:31:17.0204 0x1168 Winmgmt - ok
12:31:17.0286 0x1168 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll
12:31:17.0357 0x1168 WinRM - ok
12:31:17.0397 0x1168 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:31:17.0409 0x1168 WinUsb - ok
12:31:17.0469 0x1168 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:31:17.0524 0x1168 Wlansvc - ok
12:31:17.0559 0x1168 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:31:17.0568 0x1168 WmiAcpi - ok
12:31:17.0602 0x1168 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:31:17.0629 0x1168 wmiApSrv - ok
12:31:17.0655 0x1168 WMPNetworkSvc - ok
12:31:17.0685 0x1168 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:31:17.0702 0x1168 WPCSvc - ok
12:31:17.0735 0x1168 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:31:17.0749 0x1168 WPDBusEnum - ok
12:31:17.0767 0x1168 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:31:17.0805 0x1168 ws2ifsl - ok
12:31:17.0863 0x1168 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:31:17.0878 0x1168 wscsvc - ok
12:31:17.0882 0x1168 WSearch - ok
12:31:17.0945 0x1168 [ CD16EB55F78AB1C92A0711F92B04B570, 387FCC84DD142AF66E15871F9D9EF67096EDFBECC6DEB9A8FB75A09168737723 ] WTabletServiceCon C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
12:31:17.0963 0x1168 WTabletServiceCon - ok
12:31:18.0067 0x1168 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\Windows\system32\wuaueng.dll
12:31:18.0126 0x1168 wuauserv - ok
12:31:18.0157 0x1168 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:31:18.0190 0x1168 WudfPf - ok
12:31:18.0206 0x1168 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:31:18.0234 0x1168 WUDFRd - ok
12:31:18.0275 0x1168 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:31:18.0302 0x1168 wudfsvc - ok
12:31:18.0335 0x1168 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:31:18.0364 0x1168 WwanSvc - ok
12:31:18.0390 0x1168 ================ Scan global ===============================
12:31:18.0421 0x1168 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:31:18.0450 0x1168 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:31:18.0462 0x1168 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:31:18.0485 0x1168 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:31:18.0507 0x1168 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:31:18.0515 0x1168 [ Global ] - ok
12:31:18.0515 0x1168 ================ Scan MBR ==================================
12:31:18.0530 0x1168 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:31:18.0888 0x1168 \Device\Harddisk0\DR0 - ok
12:31:18.0889 0x1168 ================ Scan VBR ==================================
12:31:18.0892 0x1168 [ 4F7A71D9FFC2F3AD47D66F659FB646A0 ] \Device\Harddisk0\DR0\Partition1
12:31:18.0893 0x1168 \Device\Harddisk0\DR0\Partition1 - ok
12:31:18.0898 0x1168 [ 67F7610C72D6EB5B44D1539CAA3531AF ] \Device\Harddisk0\DR0\Partition2
12:31:18.0946 0x1168 \Device\Harddisk0\DR0\Partition2 - ok
12:31:18.0948 0x1168 [ 0C4D666E02C110555D9CB77CE2B53207 ] \Device\Harddisk0\DR0\Partition3
12:31:18.0950 0x1168 \Device\Harddisk0\DR0\Partition3 - ok
12:31:18.0952 0x1168 [ 7290014D764838729CD328556CB0747C ] \Device\Harddisk0\DR0\Partition4
12:31:18.0996 0x1168 \Device\Harddisk0\DR0\Partition4 - ok
12:31:18.0996 0x1168 ================ Scan generic autorun ======================
12:31:18.0997 0x1168 SynTPEnh - ok
12:31:19.0045 0x1168 [ 31F52459AA89317FFB57EBAF9B4DD8BC, 05DA7048451BEF06B059A86D7FB3084942724F3359BD67A0DFADFB3FFFF6990A ] C:\Windows\system32\igfxtray.exe
12:31:19.0055 0x1168 IgfxTray - ok
12:31:19.0079 0x1168 [ 39AC970429FB9E56A29655FA8B959E90, 7272BD9AB1D7D84F352C6A48A4E83D34F0AE456A3404362DCCB04BC2D7D4D564 ] C:\Windows\system32\hkcmd.exe
12:31:19.0093 0x1168 HotKeysCmds - ok
12:31:19.0114 0x1168 [ 7CA105C4CCDFCA407859B2DF3D05A645, 36EEE251B2A221F1974A5BE3A743135EB317FF95A32A8B31DA3791573DB7D6BE ] C:\Windows\system32\igfxpers.exe
12:31:19.0128 0x1168 Persistence - ok
12:31:19.0193 0x1168 [ 5447AF432CDA61159ADDE218C468FFD9, 63BD74521F679F195C24C1818267ECCBD8A7F5C2B4CEF3E60EC46B5AE0AC72A8 ] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
12:31:19.0211 0x1168 AdobeAAMUpdater-1.0 - ok
12:31:19.0263 0x1168 [ C6352C29C56077749CEEDD08680D347D, DF520DA9E9F8D34004E497969FC4AB0D9F057EEE5D8A0BBB91C5EBC983011ABD ] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
12:31:19.0283 0x1168 BambooCore - ok
12:31:19.0363 0x1168 [ 27CFFB1E41A2BE2A25957A679BD84E10, 521DC8F3439EAA780AE0DA68B0FC6E671963AF76E165590EA83D2F6896B1C941 ] C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
12:31:19.0378 0x1168 AdobeCS5ServiceManager - detected UnsignedFile.Multi.Generic ( 1 )
12:31:19.0378 0x1168 Detect skipped due to KSN trusted
12:31:19.0378 0x1168 AdobeCS5ServiceManager - ok
12:31:19.0400 0x1168 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:31:19.0420 0x1168 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
12:31:19.0420 0x1168 Detect skipped due to KSN trusted
12:31:19.0420 0x1168 SwitchBoard - ok
12:31:19.0525 0x1168 [ 9C2E66D8A9D40C4661943B235E3E5AFB, AC39141C37746AB16BB0F49D575664858AC72120F17361B01042A31102F07FF9 ] C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
12:31:19.0590 0x1168 MobileConnect - detected UnsignedFile.Multi.Generic ( 1 )
12:31:19.0590 0x1168 Detect skipped due to KSN trusted
12:31:19.0590 0x1168 MobileConnect - ok
12:31:19.0638 0x1168 [ AD63907455110A66D55E899326EC6B8E, AD3E215502E237EF3D38EB2A028CC3E3A583DC8B9961EA7E8F49A50F9BC303C6 ] C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe
12:31:19.0654 0x1168 RIMBBLaunchAgent.exe - ok
12:31:19.0795 0x1168 [ FAA8D140E2886C3BC3A033A50239080A, EE5DC1010F5F8A9D4DF7F82EE38E10D5DBED1B7D44F27462605E6C80ECF2D85D ] C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe
12:31:19.0896 0x1168 RIM PeerManager - detected UnsignedFile.Multi.Generic ( 1 )
12:31:19.0896 0x1168 Detect skipped due to KSN trusted
12:31:19.0896 0x1168 RIM PeerManager - ok
12:31:19.0955 0x1168 [ 47EA5F76FAB723C61AB4A0D79BAD512C, A7A38EB0A7068B160E6949945EF639F999A06AE35746F6E79C7350745798E5C9 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
12:31:19.0981 0x1168 Adobe ARM - ok
12:31:20.0076 0x1168 [ 5909C378DF9132FC91F50AF70A53455A, E13CE76ABAFA459BFDB4B7806E73BF57217D0800206FC24805E66573F3670604 ] C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
12:31:20.0085 0x1168 Avira Systray - ok
12:31:20.0283 0x1168 [ 616954748C2F28D653C7BAE814CA51FD, D75E46D978E42C2E7041206B18591EDAF700AD27077AE4D1D76E2857A4A77BF8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
12:31:20.0302 0x1168 avgnt - ok
12:31:20.0398 0x1168 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:31:20.0456 0x1168 Sidebar - ok
12:31:20.0488 0x1168 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:31:20.0512 0x1168 mctadmin - ok
12:31:20.0562 0x1168 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
12:31:20.0595 0x1168 Sidebar - ok
12:31:20.0601 0x1168 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
12:31:20.0616 0x1168 mctadmin - ok
12:31:20.0653 0x1168 [ 46A429DDE3208A722C7C70F63C33ADBE, A1F3836EB3C3910F382040716A0A520DF0328988FB3777B74FF68B4ED645F96A ] C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
12:31:20.0668 0x1168 Sony PC Companion - ok
12:31:20.0764 0x1168 [ 091AB7C8DC82397894EA567DF965C61C, C141338B60BAB08DB4E1B030A9BC93BE4A87F578F6F40FFE2A05D87A11B3FBE6 ] C:\Users\Mandy\BlackBerryLink.exe
12:31:20.0798 0x1168 BlackBerryLink.exe - ok
12:31:20.0908 0x1168 [ AECBBD0C048354B07A62D275D6DFE9F0, 9D163D281641676420DA480F331DE0C0E230ECEB97D413AEE2C9878F3DD77382 ] C:\Program Files (x86)\Steam\Steam.exe
12:31:20.0953 0x1168 Steam - ok
12:31:21.0153 0x1168 [ 252ACA694CA538515DB1454D3CB6652D, 930352D1D04FF65D465A1E2B42164E250318A88756FD0C073E89779507829F81 ] C:\Program Files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
12:31:21.0342 0x1168 AviraSpeedup - ok
12:31:21.0799 0x1168 [ 1BDD6B2A4ACC5596C235394783A86D65, 8DFF7942D8B588C8FFEBF3BD3CEB658ADA5DE95DC645B9B430569AC3B7EFB800 ] D:\Oblivion\EADM\EADMUI.exe
12:31:22.0240 0x1168 EADM - detected UnsignedFile.Multi.Generic ( 1 )
12:31:22.0240 0x1168 Detect skipped due to KSN trusted
12:31:22.0240 0x1168 EADM - ok
12:31:22.0249 0x1168 AV detected via SS2: Avira Desktop, C:\Program Files (x86)\Avira\AntiVir Desktop\wsctool.exe ( 14.0.7.310 ), 0x41000 ( enabled : updated )
12:31:22.0251 0x1168 Win FW state via NFP2: enabled
12:31:29.0410 0x1168 ============================================================
12:31:29.0410 0x1168 Scan finished
12:31:29.0410 0x1168 ============================================================
12:31:29.0417 0x0450 Detected object count: 0
12:31:29.0417 0x0450 Actual detected object count: 0

Ich hoffe das ging so
Danke sehr

Alt 10.11.2014, 08:55   #8
schrauber
/// the machine
/// TB-Ausbilder
 

TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



hi,

Scan mit Combofix
WARNUNG an die MITLESER:
Combofix sollte ausschließlich ausgeführt werden, wenn dies von einem Teammitglied angewiesen wurde!

Downloade dir bitte Combofix vom folgenden Downloadspiegel: Link
  • WICHTIG: Speichere Combofix auf deinem Desktop.
  • Deaktiviere bitte alle deine Antivirensoftware sowie Malware/Spyware Scanner. Diese können Combofix bei der Arbeit stören. Combofix meckert auch manchmal trotzdem noch, das kannst du dann ignorieren, mir aber bitte mitteilen.
  • Starte die Combofix.exe und folge den Anweisungen auf dem Bildschirm.
  • Während Combofix läuft bitte nicht am Computer arbeiten, die Maus bewegen oder ins Combofixfenster klicken!
  • Wenn Combofix fertig ist, wird es ein Logfile erstellen.
  • Bitte poste die C:\Combofix.txt in deiner nächsten Antwort (möglichst in CODE-Tags).
Hinweis: Solltest du nach dem Neustart folgende Fehlermeldung erhalten
Es wurde versucht, einen Registrierungsschlüssel einem ungültigen Vorgang zu unterziehen, der zum Löschen markiert wurde.
starte den Rechner einfach neu. Dies sollte das Problem beheben.

__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 10.11.2014, 21:29   #9
Sil@s
 
TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



Hier die Combofix-Ergebnisse

Code:
ATTFilter
ComboFix 14-11-10.02 - Mandy 10.11.2014  21:08:52.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.49.1031.18.4044.1775 [GMT 1:00]
ausgeführt von:: c:\users\Mandy\Desktop\trojanerHILFE\ComboFix.exe
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((   Weitere Löschungen   ))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\Mandy\CE.dll
.
.
(((((((((((((((((((((((   Dateien erstellt von 2014-10-10 bis 2014-11-10  ))))))))))))))))))))))))))))))
.
.
2014-11-10 20:15 . 2014-11-10 20:15	--------	d-----w-	c:\users\Default\AppData\Local\temp
2014-11-10 20:12 . 2014-11-10 20:12	75888	----a-w-	c:\programdata\Microsoft\Windows Defender\Definition Updates\{548386F9-ABA1-4DC2-9213-9FD40AC9EE68}\offreg.dll
2014-11-08 14:42 . 2014-11-08 14:44	--------	d-----w-	C:\FRST
2014-11-08 00:54 . 2014-11-08 00:54	--------	d-----w-	c:\programdata\EA Core
2014-11-08 00:53 . 2014-11-08 00:53	--------	d-----w-	c:\program files (x86)\Electronic Arts
2014-11-08 00:53 . 2014-11-08 00:53	--------	d-----w-	c:\users\Mandy\AppData\Local\Electronic Arts
2014-11-08 00:53 . 2014-11-08 01:04	--------	d-----w-	c:\programdata\Electronic Arts
2014-11-07 23:46 . 2014-11-07 23:46	--------	d-----w-	c:\program files (x86)\EA Games
2014-11-07 21:33 . 2014-11-07 21:35	--------	d-----w-	c:\users\Mandy\AppData\Local\AviraSpeedup
2014-11-07 18:56 . 2014-11-07 18:57	--------	d-----w-	c:\programdata\Oracle
2014-11-07 18:56 . 2014-11-07 18:56	--------	d-----w-	c:\program files (x86)\Java
2014-11-07 15:12 . 2014-11-07 15:12	--------	d-sh--w-	c:\users\Mandy\AppData\Local\EmieUserList
2014-11-07 15:12 . 2014-11-07 15:12	--------	d-sh--w-	c:\users\Mandy\AppData\Local\EmieSiteList
2014-11-03 16:23 . 2014-11-03 16:23	--------	d-----w-	c:\users\Mandy\AppData\Local\Skyrim
2014-10-26 15:20 . 2014-10-26 15:20	--------	d-----w-	c:\programdata\Hewlett-Packard
2014-10-26 15:20 . 2009-07-14 01:41	230400	----a-w-	c:\windows\system32\Spool\prtprocs\x64\hpzppw71.dll
2014-10-15 20:09 . 2014-10-10 02:05	276480	----a-w-	c:\windows\system32\generaltel.dll
2014-10-15 20:08 . 2014-09-19 01:36	5829632	----a-w-	c:\windows\system32\jscript9.dll
2014-10-15 20:07 . 2014-09-18 02:00	3241472	----a-w-	c:\windows\system32\msi.dll
2014-10-15 20:07 . 2014-09-18 01:32	2363904	----a-w-	c:\windows\SysWow64\msi.dll
2014-10-15 20:07 . 2014-08-29 02:07	44032	----a-w-	c:\windows\system32\tsgqec.dll
2014-10-15 20:07 . 2014-08-29 01:44	37376	----a-w-	c:\windows\SysWow64\tsgqec.dll
2014-10-15 20:07 . 2014-08-29 01:44	4922368	----a-w-	c:\windows\SysWow64\mstscax.dll
2014-10-15 20:07 . 2014-08-29 01:44	269312	----a-w-	c:\windows\SysWow64\aaclient.dll
2014-10-15 20:07 . 2014-08-29 01:44	1050112	----a-w-	c:\windows\SysWow64\mstsc.exe
2014-10-15 20:07 . 2014-08-29 02:07	3179520	----a-w-	c:\windows\system32\rdpcorets.dll
2014-10-15 20:07 . 2014-08-29 02:07	5780480	----a-w-	c:\windows\system32\mstscax.dll
2014-10-15 20:07 . 2014-08-29 02:07	322560	----a-w-	c:\windows\system32\aaclient.dll
2014-10-15 20:07 . 2014-08-29 02:06	1125888	----a-w-	c:\windows\system32\mstsc.exe
2014-10-15 20:07 . 2014-09-04 05:23	424448	----a-w-	c:\windows\system32\rastls.dll
2014-10-15 20:07 . 2014-09-04 05:04	372736	----a-w-	c:\windows\SysWow64\rastls.dll
.
.
.
((((((((((((((((((((((((((((((((((((   Find3M Bericht   ))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-15 22:41 . 2014-02-01 11:15	103265616	----a-w-	c:\windows\system32\MRT.exe
2014-09-27 16:25 . 2014-02-01 16:35	71344	----a-w-	c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-09-27 16:25 . 2014-02-01 16:35	701104	----a-w-	c:\windows\SysWow64\FlashPlayerApp.exe
2014-09-25 02:08 . 2014-10-06 22:17	371712	----a-w-	c:\windows\system32\qdvd.dll
2014-09-25 01:40 . 2014-10-06 22:17	519680	----a-w-	c:\windows\SysWow64\qdvd.dll
2014-09-09 22:11 . 2014-10-06 22:17	2048	----a-w-	c:\windows\system32\tzres.dll
2014-09-09 21:47 . 2014-10-06 22:17	2048	----a-w-	c:\windows\SysWow64\tzres.dll
2014-08-23 02:07 . 2014-10-06 22:15	404480	----a-w-	c:\windows\system32\gdi32.dll
2014-08-23 01:45 . 2014-10-06 22:15	311808	----a-w-	c:\windows\SysWow64\gdi32.dll
.
.
((((((((((((((((((((((((((((   Autostartpunkte der Registrierung   ))))))))))))))))))))))))))))))))))))))))
.
.
*Hinweis* leere Einträge & legitime Standardeinträge werden nicht angezeigt. 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sony PC Companion"="c:\program files (x86)\Sony\Sony PC Companion\PCCompanion.exe" [2014-09-01 468192]
"BlackBerryLink.exe"="c:\users\Mandy\BlackBerryLink.exe" [2014-05-08 1463824]
"Steam"="c:\program files (x86)\Steam\Steam.exe" [2014-10-21 1938624]
"EADM"="d:\oblivion\EADM\EADMUI.exe" [2011-02-17 11509760]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"BambooCore"="c:\program files (x86)\Bamboo Dock\BambooCore.exe" [2012-10-16 646744]
"AdobeCS5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" [2010-07-22 402432]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"MobileConnect"="c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe" [2009-09-11 2403840]
"RIMBBLaunchAgent.exe"="c:\program files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe" [2014-02-07 443408]
"RIM PeerManager"="c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe" [2014-05-07 4493824]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2014-08-21 959176]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
AutoStart IR.lnk - c:\program files (x86)\WinTV\Ir.exe /QUIET [2014-3-25 117344]
WinTV Recording Status.lnk - c:\program files (x86)\WinTV\WinTV7\WinTVTray.exe [2014-2-7 151552]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 AntiVirWebService;Avira Browser-Schutz;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe;c:\program files (x86)\Avira\AntiVir Desktop\avwebg7.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ewusbnet;HUAWEI USB-NDIS miniport;c:\windows\system32\DRIVERS\ewusbnet.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbnet.sys [x]
R3 HCWF9BDA;Hauppauge IT9135 BDA Devices;c:\windows\system32\Drivers\hcwF9b64.sys;c:\windows\SYSNATIVE\Drivers\hcwF9b64.sys [x]
R3 hidkmdf;KMDF Driver;c:\windows\system32\DRIVERS\hidkmdf.sys;c:\windows\SYSNATIVE\DRIVERS\hidkmdf.sys [x]
R3 hwusbfake;Huawei DataCard USB Fake;c:\windows\system32\DRIVERS\ewusbfake.sys;c:\windows\SYSNATIVE\DRIVERS\ewusbfake.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;c:\windows\system32\DRIVERS\RtsPStor.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPStor.sys [x]
R3 Sony PC Companion;Sony PC Companion;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe;c:\program files (x86)\Sony\Sony PC Companion\PCCService.exe [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 usbrndis6;USB-RNDIS6-Adapter;c:\windows\system32\DRIVERS\usb80236.sys;c:\windows\SYSNATIVE\DRIVERS\usb80236.sys [x]
R3 WacHidRouter;Wacom Hid Router;c:\windows\system32\DRIVERS\wachidrouter.sys;c:\windows\SYSNATIVE\DRIVERS\wachidrouter.sys [x]
R3 wacomrouterfilter;Wacom Router Filter Driver;c:\windows\system32\DRIVERS\wacomrouterfilter.sys;c:\windows\SYSNATIVE\DRIVERS\wacomrouterfilter.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 HauppaugeTVServer;HauppaugeTVServer;c:\program files (x86)\WinTV\TVServer\HauppaugeTVServer.exe;c:\program files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [x]
S2 IconMan_R;IconMan_R;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe;c:\program files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [x]
S2 RIM MDNS;RIM MDNS;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [x]
S2 RIM Tunnel Service;BlackBerry Link Communication Manager;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service;c:\program files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe service [x]
S2 VMCService;Vodafone Mobile Connect Service;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe;c:\program files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [x]
S2 WTabletServiceCon;Wacom Consumer Service;c:\program files\Tablet\Pen\WTabletServiceCon.exe;c:\program files\Tablet\Pen\WTabletServiceCon.exe [x]
S3 BlackBerry Device Manager;BlackBerry Device Manager;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe;c:\program files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [x]
S3 IntcDAud;Intel(R) Display-Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
S3 intelkmd;intelkmd;c:\windows\system32\DRIVERS\igdpmd64.sys;c:\windows\SYSNATIVE\DRIVERS\igdpmd64.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 rimvndis;BlackBerry Virtual Private Network;c:\windows\system32\Drivers\rimvndis6_AMD64.sys;c:\windows\SYSNATIVE\Drivers\rimvndis6_AMD64.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
.
.
Inhalt des "geplante Tasks" Ordners
.
2014-11-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-02-01 16:25]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2011-08-09 167704]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2011-08-09 392472]
"Persistence"="c:\windows\system32\igfxpers.exe" [2011-08-09 416024]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2010-03-06 500208]
.
------- Zusätzlicher Suchlauf -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://search.conduit.com/?gd=&ctid=CT3325809&octid=EB_ORIGINAL_CTID&ISID=MC372C5FB-B196-42B2-A20B-46B8ED911D4B&SearchSource=55&CUI=&UM=5&UP=SP77092AF1-B0CB-4261-870E-3CC47173675E&SSPV=
mLocal Page = c:\windows\SysWOW64\blank.htm
IE: Nach Microsoft E&xel exportieren - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
TCP: DhcpNameServer = 10.2.0.10 10.2.0.130
TCP: Interfaces\{17EE3BAF-33CC-49AC-AD46-509894EF9C4A}: NameServer = 94.135.229.197 94.135.229.213
FF - ProfilePath - c:\users\Mandy\AppData\Roaming\Mozilla\Firefox\Profiles\xlkt84k5.default\
FF - prefs.js: browser.search.selectedEngine - Conduit Search
FF - prefs.js: browser.startup.homepage - about:home
.
- - - - Entfernte verwaiste Registrierungseinträge - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKU-Default-Run-AviraSpeedup - c:\program files (x86)\Avira\AviraSpeedup\avira_system_speedup.exe
Wow6432Node-HKU-Default-RunOnce-SPReview - c:\windows\System32\SPReview\SPReview.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe
.
.
.
--------------------- Gesperrte Registrierungsschluessel ---------------------
.
[HKEY_USERS\S-1-5-21-3408470921-2802912741-564172878-1000\Software\SecuROM\License information*]
"datasecu"=hex:f2,b8,41,9f,dd,4b,b7,e1,53,7a,59,4b,64,b6,dd,d3,00,4d,49,a6,13,
   b8,de,77,3a,e0,6e,2c,61,ce,87,8a,7a,8d,d8,ab,e1,66,10,08,85,0c,50,3e,0b,9b,\
"rkeysecu"=hex:2f,0f,d5,3e,02,2b,06,63,b1,0b,dd,b6,71,e2,54,98
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_167_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_167.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Zeit der Fertigstellung: 2014-11-10  21:19:01
ComboFix-quarantined-files.txt  2014-11-10 20:19
.
Vor Suchlauf: 9 Verzeichnis(se), 78.479.597.568 Bytes frei
Nach Suchlauf: 14 Verzeichnis(se), 78.287.224.832 Bytes frei
.
- - End Of File - - 7EF9BCEA0B581BE017F602D9265E6741
A36C5E4F47E84449FF07ED3517B43A31
         
Danke sehr, bin echt froh das mir jemand hilft!

Alt 11.11.2014, 16:53   #10
schrauber
/// the machine
/// TB-Ausbilder
 

TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



Downloade Dir bitte Malwarebytes Anti-Malware
  • Installiere das Programm in den vorgegebenen Pfad. (Bebilderte Anleitung zu MBAM)
  • Starte Malwarebytes' Anti-Malware (MBAM).
  • Klicke im Anschluss auf Scannen, wähle den Bedrohungssuchlauf aus und klicke auf Suchlauf starten.
  • Lass am Ende des Suchlaufs alle Funde (falls vorhanden) in die Quarantäne verschieben. Klicke dazu auf Auswahl entfernen.
  • Lass deinen Rechner ggf. neu starten, um die Bereinigung abzuschließen.
  • Starte MBAM, klicke auf Verlauf und dann auf Anwendungsprotokolle.
  • Wähle das neueste Scan-Protokoll aus und klicke auf Export. Wähle Textdatei (.txt) aus und speichere die Datei als mbam.txt auf dem Desktop ab. Das Logfile von MBAM findest du hier.
  • Füge den Inhalt der mbam.txt mit deiner nächsten Antwort hinzu.


Downloade Dir bitte AdwCleaner Logo Icon AdwCleaner auf deinen Desktop.
  • Schließe alle offenen Programme und Browser. Bebilderte Anleitung zu AdwCleaner.
  • Starte die AdwCleaner.exe mit einem Doppelklick.
  • Stimme den Nutzungsbedingungen zu.
  • Klicke auf Optionen und vergewissere dich, dass die folgenden Punkte ausgewählt sind:
    • "Tracing" Schlüssel löschen
    • Winsock Einstellungen zurücksetzen
    • Proxy Einstellungen zurücksetzen
    • Internet Explorer Richtlinien zurücksetzen
    • Chrome Richtlinien zurücksetzen
    • Stelle sicher, dass alle 5 Optionen wie hier dargestellt, ausgewählt sind
  • Klicke auf Suchlauf und warte bis dieser abgeschlossen ist.
  • Klicke nun auf Löschen und bestätige auftretende Hinweise mit Ok.
  • Dein Rechner wird automatisch neu gestartet. Nach dem Neustart öffnet sich eine Textdatei. Poste mir deren Inhalt mit deiner nächsten Antwort.
  • Die Logdatei findest du auch unter C:\AdwCleaner\AdwCleaner[Cx].txt. (x = fortlaufende Nummer).

Beende bitte Deine Schutzsoftware um eventuelle Konflikte zu vermeiden.
Bitte lade Junkware Removal Tool auf Deinen Desktop

  • Starte das Tool mit Doppelklick. Ab Windows Vista (oder höher) bitte mit Rechtsklick "als Administrator ausführen" starten.
  • Drücke eine beliebige Taste, um das Tool zu starten.
  • Je nach System kann der Scan eine Weile dauern.
  • Wenn das Tool fertig ist wird das Logfile (JRT.txt) auf dem Desktop gespeichert und automatisch geöffnet.
  • Bitte poste den Inhalt der JRT.txt in Deiner nächsten Antwort.


und ein frisches FRST log bitte.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 12.11.2014, 17:56   #11
Sil@s
 
TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



Hallo

Anti.Malware:

Code:
ATTFilter
 Malwarebytes Anti-Malware 
www.malwarebytes.org

Suchlauf Datum: 12.11.2014
Suchlauf-Zeit: 15:11:27
Logdatei: mbam.txt
Administrator: Ja

Version: 2.00.3.1025
Malware Datenbank: v2014.11.12.07
Rootkit Datenbank: v2014.11.11.01
Lizenz: Testversion
Malware Schutz: Aktiviert
Bösartiger Webseiten Schutz: Aktiviert
Selbstschutz: Deaktiviert

Betriebssystem: Windows 7 Service Pack 1
CPU: x64
Dateisystem: NTFS
Benutzer: Mandy

Suchlauf-Art: Bedrohungs-Suchlauf
Ergebnis: Abgeschlossen
Durchsuchte Objekte: 329070
Verstrichene Zeit: 16 Min, 41 Sek

Speicher: Aktiviert
Autostart: Aktiviert
Dateisystem: Aktiviert
Archive: Aktiviert
Rootkits: Deaktiviert
Heuristik: Aktiviert
PUP: Aktiviert
PUM: Aktiviert

Prozesse: 0
(Keine schädliche Elemente erkannt)

Module: 0
(Keine schädliche Elemente erkannt)

Registrierungsschlüssel: 2
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM, In Quarantäne, [588f8fabaad2a294d1ae4a3a28dc15eb], 
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3408470921-2802912741-564172878-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM, In Quarantäne, [d51271c9a2da70c6acd2d7ad36ce0af6], 

Registrierungswerte: 2
PUP.Optional.SweetIM.A, HKLM\SOFTWARE\WOW6432NODE\SWEETIM|simapp_id, 1605756337140055260, In Quarantäne, [588f8fabaad2a294d1ae4a3a28dc15eb]
PUP.Optional.SweetIM.A, HKU\S-1-5-21-3408470921-2802912741-564172878-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\SWEETIM|simapp_id, 1605756337140055260, In Quarantäne, [d51271c9a2da70c6acd2d7ad36ce0af6]

Registrierungsdaten: 1
PUP.Optional.Conduit.A, HKU\S-1-5-21-3408470921-2802912741-564172878-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, hxxp://search.conduit.com/?gd=&ctid=CT3325809&octid=EB_ORIGINAL_CTID&ISID=MC372C5FB-B196-42B2-A20B-46B8ED911D4B&SearchSource=55&CUI=&UM=5&UP=SP77092AF1-B0CB-4261-870E-3CC47173675E&SSPV=, Gut: (www.google.com), Schlecht: (hxxp://search.conduit.com/?gd=&ctid=CT3325809&octid=EB_ORIGINAL_CTID&ISID=MC372C5FB-B196-42B2-A20B-46B8ED911D4B&SearchSource=55&CUI=&UM=5&UP=SP77092AF1-B0CB-4261-870E-3CC47173675E&SSPV=),Ersetzt,[6e791f1b5f1dc5715b271625c44156aa]

Ordner: 0
(Keine schädliche Elemente erkannt)

Dateien: 1
PUP.Optional.ClientConnect, C:\Users\Mandy\Downloads\Audacity_TSA3217RO.exe, In Quarantäne, [eef9a7934f2d1e18116ed4f5ac55b848], 

Physische Sektoren: 0
(Keine schädliche Elemente erkannt)


(end)
         

AdwCleaner:

Code:
ATTFilter
# AdwCleaner v4.101 - Bericht erstellt am 12/11/2014 um 17:30:37
# Aktualisiert 09/11/2014 von Xplode
# Database : 2014-11-11.2 [Live]
# Betriebssystem : Windows 7 Home Premium Service Pack 1 (64 bits)
# Benutzername : Mandy - MANDY-PC
# Gestartet von : C:\Users\Mandy\Desktop\trojanerHILFE\AdwCleaner_4.101.exe
# Option : Löschen

***** [ Dienste ] *****


***** [ Dateien / Ordner ] *****

Ordner Gelöscht : C:\Users\Mandy\AppData\Local\ValueApps
Datei Gelöscht : C:\Windows\SysWOW64\ValueApps.dll
Datei Gelöscht : C:\Windows\System32\ValueApps64.dll

***** [ Tasks ] *****


***** [ Verknüpfungen ] *****


***** [ Registrierungsdatenbank ] *****

Schlüssel Gelöscht : HKCU\Software\Conduit
Schlüssel Gelöscht : HKCU\Software\IM

***** [ Browser ] *****

-\\ Internet Explorer v11.0.9600.17344


-\\ Mozilla Firefox v33.1 (x86 de)

[xlkt84k5.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.defaultenginename", "Conduit Search");
[xlkt84k5.default\prefs.js] - Zeile gelöscht : user_pref("browser.search.selectedEngine", "Conduit Search");

*************************

AdwCleaner[R0].txt - [1340 octets] - [12/11/2014 17:26:36]
AdwCleaner[R1].txt - [1400 octets] - [12/11/2014 17:27:59]
AdwCleaner[S0].txt - [1244 octets] - [12/11/2014 17:30:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [1304 octets] ##########
         

JRT-Editor:

Code:
ATTFilter
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.7 (11.08.2014:1)
OS: Windows 7 Home Premium x64
Ran by Mandy on 12.11.2014 at 17:43:40,69
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Emptied folder: C:\Users\Mandy\AppData\Roaming\mozilla\firefox\profiles\xlkt84k5.default\minidumps [15 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 12.11.2014 at 17:46:27,03
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
         

Danke sehr

Und das fehlende frische FRST:


FRST Logfile:

FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Mandy (administrator) on MANDY-PC on 12-11-2014 17:54:31
Running from C:\Users\Mandy\Desktop\trojanerHILFE
Loaded Profile: Mandy (Available profiles: Mandy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
(Research In Motion) C:\Users\Mandy\BlackBerryLink.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
() C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Vodafone) C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Research In Motion) C:\Users\Mandy\BlackBerryLink.Helper.exe
() C:\Program Files (x86)\Common Files\Research in Motion\nginx\nginx.exe
() C:\Program Files (x86)\Common Files\Research in Motion\nginx\nginx.exe
(Research In Motion) C:\Users\Mandy\BlackBerryLink.AutoUpdate.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\RIMDeviceManager\RIMDeviceManager.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [MobileConnect] => C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\MobileConnect.exe [2403840 2009-09-11] (Vodafone)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-02-07] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4493824 2014-05-07] (Research In Motion Limited)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-23] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [Sony PC Companion] => C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe [468192 2014-09-01] (Sony)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [BlackBerryLink.exe] => C:\Users\Mandy\BlackBerryLink.exe [1463824 2014-05-08] (Research In Motion)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [EADM] => D:\Oblivion\EADM\EADMUI.exe [11509760 2011-02-17] (Electronic Arts)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk
ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE2D9CB67341FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 10.2.0.10 10.2.0.130
Tcpip\..\Interfaces\{17EE3BAF-33CC-49AC-AD46-509894EF9C4A}: [NameServer] 94.135.229.197 94.135.229.213

FireFox:
========
FF ProfilePath: C:\Users\Mandy\AppData\Roaming\Mozilla\Firefox\Profiles\xlkt84k5.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3408470921-2802912741-564172878-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Mandy\AppData\Roaming\Mozilla\Firefox\Profiles\xlkt84k5.default\Extensions\abs@avira.com [2014-11-07]
FF Extension: Adblock Plus - C:\Users\Mandy\AppData\Roaming\Mozilla\Firefox\Profiles\xlkt84k5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-06]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2014-02-18]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [582144 2014-02-04] (Hauppauge Computer Works) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 VMCService; C:\Program Files (x86)\Vodafone\Vodafone Mobile Connect\Bin\VMCService.exe [9216 2009-09-11] (Vodafone) [File not signed]
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 HCWF9BDA; C:\Windows\System32\Drivers\hcwF9b64.sys [188376 2013-09-25] (ITE                      )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-12] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 17:46 - 2014-11-12 17:46 - 00000757 _____ () C:\Users\Mandy\Desktop\JRT.txt
2014-11-12 17:43 - 2014-11-12 17:43 - 00000000 ____D () C:\Windows\ERUNT
2014-11-12 17:26 - 2014-11-12 17:36 - 00000000 ____D () C:\AdwCleaner
2014-11-12 15:08 - 2014-11-12 17:32 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-12 15:08 - 2014-11-12 15:08 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-12 15:08 - 2014-11-12 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-12 15:08 - 2014-11-12 15:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-12 15:08 - 2014-11-12 15:08 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-12 15:08 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-12 15:08 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-12 15:08 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-10 23:37 - 2014-11-10 23:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 21:36 - 2014-11-10 21:36 - 00000000 ____D () C:\Users\Mandy\AppData\Roaming\Avira
2014-11-10 21:34 - 2014-10-23 14:02 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-11-10 21:34 - 2014-10-23 14:02 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-11-10 21:34 - 2014-10-23 14:01 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-11-10 21:32 - 2014-11-10 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-10 21:32 - 2014-11-10 21:34 - 00000000 ____D () C:\ProgramData\Avira
2014-11-10 21:32 - 2014-11-10 21:34 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-10 21:32 - 2014-11-10 21:32 - 00001143 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-10 21:31 - 2014-11-10 21:31 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\Mandy\Downloads\avira_de_av___ws(1).exe
2014-11-10 21:19 - 2014-11-10 21:19 - 00018849 _____ () C:\ComboFix.txt
2014-11-10 20:54 - 2014-11-10 21:19 - 00000000 ____D () C:\Qoobox
2014-11-10 20:54 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-10 20:54 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-10 20:54 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-10 20:54 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-10 20:54 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-10 20:54 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-10 20:54 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-10 20:54 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-10 20:53 - 2014-11-10 21:16 - 00000000 ____D () C:\Windows\erdnt
2014-11-09 12:41 - 2014-11-09 12:41 - 00000000 ____D () C:\Users\Mandy\Desktop\Report TDSSKiller
2014-11-08 15:42 - 2014-11-12 17:54 - 00000000 ____D () C:\Users\Mandy\Desktop\trojanerHILFE
2014-11-08 15:42 - 2014-11-12 17:54 - 00000000 ____D () C:\FRST
2014-11-08 01:54 - 2014-11-08 01:54 - 00000000 ____D () C:\ProgramData\EA Core
2014-11-08 01:53 - 2014-11-08 02:04 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-11-08 01:53 - 2014-11-08 01:53 - 00000630 _____ () C:\Users\Public\Desktop\EA Download Manager.lnk
2014-11-08 01:53 - 2014-11-08 01:53 - 00000000 ____D () C:\Users\Mandy\AppData\Local\Electronic Arts
2014-11-08 01:53 - 2014-11-08 01:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-11-08 01:53 - 2014-11-08 01:53 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-11-08 00:46 - 2014-11-08 00:46 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-11-07 22:33 - 2014-11-07 22:35 - 00000000 ____D () C:\Users\Mandy\AppData\Local\AviraSpeedup
2014-11-07 19:56 - 2014-11-07 19:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-07 19:56 - 2014-11-07 19:56 - 00000000 ____D () C:\ProgramData\Sun
2014-11-07 19:56 - 2014-11-07 19:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-07 19:54 - 2014-11-07 19:54 - 00638888 _____ (Oracle Corporation) C:\Users\Mandy\Desktop\jxpiinstall.exe
2014-11-07 19:33 - 2014-11-07 19:33 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\Mandy\Downloads\avira_de_av___ws.exe
2014-11-07 19:10 - 2014-11-07 19:11 - 00854448 _____ () C:\Users\Mandy\Desktop\SecurityCheck.exe
2014-11-07 16:12 - 2014-11-07 16:12 - 00000000 __SHD () C:\Users\Mandy\AppData\Local\EmieUserList
2014-11-07 16:12 - 2014-11-07 16:12 - 00000000 __SHD () C:\Users\Mandy\AppData\Local\EmieSiteList
2014-11-07 16:05 - 2014-11-07 16:05 - 02347384 _____ (ESET) C:\Users\Mandy\Downloads\esetsmartinstaller_deu.exe
2014-11-07 15:00 - 2014-11-07 15:27 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-11-07 15:00 - 2014-11-07 15:27 - 00001908 _____ () C:\Windows\diagerr.xml
2014-11-05 12:17 - 2014-11-05 12:17 - 00002032 _____ () C:\Users\Public\Desktop\Sony PC Companion 2.1.lnk
2014-11-03 17:23 - 2014-11-03 17:23 - 00000000 ____D () C:\Users\Mandy\AppData\Local\Skyrim
2014-11-03 17:22 - 2014-11-08 00:46 - 00034988 _____ () C:\Windows\DirectX.log
2014-10-29 16:55 - 2014-11-09 16:05 - 00000000 ____D () C:\Users\Mandy\Desktop\Soziologie
2014-10-26 16:20 - 2014-10-26 16:20 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-10-22 13:48 - 2014-10-22 13:48 - 00381511 _____ () C:\Users\Mandy\Desktop\Medien Propaganda, meinungsäußerung.php
2014-10-15 21:10 - 2014-09-29 01:58 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-10-15 21:10 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 21:10 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 21:10 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 21:10 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 21:10 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 21:10 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 21:10 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 21:10 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 21:10 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 21:10 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 21:10 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 21:10 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 21:10 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 21:10 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 21:10 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 21:10 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 21:10 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00679424 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 21:10 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 21:10 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 21:10 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 21:10 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 21:10 - 2014-07-07 03:05 - 00126464 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2014-10-15 21:10 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 21:10 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 21:10 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 21:10 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 21:10 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 21:10 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 21:10 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 21:10 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 21:10 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 21:10 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 21:10 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 21:10 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 21:10 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 21:09 - 2014-10-10 03:05 - 00507392 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-10-15 21:09 - 2014-10-10 03:05 - 00276480 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-10-15 21:09 - 2014-10-10 03:00 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-10-15 21:09 - 2014-10-07 03:54 - 00378552 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-15 21:09 - 2014-10-07 03:04 - 00331448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-15 21:09 - 2014-09-25 23:50 - 13619200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-15 21:09 - 2014-09-25 23:46 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-15 21:09 - 2014-09-25 23:46 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-15 21:09 - 2014-09-25 23:46 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-15 21:09 - 2014-09-25 23:43 - 11807232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-15 21:09 - 2014-09-25 23:32 - 02017280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-15 21:09 - 2014-09-25 23:31 - 02108416 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-15 21:09 - 2014-09-19 02:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-15 21:09 - 2014-09-19 02:55 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-15 21:09 - 2014-09-19 02:44 - 17484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-15 21:09 - 2014-09-19 02:41 - 02796032 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-15 21:09 - 2014-09-19 02:40 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-15 21:09 - 2014-09-19 02:39 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-15 21:09 - 2014-09-19 02:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-15 21:09 - 2014-09-19 02:30 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-15 21:09 - 2014-09-19 02:27 - 00595968 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-15 21:09 - 2014-09-19 02:25 - 04201472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-15 21:09 - 2014-09-19 02:25 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-15 21:09 - 2014-09-19 02:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-15 21:09 - 2014-09-19 02:14 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-15 21:09 - 2014-09-19 02:06 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-15 21:09 - 2014-09-19 02:02 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-15 21:09 - 2014-09-19 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-15 21:09 - 2014-09-19 02:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-15 21:09 - 2014-09-19 01:59 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-15 21:09 - 2014-09-19 01:58 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-15 21:09 - 2014-09-19 01:55 - 02187264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-15 21:09 - 2014-09-19 01:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-15 21:09 - 2014-09-19 01:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-15 21:09 - 2014-09-19 01:51 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-15 21:09 - 2014-09-19 01:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-15 21:09 - 2014-09-19 01:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-15 21:09 - 2014-09-19 01:42 - 00731136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-15 21:09 - 2014-09-19 01:42 - 00710656 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-15 21:09 - 2014-09-19 01:36 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-15 21:09 - 2014-09-19 01:32 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-15 21:09 - 2014-09-19 01:20 - 00607744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-15 21:09 - 2014-09-19 01:18 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-15 21:09 - 2014-09-19 01:14 - 01447936 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-15 21:09 - 2014-09-19 00:59 - 01810944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-15 21:09 - 2014-09-19 00:53 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-15 21:09 - 2014-09-19 00:52 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-15 21:08 - 2014-09-19 03:25 - 23631360 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-15 21:08 - 2014-09-19 02:40 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-15 21:08 - 2014-09-19 02:38 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-15 21:08 - 2014-09-19 02:36 - 05829632 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-15 21:08 - 2014-09-19 02:26 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-15 21:08 - 2014-09-19 02:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-15 21:08 - 2014-09-19 02:18 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-15 21:08 - 2014-09-19 02:01 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-15 21:08 - 2014-09-19 02:00 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-15 21:08 - 2014-09-19 01:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-15 21:08 - 2014-09-19 01:33 - 02309632 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-15 21:08 - 2014-09-19 00:59 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-15 21:07 - 2014-09-18 03:00 - 03241472 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-10-15 21:07 - 2014-09-18 02:32 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-10-15 21:07 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 21:07 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 21:07 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 21:07 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 21:07 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-15 21:07 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-15 21:07 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 21:07 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 21:07 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 21:07 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 21:07 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-15 21:06 - 2014-09-13 02:58 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-10-15 21:06 - 2014-09-13 02:40 - 00067072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-10-15 21:06 - 2014-07-17 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-10-15 21:06 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 21:06 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 21:06 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 21:06 - 2014-07-17 03:07 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-10-15 21:06 - 2014-07-17 03:07 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-10-15 21:06 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 21:06 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-10-15 21:06 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-10-15 21:06 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 21:06 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 08:40 - 2014-11-03 16:07 - 00000000 ____D () C:\Users\Mandy\Desktop\Bestaetigung-Dateien

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-12 17:39 - 2009-07-14 05:45 - 00023696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-12 17:39 - 2009-07-14 05:45 - 00023696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-12 17:33 - 2014-07-14 17:47 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-12 17:31 - 2014-02-19 18:44 - 00001981 _____ () C:\Windows\setupact.log
2014-11-12 17:31 - 2014-02-19 18:43 - 00424030 _____ () C:\Windows\PFRO.log
2014-11-12 17:31 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-12 17:30 - 2014-01-31 14:10 - 01455027 _____ () C:\Windows\WindowsUpdate.log
2014-11-12 17:25 - 2014-04-17 09:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-12 16:47 - 2014-02-01 11:00 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9A2FC46C-DD34-4E4E-B60D-48EAD0A09815}
2014-11-12 16:25 - 2014-04-17 09:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 16:25 - 2014-02-01 17:35 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 16:25 - 2014-02-01 17:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 15:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Web
2014-11-11 17:39 - 2014-02-01 17:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 21:32 - 2014-02-07 19:17 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-10 21:15 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-10 21:14 - 2014-01-31 14:13 - 00000000 ____D () C:\Users\Mandy
2014-11-10 18:48 - 2009-07-14 18:58 - 00832218 _____ () C:\Windows\system32\perfh007.dat
2014-11-10 18:48 - 2009-07-14 18:58 - 00191854 _____ () C:\Windows\system32\perfc007.dat
2014-11-10 18:48 - 2009-07-14 06:13 - 00006220 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-08 23:00 - 2014-09-13 17:49 - 00001392 _____ () C:\Users\Mandy\Documents\TombRaider.log
2014-11-08 02:04 - 2014-02-01 18:27 - 00000000 ____D () C:\Users\Mandy\Documents\My Games
2014-11-08 01:54 - 2014-01-31 14:13 - 00000000 ____D () C:\Users\Mandy\AppData\Local\VirtualStore
2014-11-08 01:05 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-07 15:00 - 2014-02-19 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-07 14:53 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-05 12:18 - 2014-05-10 16:29 - 00257938 _____ () C:\Windows\DPINST.LOG
2014-11-05 12:17 - 2014-05-10 16:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-11-05 12:16 - 2014-01-31 18:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-05 12:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-30 19:49 - 2014-02-01 17:56 - 00000000 ____D () C:\Users\Mandy\AppData\Roaming\vlc
2014-10-29 10:01 - 2014-04-17 09:37 - 00000000 ____D () C:\Users\Mandy\AppData\Roaming\Audacity
2014-10-26 19:09 - 2014-02-01 17:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-24 07:41 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-17 13:21 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-10-16 13:29 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 13:27 - 2014-02-19 18:43 - 04973784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-16 13:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 13:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-16 13:24 - 2014-08-15 12:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-10-15 23:43 - 2014-02-01 12:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-15 23:41 - 2014-02-01 12:15 - 103265616 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-15 08:59 - 2014-02-01 17:31 - 00000000 ____D () C:\ProgramData\Adobe

Files to move or delete:
====================
C:\Users\Mandy\BlackBerryLink.AutoUpdate.exe
C:\Users\Mandy\BlackBerryLink.exe
C:\Users\Mandy\BlackBerryLink.Helper.exe
C:\Users\Mandy\log4net.dll
C:\Users\Mandy\Microsoft.Practices.Prism.dll
C:\Users\Mandy\Microsoft.Practices.Prism.Interactivity.dll
C:\Users\Mandy\Microsoft.Practices.Prism.MefExtensions.dll
C:\Users\Mandy\Microsoft.Practices.Prism.UnityExtensions.dll
C:\Users\Mandy\Microsoft.Practices.ServiceLocation.dll
C:\Users\Mandy\Microsoft.Practices.Unity.dll
C:\Users\Mandy\Microsoft.Windows.Shell.dll
C:\Users\Mandy\MSOE.Interactions.dll
C:\Users\Mandy\MSOl.Interactions.dll
C:\Users\Mandy\Rim.Common.Filesystem.dll
C:\Users\Mandy\Rim.Common.Utilities.dll
C:\Users\Mandy\Rim.Desktop.AutoUpdate.dll
C:\Users\Mandy\Rim.Desktop.AutoUpdate.UpgradeXMLParser.dll
C:\Users\Mandy\Rim.Desktop.AutoUpdate.Utilities.dll
C:\Users\Mandy\Rim.Desktop.Common.dll
C:\Users\Mandy\Rim.Desktop.DiagnosticsReport.exe
C:\Users\Mandy\Rim.Desktop.Services.Common.dll
C:\Users\Mandy\Rim.Desktop.Services.Configuration.dll
C:\Users\Mandy\Rim.Desktop.Services.Device.HttpControlChannel.dll
C:\Users\Mandy\Rim.Desktop.Services.Interfaces.dll
C:\Users\Mandy\Rim.Desktop.Services.Logging.dll
C:\Users\Mandy\Rim.Desktop.Services.Native.dll
C:\Users\Mandy\Rim.Desktop.Services.Tasks.dll
C:\Users\Mandy\Rim.Desktop.Services.WindowState.dll
C:\Users\Mandy\Rim.Desktop.Themes.dll
C:\Users\Mandy\Rim.DesktopHelper.common.dll
C:\Users\Mandy\rMSOEDE.dll
C:\Users\Mandy\rMSOLDE.dll
C:\Users\Mandy\rWinVistaDE.dll
C:\Users\Mandy\SyncApi.Configuration.dll
C:\Users\Mandy\SyncApi.dll
C:\Users\Mandy\SyncApi.MSOE.dll
C:\Users\Mandy\SyncApi.MSOL.dll
C:\Users\Mandy\SyncApi.WinVista.dll
C:\Users\Mandy\System.Windows.Interactivity.dll
C:\Users\Mandy\WinVista.Interactions.dll
C:\Users\Mandy\XCPCSYNCLib.dll


Some content of TEMP:
====================
C:\Users\Mandy\AppData\Local\Temp\avgnt.exe
C:\Users\Mandy\AppData\Local\Temp\Quarantine.exe
C:\Users\Mandy\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 22:11

==================== End Of Log ============================
         
--- --- ---

--- --- ---

Alt 13.11.2014, 09:59   #12
schrauber
/// the machine
/// TB-Ausbilder
 

TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



Endspurt


ESET Online Scanner

  • Hier findest du eine bebilderte Anleitung zu ESET Online Scanner
  • Lade und starte Eset Online Scanner
  • Setze einen Haken bei Ja, ich bin mit den Nutzungsbedingungen einverstanden und klicke auf Starten.
  • Aktiviere die "Erkennung von eventuell unerwünschten Anwendungen" und wähle folgende Einstellungen.
  • Klicke auf Starten.
  • Die Signaturen werden heruntergeladen, der Scan beginnt automatisch.
  • Klicke am Ende des Suchlaufs auf Fertig stellen.
  • Schließe das Fenster von ESET.
  • Explorer öffnen.
  • C:\Programme\Eset\EsetOnlineScanner\log.txt (bei 64 Bit auch C:\Programme (x86)\Eset\EsetOnlineScanner\log.txt) suchen und mit Deinem Editor öffnen (bebildert).
  • Logfile hier posten.
  • Deinstallation: Systemsteuerung => Software / Programme deinstallieren => Eset Online Scanner V3 entfernen.
  • Manuell folgenden Ordner löschen und Papierkorb leeren => C:\Programme\Eset


Downloade Dir bitte SecurityCheck und:

  • Speichere es auf dem Desktop.
  • Starte SecurityCheck.exe und folge den Anweisungen in der DOS-Box.
  • Wenn der Scan beendet wurde sollte sich ein Textdokument (checkup.txt) öffnen.
Poste den Inhalt bitte hier.

und ein frisches FRST log bitte. Noch Probleme?
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 13.11.2014, 15:44   #13
Sil@s
 
TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



Hier Logfile von ESET:

Code:
ATTFilter
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=a2fa02afac746248b1d3fddc25cf4d63
# engine=21074
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-11-13 02:32:35
# local_time=2014-11-13 03:32:35 (+0100, Mitteleuropäische Zeit)
# country="Germany"
# lang=1031
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Avira Desktop'
# compatibility_mode=1810 16777213 100 99 67572 1819840 0 0
# compatibility_mode_1=''
# compatibility_mode=5893 16776574 100 94 242428 167519005 0 0
# scanned=262497
# found=3
# cleaned=0
# scan_time=7155
sh=F9FD8A46A46C3412CE6313DD941CEE0E075BB780 ft=1 fh=9d4c8bf9843f9b20 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\System32\ValueApps64.dll.vir"
sh=E4CF376DF44724A1ECF32D28CF38A8E0C7682E54 ft=1 fh=d95eee5e647657f0 vn="Variante von Win32/ClientConnect.A evtl. unerwünschte Anwendung" ac=I fn="C:\AdwCleaner\Quarantine\C\Windows\SysWOW64\ValueApps.dll.vir"
sh=FEC19241949864DE766A2D193BC81E3366E379E4 ft=1 fh=ac6e9bcd558de938 vn="Win32/Conduit.SearchProtect.Q evtl. unerwünschte Anwendung" ac=I fn="C:\Users\Mandy\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZYUJYICZ\SPSetup[1].exe"
         
SecurityCheck:

Code:
ATTFilter
 Results of screen317's Security Check version 0.99.89  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
Avira Desktop   
 Antivirus up to date!  (On Access scanning disabled!) 
`````````Anti-malware/Other Utilities Check:````````` 
 Adobe Flash Player 15.0.0.223  
 Adobe Reader XI  
 Mozilla Firefox (33.1) 
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Avira Antivir avgnt.exe 
 Avira Antivir avguard.exe 
 Malwarebytes Anti-Malware mbamscheduler.exe   
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  
````````````````````End of Log``````````````````````
         
Und FRST:


FRST Logfile:
Code:
ATTFilter
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-11-2014
Ran by Mandy (administrator) on MANDY-PC on 13-11-2014 15:40:05
Running from C:\Users\Mandy\Desktop\trojanerHILFE
Loaded Profile: Mandy (Available profiles: Mandy)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Deutsch (Deutschland)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: hxxp://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\mDNSResponder.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\tunmgr.exe
(Hauppauge Computer Works) C:\Program Files (x86)\WinTV\TVServer\CaptureDLNA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\BbDevMgr.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbam.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Hauppauge Computer Works, Inc.) C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(BlackBerry Limited) C:\Program Files (x86)\Common Files\Research in Motion\USB Drivers\RIMBBLaunchAgent.exe
(Research In Motion Limited) C:\Program Files (x86)\Common Files\Research in Motion\Tunnel Manager\PeerManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Research In Motion) C:\Users\Mandy\BlackBerryLink.Helper.exe
() C:\Program Files (x86)\Common Files\Research in Motion\nginx\nginx.exe
(Research In Motion) C:\Users\Mandy\BlackBerryLink.AutoUpdate.exe
() C:\Program Files (x86)\Common Files\Research in Motion\nginx\nginx.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_15_0_0_223.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [RIMBBLaunchAgent.exe] => C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\RIMBBLaunchAgent.exe [443408 2014-02-07] (BlackBerry Limited)
HKLM-x32\...\Run: [RIM PeerManager] => C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\PeerManager.exe [4493824 2014-05-07] (Research In Motion Limited)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [124208 2014-10-22] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [703736 2014-10-23] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [BlackBerryLink.exe] => C:\Users\Mandy\BlackBerryLink.exe [1463824 2014-05-08] (Research In Motion)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\...\Run: [EADM] => D:\Oblivion\EADM\EADMUI.exe [11509760 2011-02-17] (Electronic Arts)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutoStart IR.lnk
ShortcutTarget: AutoStart IR.lnk -> C:\Program Files (x86)\WinTV\Ir.exe (Hauppauge Computer Works)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\WinTV Recording Status.lnk
ShortcutTarget: WinTV Recording Status.lnk -> C:\Program Files (x86)\WinTV\WinTV7\WinTVTray.exe (Hauppauge Computer Works, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE2D9CB67341FCF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = de
HKU\S-1-5-21-3408470921-2802912741-564172878-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO-x32: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM-x32 - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 10.2.0.10 10.2.0.130
Tcpip\..\Interfaces\{17EE3BAF-33CC-49AC-AD46-509894EF9C4A}: [NameServer] 94.135.229.197 94.135.229.213

FireFox:
========
FF ProfilePath: C:\Users\Mandy\AppData\Roaming\Mozilla\Firefox\Profiles\xlkt84k5.default
FF Homepage: about:home
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll ()
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin-x32: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files (x86)\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3408470921-2802912741-564172878-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazondotcom-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\ddg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\leo_ende_de.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-de.xml
FF Extension: Avira Browser Safety - C:\Users\Mandy\AppData\Roaming\Mozilla\Firefox\Profiles\xlkt84k5.default\Extensions\abs@avira.com [2014-11-07]
FF Extension: Adblock Plus - C:\Users\Mandy\AppData\Roaming\Mozilla\Firefox\Profiles\xlkt84k5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-06]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - C:\Program Files (x86)\Adobe\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2014-02-18]

Chrome: 
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [432888 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [995064 2014-10-23] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [164656 2014-10-22] (Avira Operations GmbH & Co. KG)
R3 BlackBerry Device Manager; C:\Program Files (x86)\Common Files\Research In Motion\USB Drivers\BbDevMgr.exe [585728 2014-01-21] (BlackBerry Limited) [File not signed]
R2 HauppaugeTVServer; C:\Program Files (x86)\WinTV\TVServer\HauppaugeTVServer.exe [582144 2014-02-04] (Hauppauge Computer Works) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\ Malwarebytes Anti-Malware \mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 RIM MDNS; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\mDNSResponder.exe [389632 2014-05-07] (Apple Inc.) [File not signed]
R2 RIM Tunnel Service; C:\Program Files (x86)\Common Files\Research In Motion\Tunnel Manager\tunmgr.exe [1324544 2014-05-07] (Research In Motion Limited) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [627992 2014-01-13] (Wacom Technology, Corp.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-14] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-10-23] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-10-23] (Avira Operations GmbH & Co. KG)
S3 ewusbnet; C:\Windows\System32\DRIVERS\ewusbnet.sys [132608 2009-06-29] (Huawei Technologies Co., Ltd.)
S3 HCWF9BDA; C:\Windows\System32\Drivers\hcwF9b64.sys [188376 2013-09-25] (ITE                      )
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-13] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [79872 2013-12-02] (BlackBerry Limited)
R3 rimvndis; C:\Windows\System32\Drivers\rimvndis6_AMD64.sys [17920 2014-05-07] (Research in Motion Limited)
R3 RimVSerPort; C:\Windows\System32\DRIVERS\RimSerial_AMD64.sys [44544 2012-12-10] (Research in Motion Ltd)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2013-02-12] (Microsoft Corporation)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 13:31 - 2014-11-13 13:31 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-11-13 01:36 - 2014-11-07 20:49 - 00388272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-11-13 01:36 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-11-13 01:36 - 2014-11-06 05:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-11-13 01:36 - 2014-11-06 05:03 - 25110016 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-11-13 01:36 - 2014-11-06 05:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-11-13 01:36 - 2014-11-06 04:47 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-11-13 01:36 - 2014-11-06 04:46 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-11-13 01:36 - 2014-11-06 04:46 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-11-13 01:36 - 2014-11-06 04:44 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-11-13 01:36 - 2014-11-06 04:43 - 02884096 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-11-13 01:36 - 2014-11-06 04:36 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-11-13 01:36 - 2014-11-06 04:35 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-11-13 01:36 - 2014-11-06 04:31 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-11-13 01:36 - 2014-11-06 04:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-11-13 01:36 - 2014-11-06 04:30 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-11-13 01:36 - 2014-11-06 04:29 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-11-13 01:36 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-11-13 01:36 - 2014-11-06 04:23 - 06040064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-11-13 01:36 - 2014-11-06 04:20 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-11-13 01:36 - 2014-11-06 04:16 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-11-13 01:36 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-11-13 01:36 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-11-13 01:36 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-11-13 01:36 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-11-13 01:36 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-11-13 01:36 - 2014-11-06 04:07 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-11-13 01:36 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-11-13 01:36 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-11-13 01:36 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-11-13 01:36 - 2014-11-06 04:02 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-11-13 01:36 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-11-13 01:36 - 2014-11-06 04:00 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-11-13 01:36 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-11-13 01:36 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-11-13 01:36 - 2014-11-06 03:57 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-11-13 01:36 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-11-13 01:36 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-13 01:36 - 2014-11-06 03:41 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-11-13 01:36 - 2014-11-06 03:41 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-11-13 01:36 - 2014-11-06 03:39 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-11-13 01:36 - 2014-11-06 03:38 - 02124288 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-11-13 01:36 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-11-13 01:36 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-11-13 01:36 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-11-13 01:36 - 2014-11-06 03:30 - 14390272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-11-13 01:36 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-11-13 01:36 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-11-13 01:36 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-11-13 01:36 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-11-13 01:36 - 2014-11-06 03:17 - 02365440 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-11-13 01:36 - 2014-11-06 03:04 - 01550336 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-11-13 01:36 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-11-13 01:36 - 2014-11-06 02:53 - 00799232 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-11-13 01:36 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-11-13 01:36 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-11-13 01:36 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-11-13 01:36 - 2014-11-05 18:56 - 00304640 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-11-13 01:36 - 2014-11-05 18:56 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-11-13 01:36 - 2014-11-05 18:52 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-11-13 01:36 - 2014-10-14 03:16 - 00155064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-11-13 01:36 - 2014-10-14 03:13 - 00683520 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2014-11-13 01:36 - 2014-10-14 03:12 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-11-13 01:36 - 2014-10-14 03:09 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2014-11-13 01:36 - 2014-10-14 03:07 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2014-11-13 01:36 - 2014-10-14 02:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-11-13 01:36 - 2014-10-14 02:49 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-11-13 01:36 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2014-11-13 01:36 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2014-11-13 01:36 - 2014-08-21 07:43 - 01882624 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-11-13 01:36 - 2014-08-21 07:40 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-11-13 01:36 - 2014-08-21 07:26 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-11-13 01:36 - 2014-08-21 07:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-11-13 01:35 - 2014-10-25 02:57 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll
2014-11-13 01:35 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\packager.dll
2014-11-13 01:35 - 2014-10-18 03:05 - 00861696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-11-13 01:35 - 2014-10-18 02:33 - 00571904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-11-13 01:35 - 2014-10-14 03:13 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-11-13 01:35 - 2014-10-14 02:50 - 02363904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-11-13 01:35 - 2014-10-10 01:57 - 03198976 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-11-13 01:35 - 2014-10-03 03:12 - 00500224 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2014-11-13 01:35 - 2014-10-03 03:11 - 00680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-11-13 01:35 - 2014-10-03 03:11 - 00440832 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2014-11-13 01:35 - 2014-10-03 03:11 - 00296448 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-11-13 01:35 - 2014-10-03 03:11 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2014-11-13 01:35 - 2014-10-03 02:44 - 00442880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2014-11-13 01:35 - 2014-10-03 02:44 - 00374784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2014-11-13 01:35 - 2014-10-03 02:44 - 00195584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-11-13 01:35 - 2014-09-19 10:42 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-11-13 01:35 - 2014-09-19 10:42 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-11-13 01:35 - 2014-09-19 10:42 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-11-13 01:35 - 2014-09-19 10:42 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-11-13 01:35 - 2014-09-19 10:42 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-11-13 01:35 - 2014-09-19 10:42 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-11-13 01:35 - 2014-09-19 10:42 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-11-13 01:35 - 2014-09-19 10:23 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-11-13 01:35 - 2014-09-19 10:23 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-11-13 01:35 - 2014-09-19 10:23 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-11-13 01:35 - 2014-09-19 10:23 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-11-13 01:35 - 2014-09-19 10:23 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-11-13 01:35 - 2014-09-19 10:23 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-11-13 01:35 - 2014-09-19 10:23 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-11-13 01:35 - 2014-08-12 03:02 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\IMJP10K.DLL
2014-11-13 01:35 - 2014-08-12 02:36 - 00701440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IMJP10K.DLL
2014-11-12 17:46 - 2014-11-12 17:46 - 00000757 _____ () C:\Users\Mandy\Desktop\JRT.txt
2014-11-12 17:43 - 2014-11-12 17:43 - 00000000 ____D () C:\Windows\ERUNT
2014-11-12 17:26 - 2014-11-12 17:36 - 00000000 ____D () C:\AdwCleaner
2014-11-12 15:08 - 2014-11-13 13:10 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-12 15:08 - 2014-11-12 15:08 - 00001108 _____ () C:\Users\Public\Desktop\ Malwarebytes Anti-Malware .lnk
2014-11-12 15:08 - 2014-11-12 15:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ Malwarebytes Anti-Malware 
2014-11-12 15:08 - 2014-11-12 15:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-12 15:08 - 2014-11-12 15:08 - 00000000 ____D () C:\Program Files (x86)\ Malwarebytes Anti-Malware 
2014-11-12 15:08 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-12 15:08 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-12 15:08 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-10 23:37 - 2014-11-10 23:37 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-11-10 21:36 - 2014-11-10 21:36 - 00000000 ____D () C:\Users\Mandy\AppData\Roaming\Avira
2014-11-10 21:34 - 2014-10-23 14:02 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2014-11-10 21:34 - 2014-10-23 14:02 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2014-11-10 21:34 - 2014-10-23 14:01 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2014-11-10 21:32 - 2014-11-10 21:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2014-11-10 21:32 - 2014-11-10 21:34 - 00000000 ____D () C:\ProgramData\Avira
2014-11-10 21:32 - 2014-11-10 21:34 - 00000000 ____D () C:\Program Files (x86)\Avira
2014-11-10 21:32 - 2014-11-10 21:32 - 00001143 _____ () C:\Users\Public\Desktop\Avira.lnk
2014-11-10 21:31 - 2014-11-10 21:31 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\Mandy\Downloads\avira_de_av___ws(1).exe
2014-11-10 21:19 - 2014-11-10 21:19 - 00018849 _____ () C:\ComboFix.txt
2014-11-10 20:54 - 2014-11-10 21:19 - 00000000 ____D () C:\Qoobox
2014-11-10 20:54 - 2011-06-26 07:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-11-10 20:54 - 2010-11-07 18:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-11-10 20:54 - 2009-04-20 05:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-11-10 20:54 - 2000-08-31 01:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-11-10 20:54 - 2000-08-31 01:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-11-10 20:54 - 2000-08-31 01:00 - 00098816 _____ () C:\Windows\sed.exe
2014-11-10 20:54 - 2000-08-31 01:00 - 00080412 _____ () C:\Windows\grep.exe
2014-11-10 20:54 - 2000-08-31 01:00 - 00068096 _____ () C:\Windows\zip.exe
2014-11-10 20:53 - 2014-11-10 21:16 - 00000000 ____D () C:\Windows\erdnt
2014-11-09 12:41 - 2014-11-09 12:41 - 00000000 ____D () C:\Users\Mandy\Desktop\Report TDSSKiller
2014-11-08 15:42 - 2014-11-13 15:40 - 00000000 ____D () C:\Users\Mandy\Desktop\trojanerHILFE
2014-11-08 15:42 - 2014-11-13 15:40 - 00000000 ____D () C:\FRST
2014-11-08 01:54 - 2014-11-08 01:54 - 00000000 ____D () C:\ProgramData\EA Core
2014-11-08 01:53 - 2014-11-08 02:04 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-11-08 01:53 - 2014-11-08 01:53 - 00000630 _____ () C:\Users\Public\Desktop\EA Download Manager.lnk
2014-11-08 01:53 - 2014-11-08 01:53 - 00000000 ____D () C:\Users\Mandy\AppData\Local\Electronic Arts
2014-11-08 01:53 - 2014-11-08 01:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-11-08 01:53 - 2014-11-08 01:53 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-11-08 00:46 - 2014-11-08 00:46 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-11-07 22:33 - 2014-11-07 22:35 - 00000000 ____D () C:\Users\Mandy\AppData\Local\AviraSpeedup
2014-11-07 19:56 - 2014-11-07 19:57 - 00000000 ____D () C:\ProgramData\Oracle
2014-11-07 19:56 - 2014-11-07 19:56 - 00000000 ____D () C:\ProgramData\Sun
2014-11-07 19:56 - 2014-11-07 19:56 - 00000000 ____D () C:\Program Files (x86)\Java
2014-11-07 19:54 - 2014-11-07 19:54 - 00638888 _____ (Oracle Corporation) C:\Users\Mandy\Desktop\jxpiinstall.exe
2014-11-07 19:33 - 2014-11-07 19:33 - 04583464 _____ (Avira Operations GmbH & Co. KG) C:\Users\Mandy\Downloads\avira_de_av___ws.exe
2014-11-07 19:10 - 2014-11-07 19:11 - 00854448 _____ () C:\Users\Mandy\Desktop\SecurityCheck.exe
2014-11-07 16:12 - 2014-11-07 16:12 - 00000000 __SHD () C:\Users\Mandy\AppData\Local\EmieUserList
2014-11-07 16:12 - 2014-11-07 16:12 - 00000000 __SHD () C:\Users\Mandy\AppData\Local\EmieSiteList
2014-11-07 16:05 - 2014-11-07 16:05 - 02347384 _____ (ESET) C:\Users\Mandy\Downloads\esetsmartinstaller_deu.exe
2014-11-07 15:00 - 2014-11-07 15:27 - 00002562 _____ () C:\Windows\diagwrn.xml
2014-11-07 15:00 - 2014-11-07 15:27 - 00001908 _____ () C:\Windows\diagerr.xml
2014-11-03 17:23 - 2014-11-03 17:23 - 00000000 ____D () C:\Users\Mandy\AppData\Local\Skyrim
2014-11-03 17:22 - 2014-11-08 00:46 - 00034988 _____ () C:\Windows\DirectX.log
2014-10-29 16:55 - 2014-11-12 20:42 - 00000000 ____D () C:\Users\Mandy\Desktop\Soziologie
2014-10-26 16:20 - 2014-10-26 16:20 - 00000000 ____D () C:\ProgramData\Hewlett-Packard
2014-10-22 13:48 - 2014-10-22 13:48 - 00381511 _____ () C:\Users\Mandy\Desktop\Medien Propaganda, meinungsäußerung.php
2014-10-15 21:10 - 2014-08-19 04:11 - 00693176 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-10-15 21:10 - 2014-08-19 04:10 - 00616352 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-10-15 21:10 - 2014-08-19 04:08 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2014-10-15 21:10 - 2014-08-19 04:08 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2014-10-15 21:10 - 2014-08-19 04:08 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2014-10-15 21:10 - 2014-08-19 04:07 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2014-10-15 21:10 - 2014-08-19 04:07 - 00146944 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2014-10-15 21:10 - 2014-08-19 04:07 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2014-10-15 21:10 - 2014-08-19 04:07 - 00032256 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2014-10-15 21:10 - 2014-08-19 04:07 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2014-10-15 21:10 - 2014-08-19 03:41 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2014-10-15 21:10 - 2014-08-19 03:41 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2014-10-15 21:10 - 2014-08-19 03:06 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-10-15 21:10 - 2014-07-07 03:07 - 14632960 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-10-15 21:10 - 2014-07-07 03:07 - 00782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2014-10-15 21:10 - 2014-07-07 03:07 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 05551032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-10-15 21:10 - 2014-07-07 03:06 - 04120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 01574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 01202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 01069056 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00187904 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00082432 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-10-15 21:10 - 2014-07-07 03:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-10-15 21:10 - 2014-07-07 03:06 - 00009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2014-10-15 21:10 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2014-10-15 21:10 - 2014-07-07 03:06 - 00005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2014-10-15 21:10 - 2014-07-07 03:05 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-10-15 21:10 - 2014-07-07 03:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-10-15 21:10 - 2014-07-07 02:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2014-10-15 21:10 - 2014-07-07 02:40 - 11411456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 03208704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 01329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 01005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2014-10-15 21:10 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2014-10-15 21:10 - 2014-07-07 02:40 - 00004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2014-10-15 21:10 - 2014-07-07 02:39 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-10-15 21:10 - 2014-07-07 02:39 - 03970488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-10-15 21:10 - 2014-07-07 02:39 - 03914680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-10-15 21:10 - 2014-07-07 02:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-10-15 21:10 - 2014-07-07 02:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-10-15 21:10 - 2014-07-07 02:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-10-15 21:10 - 2014-06-28 01:21 - 00619056 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-10-15 21:10 - 2014-06-28 01:21 - 00532176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-10-15 21:10 - 2014-06-28 01:21 - 00457400 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 01943696 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dfshim.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscorier.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 00156312 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscories.dll
2014-10-15 21:10 - 2014-06-18 23:23 - 00073880 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll
2014-10-15 21:07 - 2014-09-04 06:23 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-10-15 21:07 - 2014-09-04 06:04 - 00372736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-10-15 21:07 - 2014-08-29 03:07 - 05780480 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-10-15 21:07 - 2014-08-29 03:07 - 03179520 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-10-15 21:07 - 2014-08-29 03:07 - 00322560 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2014-10-15 21:07 - 2014-08-29 03:07 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-10-15 21:07 - 2014-08-29 03:06 - 01125888 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-10-15 21:07 - 2014-08-29 02:44 - 04922368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-10-15 21:07 - 2014-08-29 02:44 - 01050112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-10-15 21:07 - 2014-08-29 02:44 - 00269312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2014-10-15 21:07 - 2014-08-29 02:44 - 00037376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-10-15 21:06 - 2014-07-17 03:07 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-10-15 21:06 - 2014-07-17 03:07 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll
2014-10-15 21:06 - 2014-07-17 03:07 - 00150528 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll
2014-10-15 21:06 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winsta.dll
2014-10-15 21:06 - 2014-07-17 02:21 - 00212480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys
2014-10-15 21:06 - 2014-07-17 02:21 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-10-15 08:40 - 2014-11-03 16:07 - 00000000 ____D () C:\Users\Mandy\Desktop\Bestaetigung-Dateien

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-11-13 15:25 - 2014-04-17 09:45 - 00000884 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-13 14:23 - 2014-02-01 11:00 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9A2FC46C-DD34-4E4E-B60D-48EAD0A09815}
2014-11-13 13:30 - 2009-07-14 18:58 - 00847010 _____ () C:\Windows\system32\perfh007.dat
2014-11-13 13:30 - 2009-07-14 18:58 - 00196590 _____ () C:\Windows\system32\perfc007.dat
2014-11-13 13:30 - 2009-07-14 06:13 - 00006220 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-13 12:30 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-11-13 11:32 - 2009-07-14 05:45 - 00023696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-13 11:32 - 2009-07-14 05:45 - 00023696 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-13 11:21 - 2014-01-31 14:10 - 01938952 _____ () C:\Windows\WindowsUpdate.log
2014-11-13 11:20 - 2014-09-14 19:50 - 00000000 ____D () C:\Users\Mandy\Desktop\Ordner
2014-11-13 11:20 - 2014-01-31 18:18 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-11-13 11:19 - 2014-02-01 18:38 - 00000000 ____D () C:\ProgramData\Skype
2014-11-13 11:15 - 2014-07-14 17:47 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-13 11:11 - 2014-02-19 18:44 - 00002373 _____ () C:\Windows\setupact.log
2014-11-13 11:11 - 2014-02-19 18:43 - 04973784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-13 11:11 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-13 11:09 - 2014-08-15 12:06 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-11-13 11:08 - 2014-02-19 18:43 - 00424384 _____ () C:\Windows\PFRO.log
2014-11-13 02:25 - 2014-02-01 12:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-13 02:23 - 2014-02-01 12:15 - 103374192 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-12 16:25 - 2014-04-17 09:45 - 00003822 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-12 16:25 - 2014-02-01 17:35 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-12 16:25 - 2014-02-01 17:35 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-12 15:32 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Web
2014-11-11 17:39 - 2014-02-01 17:26 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-11-10 21:32 - 2014-02-07 19:17 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-10 21:15 - 2009-07-14 03:34 - 00000215 _____ () C:\Windows\system.ini
2014-11-10 21:14 - 2014-01-31 14:13 - 00000000 ____D () C:\Users\Mandy
2014-11-08 23:00 - 2014-09-13 17:49 - 00001392 _____ () C:\Users\Mandy\Documents\TombRaider.log
2014-11-08 02:04 - 2014-02-01 18:27 - 00000000 ____D () C:\Users\Mandy\Documents\My Games
2014-11-08 01:54 - 2014-01-31 14:13 - 00000000 ____D () C:\Users\Mandy\AppData\Local\VirtualStore
2014-11-08 01:05 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-11-07 15:00 - 2014-02-19 18:44 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-07 14:53 - 2009-07-14 06:08 - 00032640 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-11-05 12:18 - 2014-05-10 16:29 - 00257938 _____ () C:\Windows\DPINST.LOG
2014-11-05 12:15 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-10-30 19:49 - 2014-02-01 17:56 - 00000000 ____D () C:\Users\Mandy\AppData\Roaming\vlc
2014-10-29 10:01 - 2014-04-17 09:37 - 00000000 ____D () C:\Users\Mandy\AppData\Roaming\Audacity
2014-10-26 19:09 - 2014-02-01 17:31 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-10-24 07:41 - 2009-07-14 06:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-10-16 13:29 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-10-16 13:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-10-16 13:25 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-10-15 08:59 - 2014-02-01 17:31 - 00000000 ____D () C:\ProgramData\Adobe

Files to move or delete:
====================
C:\Users\Mandy\BlackBerryLink.AutoUpdate.exe
C:\Users\Mandy\BlackBerryLink.exe
C:\Users\Mandy\BlackBerryLink.Helper.exe
C:\Users\Mandy\log4net.dll
C:\Users\Mandy\Microsoft.Practices.Prism.dll
C:\Users\Mandy\Microsoft.Practices.Prism.Interactivity.dll
C:\Users\Mandy\Microsoft.Practices.Prism.MefExtensions.dll
C:\Users\Mandy\Microsoft.Practices.Prism.UnityExtensions.dll
C:\Users\Mandy\Microsoft.Practices.ServiceLocation.dll
C:\Users\Mandy\Microsoft.Practices.Unity.dll
C:\Users\Mandy\Microsoft.Windows.Shell.dll
C:\Users\Mandy\MSOE.Interactions.dll
C:\Users\Mandy\MSOl.Interactions.dll
C:\Users\Mandy\Rim.Common.Filesystem.dll
C:\Users\Mandy\Rim.Common.Utilities.dll
C:\Users\Mandy\Rim.Desktop.AutoUpdate.dll
C:\Users\Mandy\Rim.Desktop.AutoUpdate.UpgradeXMLParser.dll
C:\Users\Mandy\Rim.Desktop.AutoUpdate.Utilities.dll
C:\Users\Mandy\Rim.Desktop.Common.dll
C:\Users\Mandy\Rim.Desktop.DiagnosticsReport.exe
C:\Users\Mandy\Rim.Desktop.Services.Common.dll
C:\Users\Mandy\Rim.Desktop.Services.Configuration.dll
C:\Users\Mandy\Rim.Desktop.Services.Device.HttpControlChannel.dll
C:\Users\Mandy\Rim.Desktop.Services.Interfaces.dll
C:\Users\Mandy\Rim.Desktop.Services.Logging.dll
C:\Users\Mandy\Rim.Desktop.Services.Native.dll
C:\Users\Mandy\Rim.Desktop.Services.Tasks.dll
C:\Users\Mandy\Rim.Desktop.Services.WindowState.dll
C:\Users\Mandy\Rim.Desktop.Themes.dll
C:\Users\Mandy\Rim.DesktopHelper.common.dll
C:\Users\Mandy\rMSOEDE.dll
C:\Users\Mandy\rMSOLDE.dll
C:\Users\Mandy\rWinVistaDE.dll
C:\Users\Mandy\SyncApi.Configuration.dll
C:\Users\Mandy\SyncApi.dll
C:\Users\Mandy\SyncApi.MSOE.dll
C:\Users\Mandy\SyncApi.MSOL.dll
C:\Users\Mandy\SyncApi.WinVista.dll
C:\Users\Mandy\System.Windows.Interactivity.dll
C:\Users\Mandy\WinVista.Interactions.dll
C:\Users\Mandy\XCPCSYNCLib.dll


Some content of TEMP:
====================
C:\Users\Mandy\AppData\Local\Temp\avgnt.exe
C:\Users\Mandy\AppData\Local\Temp\Quarantine.exe
C:\Users\Mandy\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-11-05 22:11

==================== End Of Log ============================
         
--- --- ---


Hätte ich per Mail keine Nachricht bekommen, dass mein Laptop von einem Trojaner befallen ist, hätte ich das nie gemerkt... ist er jetzt weg? ^^

Alt 14.11.2014, 07:24   #14
schrauber
/// the machine
/// TB-Ausbilder
 

TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



Fertig

Die Reihenfolge ist hier entscheidend.
  1. Falls Defogger benutzt wurde: Defogger nochmal starten und auf re-enable klicken.
  2. Falls Combofix benutzt wurde: (Alternativ in uninstall.exe umbenennen und starten)
    • Windowstaste + R > Combofix /Uninstall (eingeben) > OK
    • Alternative: Combofix.exe in uninstall.exe umbenennen und starten
    • Combofix wird jetzt starten, sich evtl updaten und dann alle Reste von sich selbst entfernen.
  3. Downloade Dir bitte auf jeden Fall DelFix Download DelFix auf deinen Desktop:
    • Schließe alle offenen Programme.
    • Starte die delfix.exe mit einem Doppelklick.
    • Setze vor jede Funktion ein Häkchen.
    • Klicke auf Start.
    • Hinweis: DelFix entfernt u. a. alle verwendeten Programme, die Quarantäne unserer Scanner, den Java-Cache und löscht sich abschließend selbst.
    • Starte deinen Rechner abschließend neu.
  4. Sollten jetzt noch Programme aus unserer Bereinigung übrig sein kannst du sie bedenkenlos löschen.



Falls Du Lob oder Kritik abgeben möchtest kannst Du das hier tun

Hier noch ein paar Tipps zur Absicherung deines Systems.


Ich kann garnicht zu oft erwähnen, wie wichtig es ist, dass dein System Up to Date ist.
  • Bitte überprüfe ob dein System Windows Updates automatisch herunter lädt
  • Windows Updates
    • Windows XP: Start --> Systemsteuerung --> Doppelklick auf Automatische Updates
    • Windows Vista / 7: Start --> Systemsteuerung --> System und Sicherheit --> Automatische Updates aktivieren oder deaktivieren
  • Gehe sicher das die automatischen Updates aktiviert sind.
  • Software Updates
    Installierte Software kann ebenfalls Sicherheitslücken haben, welche Malware nutzen kann, um dein System zu infizieren.
    Um deine Installierte Software up to date zu halten, empfehle ich dir Secunia Online Software.


Anti- Viren Software
  • Gehe sicher immer eine Anti Viren Software installiert zu haben und das diese auch up to date ist. Es ist nämlich nutzlos wenn diese out of date sind.


Zusätzlicher Schutz
  • MalwareBytes Anti Malware
    Dies ist eines der besten Anti-Malware Tools auf dem Markt. Es ist ein On- Demond Scan Tool welches viele aktuelle Malware erkennt und auch entfernt.
    Update das Tool und lass es einmal in der Woche laufen. Die Kaufversion biete zudem noch einen Hintergrundwächter.
    Ein Tutorial zur Verwendung findest Du hier.
  • WinPatrol
    Diese Software macht einen Snapshot deines Systems und warnt dich vor eventuellen Änderungen. Downloade dir die Freeware Version von hier.


Sicheres Browsen
  • SpywareBlaster
    Eine kurze Einführung findest du Hier
  • MVPs hosts file
    Ein Tutorial findest Du hier. Leider habe ich bis jetzt kein deutschsprachiges gefunden.
  • WOT (Web of trust)
    Dieses AddOn warnt Dich bevor Du eine als schädlich gemeldete Seite besuchst.


Alternative Browser

Andere Browser tendieren zu etwas mehr Sicherheit als der IE, da diese keine Active X Elemente verwenden. Diese können von Spyware zur Infektion deines Systems missbraucht werden.
  • Opera
  • Mozilla Firefox.
    • Hinweis: Für diesen Browser habe ich hier ein paar nützliche Add Ons
    • NoScript
      Dieses AddOn blockt JavaScript, Java and Flash und andere Plugins. Sie werden nur dann ausgeführt wenn Du es bestätigst.
    • AdblockPlus
      Dieses AddOn blockt die meisten Werbung von selbst. Ein Rechtsklick auf den Banner um diesen zu AdBlockPlus hinzu zu fügen reicht und dieser wird nicht mehr geladen.
      Es spart ausserdem Downloadkapazität.

Performance
Bereinige regelmäßig deine Temp Files. Ich empfehle hierzu TFC
Halte dich fern von jedlichen Registry Cleanern.
Diese Schaden deinem System mehr als sie helfen. Hier ein paar ( englishe ) Links
Miekemoes Blogspot ( MVP )
Bill Castner ( MVP )



Don'ts
  • Klicke nicht auf alles nur weil es Dich dazu auffordert und schön bunt ist.
  • verwende keine peer to peer oder Filesharing Software (Emule, uTorrent,..)
  • Lass die Finger von Cracks, Keygens, Serials oder anderer illegaler Software.
  • Öffne keine Anhänge von Dir nicht bekannten Emails. Achte vor allem auf die Dateiendung wie zb deinFoto.jpg.exe
Nun bleibt mir nur noch dir viel Spass beim sicheren Surfen zu wünschen.

Hinweis: Bitte gib mir eine kurze Rückmeldung wenn alles erledigt ist und keine Fragen mehr vorhanden sind, so das ich diesen Thread aus meinen Abos löschen kann.
__________________
gruß,
schrauber

Proud Member of UNITE and ASAP since 2009

Spenden
Anleitungen und Hilfestellungen
Trojaner-Board Facebook-Seite

Keine Hilfestellung via PM!

Alt 16.11.2014, 20:40   #15
Sil@s
 
TROJAN DNS Reply Sinkhole - Anubis - - Standard

TROJAN DNS Reply Sinkhole - Anubis -



Hallo
ich habe combofix umbenannt, dann hat es ein update gemacht, dann allerdings einen weiteren logfile nach dem Neustart "ausgespuckt". Das Programm ist auch noch immer auf meinem Desktop... ist das so richtig? o.O

Antwort

Themen zu TROJAN DNS Reply Sinkhole - Anubis -
anbieter, bieter, conduit search, conduit search entfernen, conduit.search, conduit.search entfernen, dns, fehlercode 0x5, fehlercode 0xc0000005, fehlercode windows, helfer, hilfe, laptop, liebe, mail, pup.optional.clientconnect, pup.optional.conduit.a, pup.optional.sweetim.a, reply, sinkhole, troja, trojan, trojaner, win32/clientconnect.a, win32/conduit.searchprotect.q



Ähnliche Themen: TROJAN DNS Reply Sinkhole - Anubis -


  1. Brief von Telekom-Abuse-Team (Sinkhole)
    Log-Analyse und Auswertung - 01.07.2015 (7)
  2. Telekom meldet: Sinkhole kontaktiert ohne weitere Details zu benennen
    Log-Analyse und Auswertung - 27.02.2015 (16)
  3. T-Online schickt Abuse-Mail (Sinkhole) ohne Informationen + ich finde nur Adware
    Plagegeister aller Art und deren Bekämpfung - 24.02.2015 (26)
  4. Windows 7 - Verdacht auf Botnet/Sinkhole Kontakt
    Log-Analyse und Auswertung - 11.01.2015 (24)
  5. TROJAN DNS Reply Sinkhole - Anubis -
    Plagegeister aller Art und deren Bekämpfung - 28.09.2014 (15)
  6. Sinkhole - Kontakt von meinem Rechner
    Log-Analyse und Auswertung - 17.10.2013 (14)
  7. Abuse von Telekom (openresolvers oder sinkhole)
    Plagegeister aller Art und deren Bekämpfung - 19.07.2013 (5)
  8. Telekom schickt abuse Brief (Sinkhole)
    Log-Analyse und Auswertung - 06.07.2013 (36)
  9. Die Telekom sagt mein System gehöre zu einem Sinkhole Netzwerk
    Log-Analyse und Auswertung - 08.07.2011 (43)
  10. Mails, Server, Adressen, Reply
    Alles rund um Windows - 03.02.2003 (0)

Zum Thema TROJAN DNS Reply Sinkhole - Anubis - - Hallo liebe Helfer, ich nutze Windowas 7 und mein Laptop ist von einem Trojaner befallen. Per Mail wurde mir dies über den Anbieter gigaspeed mitgeteilt. Was kann ich tun, um - TROJAN DNS Reply Sinkhole - Anubis -...
Archiv
Du betrachtest: TROJAN DNS Reply Sinkhole - Anubis - auf Trojaner-Board

Search Engine Optimization by vBSEO ©2011, Crawlability, Inc.